uznayvse.ru Open in urlscan Pro
188.127.229.152 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://uznayvse.ru/
Effective URL:
https://uznayvse.ru/
Submission: On December 05 via api (December 5th 2023, 6:33:45 pm UTC) from US — Scanned from DE

Summary HTTP 87 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 87 HTTP transactions. The main IP is 188.127.229.152, located in Estonia and belongs to SMARTAPE, RU. The main domain is uznayvse.ru. The Cisco Umbrella rank of the primary domain is 849523.
TLS certificate: Issued by R3 on November 1st 2023. Valid for: 3 months.

This is the only time uznayvse.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	188.127.229.152 188.127.229.152	56694 (SMARTAPE) (SMARTAPE)
4	152.89.217.46 152.89.217.46	56694 (SMARTAPE) (SMARTAPE)
14	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3 17	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	() ()
3	2a00:1450:400... 2a00:1450:4001:830::2003	() ()
87	11

16 188.127.229.152 (Estonia) 1 redirects

ASN56694 (SMARTAPE, RU)
PTR: s258410.srvape.com

uznayvse.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.89.217.46 (Estonia)

ASN56694 (SMARTAPE, RU)
PTR: s258384.srvape.com

images.uznayvse.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	675 KB
20	uznayvse.ru 1 redirects uznayvse.ru — Cisco Umbrella Rank: 849523 images.uznayvse.ru	626 KB
17	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	186 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
5	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
3	gstatic.com www.gstatic.com	17 KB
2	googleapis.com fonts.googleapis.com	2 KB
87	8

	Domain	Requested by
24	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
17	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
16	uznayvse.ru	1 redirects uznayvse.ru
14	pagead2.googlesyndication.com	uznayvse.ru pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
6	www.googleadservices.com	googleads.g.doubleclick.net
5	www.google.com	4 redirects tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	images.uznayvse.ru	uznayvse.ru
3	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
87	10

This site contains no links.

Subject Issuer	Validity	Valid
uznayvse.ru R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
images.uznayvse.ru R3	`2023-11-15` - `2024-02-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://uznayvse.ru/
Frame ID: E62CF54CCBBA1F3429C5A915E88258FF
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: B921DA3B8B6DD392DB7909CB83F91C9F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&h=600&slotname=3227849016&adk=43929877&adf=1826040728&pi=t.ma~as.3227849016&w=300&lmt=1701801062&format=300x600&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223096&bpp=2&bdt=3050&idt=312&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=3727117620526&frm=20&pv=2&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=319
Frame ID: 43C3ACB553C6119A6F2F323D63DFC86F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&h=250&slotname=1943843428&adk=1014720677&adf=2496506641&pi=t.ma~as.1943843428&w=300&lmt=1701801062&format=300x250&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223098&bpp=1&bdt=3052&idt=321&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=3727117620526&frm=20&pv=1&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=322
Frame ID: 457171F2AEA1016404CEF78067BD3051
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&h=600&slotname=5134203143&adk=1100931792&adf=401234076&pi=t.ma~as.5134203143&w=160&lmt=1701801062&format=160x600&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223099&bpp=1&bdt=3053&idt=323&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x250&correlator=3727117620526&frm=20&pv=1&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=324
Frame ID: AFDFE971B6DF84ABE98F0AC04CF58332
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&adk=2232986295&adf=1196094641&lmt=1701801062&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223115&bpp=3&bdt=3069&idt=309&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x250%2C160x600&nras=1&correlator=3727117620526&frm=20&pv=1&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=317
Frame ID: D8D5A1AE9977B52AFC0FB9DECEB614D0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D80420BC337EDFC1E6AF595746DD752
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 39445D6D5F0C60EFB6D5187A3E7D6D1A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8D6A75FD223AC2ACA852BA6605502FDE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 80292E9F175A594862093A998602D435
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3E4F2A468FB16C8F6941BC598F678AB6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 15551A36D7D1828C3114DBE03A1973AF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: C21B38757C13DFB48366E6A6D2F1C5A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: BE4FCC7168975E2C1337B75F4C038FA7
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 7AB06CDDDD06DF69E4DC5EC873F0691D
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 86982B2994502C12CC1446539283B1E4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4DD439DAFD41C16EFB3B4902AE2EA884
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 493475F2F9935484B8AB276DAEF64721
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Узнай Все. Новости дня, все главные Новости Дня за сегодня

Page URL History Show full URLs

http://uznayvse.ru/ HTTP 301
https://uznayvse.ru/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

87
Requests

97 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

11
IPs

3
Countries

1762 kB
Transfer

4307 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://uznayvse.ru/ HTTP 301
https://uznayvse.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 48

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 58

https://googleads.g.doubleclick.net/pagead/adview?ai=CLRWyB21vZZqPHpueiM0PltOJ0Afjoaa0dPr1lbyZEr_hHhABIOPxoxJgleKQgqAHoAGHg7_3A8gBAqgDAcgDyQSqBO4BT9CtFeWLt3I3SHBT_H0gV5jEwiWvzlo2cubDlQQcBCHlwz5yfqKLZNuZZk8nx2yTZLYXDH7xs3iNf0pk3DIt6kTQ0ZlYibgqScOXqQHUqLk9lmzmm7uXEdA3-QoefLJP691ojkv0XrjzvdOCQJkD0A4XMCBFgU43i-lAPslqolsXuhcGrmq4EhZcckRXrsYfN4ZzH5vj1k376I6o73Sw1mj3gZZkOpjSJGVMFz2Fc3Pl9-2ecv2k6Qn2zrAV5lCZJrTfPuc7ah9dbIlu6Z0uysKqZ2NEUz-pe-x8W3ck399NflV1CHvp_MSG390-j8AE5Zao07YEiAXF6eWbTJIFBAgEGAGSBQQIBRgEoAYCgAfx6fWGAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIr8BNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY8Ymey_f4ggOaCYYBaHR0cHM6Ly93d3cubGlnaHRpbnRoZWJveC5jb20vYy93b21lbi1zLXRvcHNfNDcxMj9wcm09MS4zLjU0LjAmdG9wX3BpZD05Njk4MjQ1LDk2NDg0NTMsOTM4ODU1NSw5NzE2MzA1LDk3MDU3MDMsOTcxNDk1NSw5NzE0OTQ4LDk3MDc4NjSACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAtgTDNAVAYAXAbIXHAoaCAASFHB1Yi05ODQ4OTMxNTcyMjE3NjI2GAA&sigh=SJDMU9SLwkU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNNza91d93Oebvdt-E-yGwJRSM7QtkQmJ6ioxF_BsahNeUD64wZ5jxlHUKdtQfMD2oDiOizHb6ePdN9sRgjtIYGJID-atBGOD3cMIYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22367719273597637700%22,%22debug_reporting%22:true,%22destination%22:%22https://lightinthebox.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221055900039%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221496408165227200369%22}&andc=true

Request Chain 60

https://googleads.g.doubleclick.net/pagead/adview?ai=C4LXXB21vZeWqHraTiM0PpJ21qAmS-Im_dOvsy5_vEfb5gNrDARABIOPxoxJgleKQgqAHoAGG19e9A8gBAqkC5jIXFrglsj6oAwHIA8mEgIAEqgTtAU_QAhvgDh7aMrGfFj6TGoTzuJUjWRgo7eXxqDuR8y3g4y-PBRoGhKU59awHA2WBnvUMXr77E5xpKJWUZHVIerZOLUE-QB6gpslChCTgWfmPjqB_08PyHeBxWbikxHL8Cd56gbV_kvV741fWl0zEwzvGugZcoTpqcMRIedaNemAhlQ54gbg3uLAg30zQxxeGs4GkRnZ50VozWA8agew8n4HVAiGQGFNZkxcYqGqM_EXootcPqaA2tJNZoSIPtYGgrhHaGBjdaszmgUupaSJ2G9sjO_PpXnj4fhb3_5gNgtIZFGJRBhy5_Q3oMK4YwsAE94_R8LYEiAXH76_ITJIFBAgEGAGSBQQIBRgEoAYCgAfiqKhCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ6_QI0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlijpp7L9_iCA5oJPGh0dHBzOi8vd3d3LmxpbGllbnRoYWwuYmVybGluL2MwMS0wMjgtYjA0NGliP3ZvdWNoZXI9c3BlY2lhbIAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEw3QFQGAFwGyFxwKGggAEhRwdWItOTg0ODkzMTU3MjIxNzYyNhgA&sigh=6EkIR61-1ZA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNHaPnrA-9z0NGLRxuDzG6GDXKMolIBt8aGOeRsiJom7jh2phAudoHr4ZE4E7BcLr5pDrEcwrtCzsO6JnZR5xgx-Tcuj9fAhk7sBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210147335068967231486%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229345651478667413377%22}&andc=true

Request Chain 63

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 64

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs-qfB21vZeyKHvqWiM0PhMqxwAOZ1PrRdPvjwquZEqq4i5btDhABIOPxoxJgleKQgqAHoAHSn6LmKMgBAqkCzZyCYWQ1XT6oAwHIA8kEqgTxAU_Q-nZIZPJ-5V--oDK55br-Rl73zAosbrlfQQaoxsnFoyKJ8vTR1vpfvSiz2by1HsCueUbaxhyqypqHXCgoROxMT5aXG_xJb94JN4u9NI8s5Av7vgWthlI_fnUQNc_3KX17iwRpU__MfMrRzh2Czk7agml1ZrpTc2hi4bcdstJleiLSH6rAiyhzOQPFM4I1s3X7zm6pyMxoTX-jqPSHA1Rtnrj74i0MC3UvkvuHlDRQDzZlQEKkBZBkDfMAKcXHDmNT3hPOvL8QKw9gaRPzBvqUOdOo53PEUOv_uW6chcCo1roFrKHCRqD3XNS9KlF7QBvABMSkzprJBIgFh924zE2gBgKAB9LX8sUDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQkN4D0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj2i57L9_iCA5oJIWh0dHBzOi8vc3BlZWNoLW1vbml0b3IudWkub3JnLnVhL4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAtgTA9AVAYAXAbIXHAoaCAASFHB1Yi05ODQ4OTMxNTcyMjE3NjI2GAA&sigh=CRjx7h0iVZ4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNxJ0LIxxKP_W3kgffx_SIjjRKCnIPvF3ZQkbSZYnIISVtpHHD-K6bPIOOUYemcqtGiHyFsV7O64akxKEpGV-eg0hzaMEakxu6IFYYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229062680435588949679%22,%22debug_reporting%22:true,%22destination%22:%22https://ui.org.ua%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210951888850%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215292716563307079553%22}&andc=true

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

87 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
uznayvse.ru/
Redirect Chain

http://uznayvse.ru/
https://uznayvse.ru/

115 KB
22 KB

206ms
47ms

Document
text/html

188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: 8b531a325ad70b125dcf1a0b60a7bfcd883a8ecad8531fea1b5f1e57d2a9feb8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 156
content-encoding: gzip
content-length: 22343
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 18:30:59 GMT
last-modified: Tue, 05 Dec 2023 18:31:02 GMT
link: </js/app219.js?1701165897>; rel=preload; as=script <//www.googletagmanager.com>; rel=preconnect <//www.google-analytics.com>; rel=preconnect </js/app219.js?1701165897>; rel=preload; as=script <//www.googletagmanager.com>; rel=preconnect <//www.google-analytics.com>; rel=preconnect
vary: Accept-Encoding
wsr-cache: HIT 2 (347)

Redirect headers

content-length: 0
location: https://uznayvse.ru/

GET
H2 200 app219.js Show response
uznayvse.ru/js/ 235 KB
68 KB 54ms
53ms Script
application/x-javascript 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://uznayvse.ru/js/app219.js?1701165897
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: 9eb9c1ba570d88552bec9b3e09a9c47378829be972a29ab75f378a03f37e9050

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:28:40 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 10:04:57 GMT
age: 296
etag: W/"6565bb49-3ad86"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800, stale-while-revalidate=120960, stale-if-error=1209600
accept-ranges: bytes
wsr-cache: HIT 350 (347)
content-length: 69381
expires: Tue, 12 Dec 2023 18:31:43 GMT

GET
H2 200 bootstrap.min.css
uznayvse.ru/css/ 126 KB
23 KB 121ms
121ms Stylesheet
text/css 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://uznayvse.ru/css/bootstrap.min.css?1700816857
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: 6a4a1be620526ad0519e4a2758050bf473bff9119ef4acf39aad150426e22c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:29:05 GMT
content-encoding: gzip
last-modified: Fri, 24 Nov 2023 09:07:37 GMT
age: 271
etag: W/"656067d9-1f693"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800, stale-while-revalidate=120960, stale-if-error=1209600
accept-ranges: bytes
wsr-cache: HIT 344 (348)
content-length: 23448
expires: Tue, 12 Dec 2023 18:31:40 GMT

GET
H2 200 sprite.svg
uznayvse.ru/images/svg/ 96 KB
36 KB 116ms
116ms Image
image/svg+xml 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uznayvse.ru/images/svg/sprite.svg
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: c9f9805a8d45f3263c36742c54d2566e5b07f1faba610885bd442a46cd63924d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:30:21 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2022 09:35:32 GMT
age: 64998
etag: W/"627e2664-18096"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 318730 (348)
content-length: 36195
expires: Thu, 04 Dec 2025 00:30:21 GMT

GET
H2 200 sprite.svg
uznayvse.ru/images/svg/ 96 KB
36 KB 131ms
131ms Other
image/svg+xml 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://uznayvse.ru/images/svg/sprite.svg
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: c9f9805a8d45f3263c36742c54d2566e5b07f1faba610885bd442a46cd63924d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:30:21 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2022 09:35:32 GMT
age: 64998
etag: W/"627e2664-18096"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 318731 (348)
content-length: 36195
expires: Thu, 04 Dec 2025 00:30:21 GMT

GET
H2 200 sprite.svg
uznayvse.ru/images/svg/ 96 KB
36 KB 182ms
182ms Image
image/svg+xml 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uznayvse.ru/images/svg/sprite.svg
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: c9f9805a8d45f3263c36742c54d2566e5b07f1faba610885bd442a46cd63924d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:30:21 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2022 09:35:32 GMT
age: 64998
etag: W/"627e2664-18096"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 318732 (348)
content-length: 36195
expires: Thu, 04 Dec 2025 00:30:21 GMT

GET
H2 200 sprite.svg
uznayvse.ru/images/svg/ 96 KB
36 KB 160ms
160ms Other
image/svg+xml 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://uznayvse.ru/images/svg/sprite.svg
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: c9f9805a8d45f3263c36742c54d2566e5b07f1faba610885bd442a46cd63924d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:30:21 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2022 09:35:32 GMT
age: 64998
etag: W/"627e2664-18096"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 318733 (348)
content-length: 36195
expires: Thu, 04 Dec 2025 00:30:21 GMT

GET
H2 200 sprite.svg
uznayvse.ru/images/svg/ 96 KB
36 KB 153ms
153ms Image
image/svg+xml 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uznayvse.ru/images/svg/sprite.svg
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: c9f9805a8d45f3263c36742c54d2566e5b07f1faba610885bd442a46cd63924d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:30:21 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2022 09:35:32 GMT
age: 64998
etag: W/"627e2664-18096"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 318734 (348)
content-length: 36195
expires: Thu, 04 Dec 2025 00:30:21 GMT

GET
H2 200 sprite.svg
uznayvse.ru/images/svg/ 96 KB
36 KB 187ms
186ms Other
image/svg+xml 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://uznayvse.ru/images/svg/sprite.svg
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: c9f9805a8d45f3263c36742c54d2566e5b07f1faba610885bd442a46cd63924d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:30:21 GMT
content-encoding: gzip
last-modified: Fri, 13 May 2022 09:35:32 GMT
age: 64998
etag: W/"627e2664-18096"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 318735 (348)
content-length: 36195
expires: Thu, 04 Dec 2025 00:30:21 GMT

GET
H2 200 1.json Show response
uznayvse.ru/storage2/promo/ 6 KB
3 KB 105ms
105ms Fetch
application/json 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://uznayvse.ru/storage2/promo/1.json
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/js/app219.js?1701165897
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: fc953180d3fad5b65e11e72b9361c8c94a719121bc1f68db6d06b066d8aed6da

Request headers

accept: application/json
Referer: https://uznayvse.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:30:40 GMT
content-encoding: gzip
last-modified: Tue, 05 Dec 2023 18:30:43 GMT
age: 176
vary: Accept-Encoding
content-type: application/json;charset=utf-8
accept-ranges: bytes
wsr-cache: HIT 711 (346)
content-length: 2363
link: </js/app219.js?1701165897>; rel=preload; as=script, <//www.googletagmanager.com>; rel=preconnect, <//www.google-analytics.com>; rel=preconnect, </js/app219.js?1701165897>; rel=preload; as=script, <//www.googletagmanager.com>; rel=preconnect, <//www.google-analytics.com>; rel=preconnect

GET
H2 200 1.json Show response
uznayvse.ru/storage2/photolist/ 34 KB
7 KB 104ms
104ms Fetch
application/json 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://uznayvse.ru/storage2/photolist/1.json
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/js/app219.js?1701165897
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: 152166574aac4154ce82999204915174e6736279b9a866f2812c4f85db9d3234

Request headers

accept: application/json
Referer: https://uznayvse.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:30:40 GMT
content-encoding: gzip
last-modified: Tue, 05 Dec 2023 18:30:43 GMT
age: 176
vary: Accept-Encoding
content-type: application/json
accept-ranges: bytes
wsr-cache: HIT 698 (347)
content-length: 7034
link: </js/app219.js?1701165897>; rel=preload; as=script, <//www.googletagmanager.com>; rel=preconnect, <//www.google-analytics.com>; rel=preconnect, </js/app219.js?1701165897>; rel=preload; as=script, <//www.googletagmanager.com>; rel=preconnect, <//www.google-analytics.com>; rel=preconnect

GET
H2 200 / Show response
uznayvse.ru/ajax/geo_detect/ 24 B
139 B 109ms
108ms Fetch
application/json 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://uznayvse.ru/ajax/geo_detect/
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/js/app219.js?1701165897
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: b1de6ce56bc382c52bc442bf7e6b850ec044acd5483beacda824ee4e8472577d

Request headers

accept: application/json
Referer: https://uznayvse.ru/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:37 GMT
content-encoding: gzip
content-type: application/json;charset=utf-8

GET
H2 200 olga-the-sun-nikolaeva-then-and-now_54.jpg
images.uznayvse.ru/960x540/p/images/content/2023/12/4/ 72 KB
72 KB 460ms
178ms Image
image/jpeg 152.89.217.46
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.uznayvse.ru/960x540/p/images/content/2023/12/4/olga-the-sun-nikolaeva-then-and-now_54.jpg
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.217.46 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258384.srvape.com
Software: /
Resource Hash: 65b30e525ffccb424a6bd03ed04ed4c49183c994862e3bb1379e8e400aedad4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:32:17 GMT
x-original-content-length: 75157
last-modified: Tue, 05 Dec 2023 10:32:18 GMT
age: 28881
content-type: image/jpeg
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
content-disposition: inline; filename="olga-the-sun-nikolaeva-then-and-now_54.jpg"
accept-ranges: bytes
wsr-cache: HIT 631 (348)
content-length: 73543
x-request-id: qS3P5xW7EvPmsQCtVoAss
expires: Thu, 04 Dec 2025 10:32:23 GMT

GET
H2 200 tatyana-vladimirova-died-after-a-long-illness_23.jpg
images.uznayvse.ru/960x540/p/images/content/2023/12/5/ 42 KB
43 KB 473ms
190ms Image
image/jpeg 152.89.217.46
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.uznayvse.ru/960x540/p/images/content/2023/12/5/tatyana-vladimirova-died-after-a-long-illness_23.jpg
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.217.46 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258384.srvape.com
Software: /
Resource Hash: 68317ce5ba4cf093465be338e82923c7d342a5a8238ff9f57ad38602d1e4c6f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:40:03 GMT
last-modified: Tue, 05 Dec 2023 12:40:03 GMT
age: 21216
content-type: image/jpeg
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
content-disposition: inline; filename="tatyana-vladimirova-died-after-a-long-illness_23.jpg"
accept-ranges: bytes
wsr-cache: HIT 448 (347)
content-length: 43368
x-request-id: xZc2eCN2slhjKmpkfFE6o
expires: Thu, 04 Dec 2025 12:44:40 GMT

GET
H2 200 katya-lel-divorced-her-husband_61.jpg
images.uznayvse.ru/960x540/p/images/content/2023/12/5/ 74 KB
74 KB 333ms
50ms Image
image/jpeg 152.89.217.46
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.uznayvse.ru/960x540/p/images/content/2023/12/5/katya-lel-divorced-her-husband_61.jpg
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.217.46 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258384.srvape.com
Software: /
Resource Hash: dc801ac7fca7d4613c7134328a58ce81e8d2bc77b2df3b94569afeaa737620b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 07:32:50 GMT
x-original-content-length: 77437
last-modified: Tue, 05 Dec 2023 07:32:50 GMT
age: 39649
content-type: image/jpeg
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
content-disposition: inline; filename="katya-lel-divorced-her-husband_61.jpg"
accept-ranges: bytes
wsr-cache: HIT 753 (346)
content-length: 75879
x-request-id: NvoMhs_YqXmenVSCejn6R
expires: Thu, 04 Dec 2025 07:33:06 GMT

GET
H2 200 polina-gagarina-starred-in-the-new-series_11.jpg
images.uznayvse.ru/960x540/p/images/content/2023/12/5/ 69 KB
69 KB 440ms
158ms Image
image/jpeg 152.89.217.46
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.uznayvse.ru/960x540/p/images/content/2023/12/5/polina-gagarina-starred-in-the-new-series_11.jpg
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.89.217.46 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258384.srvape.com
Software: /
Resource Hash: f6390b29010d787298880aedbba081ac8bb33e384739aae9e6ba6adb0b2e3c35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:19:12 GMT
x-original-content-length: 71321
last-modified: Tue, 05 Dec 2023 09:19:12 GMT
age: 33268
content-type: image/jpeg
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
content-disposition: inline; filename="polina-gagarina-starred-in-the-new-series_11.jpg"
accept-ranges: bytes
wsr-cache: HIT 191 (346)
content-length: 70432
x-request-id: 6kg9sYjsgSuBg6JVbEeQD
expires: Thu, 04 Dec 2025 09:19:12 GMT

GET
H2 200 uzn_17017651918.jpeg
uznayvse.ru/images/content/2023/12/5/ 7 KB
7 KB 97ms
96ms Image
image/jpeg 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uznayvse.ru/images/content/2023/12/5/uzn_17017651918.jpeg
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: 8c266166d4dcf1cb257594bf1e8a36a3ee2ae80d23d89e07b9cb0bdffabe1438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:31:22 GMT
x-original-content-length: 7114
last-modified: Tue, 05 Dec 2023 13:31:22 GMT
age: 18137
content-type: image/jpeg
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 491 (347)
content-length: 6981
expires: Thu, 04 Dec 2025 13:33:41 GMT

GET
H2 200 uzn_17017793937.jpg
uznayvse.ru/images/content/2023/12/5/ 11 KB
11 KB 97ms
97ms Image
image/jpeg 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uznayvse.ru/images/content/2023/12/5/uzn_17017793937.jpg
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: 89f45408190846e6ca6e4faf634fb8258fb69543ed0c72ee135c27125fe41759

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:07:28 GMT
last-modified: Tue, 05 Dec 2023 13:07:29 GMT
age: 19570
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 545 (348)
content-length: 10960
expires: Thu, 04 Dec 2025 13:09:08 GMT

GET
H2 200 uzn_17017781460.jpg
uznayvse.ru/images/content/2023/12/5/ 12 KB
12 KB 98ms
98ms Image
image/jpeg 188.127.229.152
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uznayvse.ru/images/content/2023/12/5/uzn_17017781460.jpg
Requested by: Host: uznayvse.ru
URL: https://uznayvse.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.127.229.152 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: s258410.srvape.com
Software: /
Resource Hash: a7f035d6c2e84860c71629714d84021d94ecec2d7f27acfef2e8c2310245e909

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:27:32 GMT
last-modified: Tue, 05 Dec 2023 12:09:06 GMT
age: 21967
etag: "656f12e2-2e80"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=63072000, stale-while-revalidate=12614400
accept-ranges: bytes
wsr-cache: HIT 589 (348)
content-length: 11904
expires: Thu, 04 Dec 2025 12:32:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 278ms
157ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: uznayvse.ru
URL: https://uznayvse.ru/js/app219.js?1701165897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9883d5e705ac00dc4c93e77775c271f1a34b01c89a776c7f6e03bc6e953babd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52232
x-xss-protection: 0
server: cafe
etag: 9862680160820324283
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:33:42 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 398 KB
135 KB 131ms
130ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9848931572217626&plah=uznayvse.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f6284f1e087fa6840f33aa90901ae529c5d08b1516beca5be8fdea0da46d397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137569
x-xss-protection: 0
server: cafe
etag: 13801042579436597755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:33:43 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame B921 9 KB
4 KB 171ms
56ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uznayvse.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 02:04:00 GMT
etag: 12051592065903069241
expires: Tue, 19 Dec 2023 02:04:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 43C3 109 KB
40 KB 502ms
501ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&h=600&slotname=3227849016&adk=43929877&adf=1826040728&pi=t.ma~as.3227849016&w=300&lmt=1701801062&format=300x600&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223096&bpp=2&bdt=3050&idt=312&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=3727117620526&frm=20&pv=2&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=319

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9848931572217626&plah=uznayvse.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3438c8131bba494ce7a92d30bfa7ad6e530e68e0dd6810226fc5a3875c222e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uznayvse.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40561
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:33:43 GMT
expires: Tue, 05 Dec 2023 18:33:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 208ms
100ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82ce58e8b6082baa4b7fa3587b8bc05cce42facc2e5f64969bb7c8e944104911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12338
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4571 108 KB
40 KB 578ms
578ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&h=250&slotname=1943843428&adk=1014720677&adf=2496506641&pi=t.ma~as.1943843428&w=300&lmt=1701801062&format=300x250&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223098&bpp=1&bdt=3052&idt=321&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=3727117620526&frm=20&pv=1&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=322

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34b2a582a55c1df1428df618d334a18205263526a2c7723e0b808594315c9182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uznayvse.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40424
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:33:43 GMT
expires: Tue, 05 Dec 2023 18:33:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AFDF 111 KB
42 KB 790ms
790ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&h=600&slotname=5134203143&adk=1100931792&adf=401234076&pi=t.ma~as.5134203143&w=160&lmt=1701801062&format=160x600&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223099&bpp=1&bdt=3053&idt=323&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x250&correlator=3727117620526&frm=20&pv=1&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=324

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a7daa315ea374f4db210e226d5c2d060a00eb0c97ff39cad959f1fe5c798e4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uznayvse.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42952
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:33:44 GMT
expires: Tue, 05 Dec 2023 18:33:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D8D5 204 KB
55 KB 713ms
713ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&adk=2232986295&adf=1196094641&lmt=1701801062&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223115&bpp=3&bdt=3069&idt=309&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x250%2C160x600&nras=1&correlator=3727117620526&frm=20&pv=1&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=317

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3f999f1cfdabe210d1cd204776e634b4d868c44bec7522c37e37e22c0726778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uznayvse.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 56226
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:33:44 GMT
expires: Tue, 05 Dec 2023 18:33:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 179ms
65ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 18:33:43 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D80 13 KB
5 KB 55ms
54ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uznayvse.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:19:38 GMT
expires: Wed, 04 Dec 2024 15:19:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3944 829 B
1 KB 176ms
63ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9f66f2cc7708b246bf025acad0035fbc0e4a391e622131b53f3b09f525d5750e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EO4Rmm1GAV8Mdo_K8XRj3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uznayvse.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-EO4Rmm1GAV8Mdo_K8XRj3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:33:43 GMT
expires: Tue, 05 Dec 2023 18:33:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D80 39 KB
15 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 17:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 17:18:15 GMT

GET
H3 200 17794937369269726167
tpc.googlesyndication.com/simgad/ Frame 43C3 114 KB
114 KB 57ms
57ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17794937369269726167?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkKfWyCqm9y2KG1c_EktShGBWY_Sg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&h=600&slotname=3227849016&adk=43929877&adf=1826040728&pi=t.ma~as.3227849016&w=300&lmt=1701801062&format=300x600&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223096&bpp=2&bdt=3050&idt=312&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=3727117620526&frm=20&pv=2&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=319

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cd856668e08291a378d60614f2f08a23f8db2a61e13d1fa0077b4f250ab8a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:05:45 GMT
x-content-type-options: nosniff
age: 80878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116903
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 10:25:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 20:05:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 43C3 24 KB
9 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:39:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D6A 143 B
166 B 54ms
53ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&h=600&slotname=3227849016&adk=43929877&adf=1826040728&pi=t.ma~as.3227849016&w=300&lmt=1701801062&format=300x600&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223096&bpp=2&bdt=3050&idt=312&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=3727117620526&frm=20&pv=2&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=319
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 17:38:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 43C3 3 KB
1 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:56:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 43C3 20 KB
8 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 12:26:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 43C3 202 KB
64 KB 192ms
82ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:33:44 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 43C3 36 KB
14 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0661b34bdd99c850e7c1c3fb40188743848c2353682e600dc0fa009ced29f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14794
x-xss-protection: 0
server: cafe
etag: 15882346334465922746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:45:36 GMT

GET
H3 200 9568439876187414151
tpc.googlesyndication.com/simgad/ Frame 4571 39 KB
39 KB 61ms
61ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9568439876187414151?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlMVI1r8mH6mrUFkCUWcEDQ06aRig

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&h=250&slotname=1943843428&adk=1014720677&adf=2496506641&pi=t.ma~as.1943843428&w=300&lmt=1701801062&format=300x250&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223098&bpp=1&bdt=3052&idt=321&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=3727117620526&frm=20&pv=1&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=322

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

913382abc3ffba439ab94f31778445f6cd6de680b7bf9c5fdc73f7b6d5e14701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:51:30 GMT
x-content-type-options: nosniff
age: 6134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39961
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 12:45:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Dec 2024 16:51:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3944 0
0 166ms
166ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=3863990368790980&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D6A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

67ms
66ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:33:44 GMT
expires: Tue, 05 Dec 2023 18:33:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:33:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 4571 24 KB
9 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:39:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8029 143 B
166 B 54ms
53ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&h=250&slotname=1943843428&adk=1014720677&adf=2496506641&pi=t.ma~as.1943843428&w=300&lmt=1701801062&format=300x250&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223098&bpp=1&bdt=3052&idt=321&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=3727117620526&frm=20&pv=1&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=322
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 17:38:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 4571 3 KB
1 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:56:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 4571 20 KB
8 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 12:26:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4571 202 KB
64 KB 192ms
170ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:33:44 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 4571 36 KB
14 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0661b34bdd99c850e7c1c3fb40188743848c2353682e600dc0fa009ced29f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14794
x-xss-protection: 0
server: cafe
etag: 15882346334465922746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:45:36 GMT

GET
DATA 200
OK truncated
/ Frame 43C3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9080656519262e7c5e5401ef2813640c431cb0ef3cee49e91f15e80a0c13e18f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4D80 0
10 B 80ms
80ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YoUqKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8029
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

66ms
66ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:33:44 GMT
expires: Tue, 05 Dec 2023 18:33:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:33:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4571 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48df53a5d3918d78b2d3336fe178a6f5d3e2a57ef6cd4f048ef74772e29505f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 160 KB
55 KB 123ms
123ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1678334c2bf9e95a9048276ff1c2899fc9d3bc26db2f785ee02db531699c35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55949
x-xss-protection: 0
server: cafe
etag: 15928051821080440471
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:33:44 GMT

GET
H3 200 3888261574137790264
tpc.googlesyndication.com/simgad/ Frame AFDF 29 KB
29 KB 59ms
59ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3888261574137790264?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmgnLUV13dEzQPrR7A7HSY8OPy-4g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&h=600&slotname=5134203143&adk=1100931792&adf=401234076&pi=t.ma~as.5134203143&w=160&lmt=1701801062&format=160x600&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223099&bpp=1&bdt=3053&idt=323&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x250&correlator=3727117620526&frm=20&pv=1&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=324

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8602451581e4f28c39757fa263d04c772108a0cc0905fb985193635973084b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:57:37 GMT
x-content-type-options: nosniff
age: 329767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29698
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 21:30:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Nov 2024 22:57:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame AFDF 24 KB
9 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:39:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame AFDF 3 KB
1 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:56:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame AFDF 20 KB
8 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 12:26:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFDF 202 KB
64 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:33:44 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame AFDF 36 KB
14 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0661b34bdd99c850e7c1c3fb40188743848c2353682e600dc0fa009ced29f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14794
x-xss-protection: 0
server: cafe
etag: 15882346334465922746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:45:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E4F 143 B
166 B 54ms
54ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9848931572217626&output=html&h=600&slotname=5134203143&adk=1100931792&adf=401234076&pi=t.ma~as.5134203143&w=160&lmt=1701801062&format=160x600&url=https%3A%2F%2Fuznayvse.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701801223099&bpp=1&bdt=3053&idt=323&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x250&correlator=3727117620526&frm=20&pv=1&ga_vid=1048429371.1701801223&ga_sid=1701801223&ga_hid=1922788323&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31079825%2C31079863%2C44807764%2C44808149%2C44808285%2C44809071%2C95320230&oid=2&pvsid=3863990368790980&tmod=1968723245&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=324
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 17:38:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 43C3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CLRWyB21vZZqPHpueiM0PltOJ0Afjoaa0dPr1lbyZEr_hHhABIOPxoxJgleKQgqAHoAGHg7_3A8gBAqgDAcgDyQSqBO4BT9CtFeWLt3I3SHBT_H0gV5jEwiWvzlo2cubDlQQcBCHlwz5yfqK...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22367719273597637700%22,%22debug_reporting%22:true,%22destination%22:%22https://lightinthebox.com%22,%22event_report_window%...

0
0

417ms
72ms

Fetch
text/css

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22367719273597637700%22,%22debug_reporting%22:true,%22destination%22:%22https://lightinthebox.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221055900039%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221496408165227200369%22}&andc=true

Protocol

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"367719273597637700","debug_reporting":true,"destination":"https://lightinthebox.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1055900039"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"1496408165227200369"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 18:33:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 18:33:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"367719273597637700","debug_reporting":true,"destination":"https://lightinthebox.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1055900039"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"1496408165227200369"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1555 51 KB
19 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 09:13:44 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4571
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C4LXXB21vZeWqHraTiM0PpJ21qAmS-Im_dOvsy5_vEfb5gNrDARABIOPxoxJgleKQgqAHoAGG19e9A8gBAqkC5jIXFrglsj6oAwHIA8mEgIAEqgTtAU_QAhvgDh7aMrGfFj6TGoTzuJUjWRg...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210147335068967231486%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_windo...

0
0

417ms
72ms

Fetch
text/css

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210147335068967231486%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229345651478667413377%22}&andc=true

Protocol

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10147335068967231486","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"9345651478667413377"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 18:33:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 18:33:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10147335068967231486","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"9345651478667413377"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AFDF 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1f086fc4c32b1e039b691299d4cc638097534fb6fea6cfc4c5e9e123b23b0f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame C21B 51 KB
19 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 09:13:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E4F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

69ms
68ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:33:44 GMT
expires: Tue, 05 Dec 2023 18:33:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:33:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame AFDF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs-qfB21vZeyKHvqWiM0PhMqxwAOZ1PrRdPvjwquZEqq4i5btDhABIOPxoxJgleKQgqAHoAHSn6LmKMgBAqkCzZyCYWQ1XT6oAwHIA8kEqgTxAU_Q-nZIZPJ-5V--oDK55br-Rl73zAosbrl...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229062680435588949679%22,%22debug_reporting%22:true,%22destination%22:%22https://ui.org.ua%22,%22event_report_window%22:%222...

0
0

412ms
71ms

Fetch
text/css

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229062680435588949679%22,%22debug_reporting%22:true,%22destination%22:%22https://ui.org.ua%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210951888850%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215292716563307079553%22}&andc=true

Requested by

Protocol

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9062680435588949679","debug_reporting":true,"destination":"https://ui.org.ua","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10951888850"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"15292716563307079553"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 18:33:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 18:33:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9062680435588949679","debug_reporting":true,"destination":"https://ui.org.ua","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10951888850"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"15292716563307079553"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame BE4F 9 KB
4 KB 54ms
53ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uznayvse.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69751
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 23:11:13 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 23:11:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 149ms
70ms Preflight
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 18:33:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 127ms
70ms Preflight
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 18:33:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 70ms
69ms Preflight
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 18:33:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame BE4F 4 KB
1 KB 177ms
63ms Stylesheet
text/css 2a00:1450:4001:82f::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 18:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 17:10:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 18:33:44 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BE4F 205 B
650 B 162ms
51ms Image
image/png 2a00:1450:4001:830::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:58:29 GMT
x-content-type-options: nosniff
age: 88515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Dec 2024 17:58:29 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BE4F 604 B
695 B 162ms
52ms Image
image/png 2a00:1450:4001:830::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:38:28 GMT
x-content-type-options: nosniff
age: 53716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Dec 2024 03:38:28 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame BE4F 16 KB
7 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:04:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:04:39 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame BE4F 22 KB
9 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e3e3fc8cdf8924500e7972820c834a71917633559f5deb528ea3091959130ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 21:00:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77572
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9196
x-xss-protection: 0
server: cafe
etag: 14855042226819348905
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 21:00:52 GMT

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AB0 51 KB
19 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 09:13:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 175ms
174ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231130&jk=3863990368790980&bg=!wsGlwY7NAAY3kmNgF5I7ADQBe5WfOK_JVh9NvIOoscdImVl5NbilBxC-mqSAB8ef_QnQK_6S9QVw7CM5EWQ61Xs-ca6DAgAAAFhSAAAAAmgBBwoAQ5CShTMIP0orsoACRVDzeaGX8dM7n82eFz6dPvBV-3EUFbm5cO3Mh2D68fhPKVf31YLmVaNMTVgY3_DyFtMU8rzjPKuZAsJfX_V1NPMWRMARdsqZTCH_QXme9Jag6JTkknKgoIdwonWzjXjxEW08CPCrzilw4mtLP_UF7lzbcJZgmK0yz16qhUqVtb_D8WWe7ivO-9lpyao8VWkDGfrel1uXCCCAbOwwaHxstIktnJuTLcc30ZTR0vaxHSp1O1uYNRPaXyk9xZwJOSQHyA7Kc6-yeB6bM8X32AyUoXRQqXeqq49_mkmBZ59czU8lR5tM_N-BcElVB-KOAZsu-Kh7SvnrpL3Yyvx9f_uaITAtU0AH9d4_YFQnSKWftkHqQaFNs1VftR1nHqkVJZU7piKBY9Ew37Cuh9ZDqX9b4kO-4yErxP8NS5j1n-Lnqv1UKC2PJ7ykFnhyBZ7M8zHOCJuBzBAtY8Y9mD0wIlfkL1xd_RZyZ4hlX7IcYxzDAEFypXrQ6IZH4x2747Wp7b6D6wkMMsAlMvGs3IQaO1UqzRXHExwqx3EX_gb4yo6nx_eYwjFI1l_zt0NWe_0gKZG4CpWWJtRjlcJhPnDAH4_oQUQYOPzRQvld1EGQZ4zVm_au1FCMREvUU_Pj1bOigXzl853OR2PHdBgg10PYwchlYLIfqmKx4ci4419xlYA5bqMh57ghOtrP0sQi7nFebwTCFtIHXdpnMqicQZUvOsmIvTsday6drjFSzmDMJd3lJWo3J_zOr0_5mibsQCOjgFQj6X8K3AMarRbC03Rh4N315vyCjw6rYQM7_mpwdnXqHKQBSD6W6_JvEiq_8-n06GpxiljJG4lAoECQeTEGx5B4QVHBgDu6otrNN55vWGhjSoD1M0vL0VuJsNGgTgvEyRqQuQG0GB75U_SXgyWydApdiKveY-4OnsPWby9Kh3Ydxu9l1qN9BlNSPtJ8KZjbezcdikIICc5qs5s3nnEdsDAqA2b-QxHoQl367hVJFEu4E0KOMwHe7QO-wL50pq1F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uznayvse.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame 8698 14 KB
1 KB 63ms
63ms Stylesheet
text/css 2a00:1450:4001:82f::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 18:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 17:40:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 18:33:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 8698 2 KB
823 B 56ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:34:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 8698 24 KB
9 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:39:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4DD4 143 B
166 B 56ms
53ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 17:38:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 8698 3 KB
1 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:56:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 8698 20 KB
8 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 12:26:17 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8698 202 KB
64 KB 87ms
83ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:33:44 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 8698 37 KB
15 KB 56ms
52ms Script
text/javascript 2a00:1450:4001:830::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 05:25:25 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4DD4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

67ms
67ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:33:45 GMT
expires: Tue, 05 Dec 2023 18:33:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 18:33:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4934 51 KB
19 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: uznayvse.ru
URL: https://uznayvse.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 09:13:44 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 43C3 42 B
64 B 171ms
171ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvicjBgKFAMDElLePv-P2PqC5339bkF3PizP2d1fdzP3xELKF5j7B19kL6HXxG1gz9CQrwfHeMsgDv8YLRE6k4OgilslaVHsHH728YDbeVsLVJkOHe2RYZqahOm9Hd5cYp848zWZSf8Jzx4&sai=AMfl-YT_VTXSLrS7FMmiebT0gl1gnbuIMBCr47X21QqX9qx6KnPL3kHBrYTe-xOw6bBN8PILj-zdPhVurb6hekpiBwAwKv4J5NHaVsMcWEBX3dkSuMyrqS8Q7lddQOOoFLQVeHdHhR7-yvmynbVfv34J3fO2LqrJqI5Wq2xc&sig=Cg0ArKJSzMZd_CQelhrtEAE&cid=CAQSTwDICaaNNza91d93Oebvdt-E-yGwJRSM7QtkQmJ6ioxF_BsahNeUD64wZ5jxlHUKdtQfMD2oDiOizHb6ePdN9sRgjtIYGJID-atBGOD3cMIYAQ&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=43929877&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701801223417&rpt=852&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:33:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4571 42 B
64 B 171ms
171ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufRv9lezFgRJojw3FtflSITiOrLYwxLikuSujpMJX8qcyIvat2QY9A2A8bX2rtLu_oKO_CnLspDF97mikSf1ebT4jPHcfUpslmwiGYrNr3HPB6WH57jGClgZn6SCyb-ESm-hmLqoKwjuz7&sai=AMfl-YQzh0QqZyYqqruiWKYdZ1gQh9W3c2qgU5lTvFPolxdCcteDlTUuhc6AWveGrqHZQWrkgEVQ4UEsfUNN_1tuxli0XtYE7WFqeGglZcZd4D8NE_vStN3EFsK4xzBz61xPGX8UV2PfvVJ8UkobrJH-Xguvr0DhiHR2KnA&sig=Cg0ArKJSzMXBkygtxwXDEAE&cid=CAQSTgDICaaNHaPnrA-9z0NGLRxuDzG6GDXKMolIBt8aGOeRsiJom7jh2phAudoHr4ZE4E7BcLr5pDrEcwrtCzsO6JnZR5xgx-Tcuj9fAhk7sBgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1014720677&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701801223421&rpt=878&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:33:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AFDF 42 B
64 B 173ms
173ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7wRfV9a9oWe-f3oUnI3rlHmCaeOJVYWs8_4lt_rAc4IlrGNLepIeMQ2qUhgDPF1i7ZBc7OnOTaOPq4hiiTkW32Zwjw-0x04UT3EdEkQyNaaShuk1MwHRVacGZe3rW-L7lOIt8iyImkuQ6vSEAHXo4h0ZGSW1UNDFwkvFLER25fV6bbpVM-yQ0eZV3TIo_CfyQeuCG5ihfTLft8xSAUwxs-hYHSRcyJL1m-ddn-sdWeVu3WsCVSrzmUT5oV2b-6QOBPWQI0urKhPkybgMw59XB3qvKUTMwJD028IKdaT-fMMeX-GZqS0NiQ2Ikl9W6THrL2MDjBBDbj82NU8KU8fTiEEvQEL2x2g3TeUUuRmY5yCCIj_ahiibvYBHMfRonzAPfbBSjB-28-VrHXc1QJhsfasnCgD5_dYR4XLvC32fXJWndtX-bM_77ilodN2QRBktOqukDphhTsJl120q3sT_3lG3W4C8TA87muCuhO0FC2XyEVjsbf7wBt3B4iCKXJ8s2uwddwk7ThEa2Wmk_2QvMe3aT6T6qQjCgANvMtob5S-HotV2LDGIVZN1VBhYjXlevPphxMuIqbCShw9HhmAuTJhKI2CR3MJPJIv5u44JZqR7iZ1uIzAEtgp665h8nq_2rSZeEPQj4zujcxQ5_giu71J-Yvt5fVkAuNVTKoLJ9LxLN3WCIIA2mLNCmyDRdoDEwUgEMI8IQMQb0DGzrkTJucy5WOgolM9aM9aui-xnul8qAhxtbBB1DvMU2Xz-l5V6zstlTDeBeHW984XTNLqbXG2Qzfxn38-8iouXdF5LvNfDinnrtc8bf1IF66OPJKmYfFFtTkeCRWPkUnuEnB8YTILROlp6wk--91F3aq3XbeiKQrKNoXMvRU4lzDBXG_Ya6AU2ZqRzB92R_chab4CXUPQ_poNJezWrSX3sadpQTJjE33ENbK5FgnLBms4DxgOSQ3yskNHqJSgTAPi5SgGtoh0njlL25dBL5prd7wCuFJ-T58rAIVzZQHgqKNReoX2TQcs5_VaH6BvvVCWKQIzGB4fdTtQ-bicohVO1sLh6YNszYGw1phKgj44dcPKArStrvzr-H80xgk3WLGOC4DWNrvQSvA0X_VuO7yUB8qJC9f7TrTyocMtkGAH8GnFJD3EmWeR27STpPmqWmVAQu9lRxk2SxeqUlgd6QuzSDzmPJpeVl7w&sai=AMfl-YQlNCx6GArErtH8Xn6wZ_jzekjG0eTUKpcl4TovW8ZqVPjaMqbaiI7uWDNtXwxmvoe7m804ZYZaw0rFxtrPMg_TUlbEt4H-4Mxzp0wI4jgWn8UDAzQr36gUaj9Zl9_fr2YjOcHgKatDdoAUztFK_wEmxQsZBOjJzgV309hwbPD01Ee9-RD7Yg&sig=Cg0ArKJSzIdlQ0qoNAWIEAE&cid=CAQSTwDICaaNxJ0LIxxKP_W3kgffx_SIjjRKCnIPvF3ZQkbSZYnIISVtpHHD-K6bPIOOUYemcqtGiHyFsV7O64akxKEpGV-eg0hzaMEakxu6IFYYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1100931792&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701801223423&rpt=915&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 18:33:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uznayvse.ru/	1970-01-21 02:04:57	Name: __gads Value: ID=94038b41fa60d2ec:T=1701801223:RT=1701801223:S=ALNI_MasFPI72z5cvl8QjrJ9mPazIHGvjg
.uznayvse.ru/	1970-01-21 02:04:57	Name: __gpi Value: UID=00000d0b37efdbac:T=1701801223:RT=1701801223:S=ALNI_MaZWCxPKt49I1doHPFnKQozvptkGw
.doubleclick.net/	1970-01-20 16:43:24	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:04:57	Name: IDE Value: AHWqTUmlfQ_ajg7eQGUf6eoQSBzy3rwyCoUa9zYqpnWurug3AXQEAnZ2AZSDoiYPg-M

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
googleads.g.doubleclick.net
images.uznayvse.ru
pagead2.googlesyndication.com
tpc.googlesyndication.com
uznayvse.ru
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.74.194
152.89.217.46
188.127.229.152
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
152166574aac4154ce82999204915174e6736279b9a866f2812c4f85db9d3234
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a7daa315ea374f4db210e226d5c2d060a00eb0c97ff39cad959f1fe5c798e4b
1b1678334c2bf9e95a9048276ff1c2899fc9d3bc26db2f785ee02db531699c35
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34b2a582a55c1df1428df618d334a18205263526a2c7723e0b808594315c9182
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42cd856668e08291a378d60614f2f08a23f8db2a61e13d1fa0077b4f250ab8a4
48df53a5d3918d78b2d3336fe178a6f5d3e2a57ef6cd4f048ef74772e29505f1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65b30e525ffccb424a6bd03ed04ed4c49183c994862e3bb1379e8e400aedad4b
68317ce5ba4cf093465be338e82923c7d342a5a8238ff9f57ad38602d1e4c6f8
6a4a1be620526ad0519e4a2758050bf473bff9119ef4acf39aad150426e22c3c
6e3e3fc8cdf8924500e7972820c834a71917633559f5deb528ea3091959130ed
6f6284f1e087fa6840f33aa90901ae529c5d08b1516beca5be8fdea0da46d397
82ce58e8b6082baa4b7fa3587b8bc05cce42facc2e5f64969bb7c8e944104911
8602451581e4f28c39757fa263d04c772108a0cc0905fb985193635973084b03
89f45408190846e6ca6e4faf634fb8258fb69543ed0c72ee135c27125fe41759
8b531a325ad70b125dcf1a0b60a7bfcd883a8ecad8531fea1b5f1e57d2a9feb8
8c266166d4dcf1cb257594bf1e8a36a3ee2ae80d23d89e07b9cb0bdffabe1438
9080656519262e7c5e5401ef2813640c431cb0ef3cee49e91f15e80a0c13e18f
913382abc3ffba439ab94f31778445f6cd6de680b7bf9c5fdc73f7b6d5e14701
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
9883d5e705ac00dc4c93e77775c271f1a34b01c89a776c7f6e03bc6e953babd3
9eb9c1ba570d88552bec9b3e09a9c47378829be972a29ab75f378a03f37e9050
9f66f2cc7708b246bf025acad0035fbc0e4a391e622131b53f3b09f525d5750e
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
a7f035d6c2e84860c71629714d84021d94ecec2d7f27acfef2e8c2310245e909
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1de6ce56bc382c52bc442bf7e6b850ec044acd5483beacda824ee4e8472577d
c9f9805a8d45f3263c36742c54d2566e5b07f1faba610885bd442a46cd63924d
d3f999f1cfdabe210d1cd204776e634b4d868c44bec7522c37e37e22c0726778
dc801ac7fca7d4613c7134328a58ce81e8d2bc77b2df3b94569afeaa737620b7
e1f086fc4c32b1e039b691299d4cc638097534fb6fea6cfc4c5e9e123b23b0f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0661b34bdd99c850e7c1c3fb40188743848c2353682e600dc0fa009ced29f9d
f3438c8131bba494ce7a92d30bfa7ad6e530e68e0dd6810226fc5a3875c222e9
f6390b29010d787298880aedbba081ac8bb33e384739aae9e6ba6adb0b2e3c35
fc953180d3fad5b65e11e72b9361c8c94a719121bc1f68db6d06b066d8aed6da

uznayvse.ru Open in urlscan Pro 188.127.229.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

97 %HTTPS

70 %IPv6

8 Domains

10 Subdomains

11 IPs

3 Countries

1762 kBTransfer

4307 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

uznayvse.ru Open in urlscan Pro
188.127.229.152 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

97 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

11
IPs

3
Countries

1762 kB
Transfer

4307 kB
Size

4
Cookies

87 HTTP transactions
3 data transactions