www.peticijeonline.com Open in urlscan Pro
149.202.178.97 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
Submission: On April 28 via manual (April 28th 2021, 2:30:10 pm UTC) from IN

Summary HTTP 41 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 13 domains to perform 41 HTTP transactions. The main IP is 149.202.178.97, located in France and belongs to OVH, FR. The main domain is www.peticijeonline.com.
TLS certificate: Issued by R3 on March 3rd 2021. Valid for: 3 months.

This is the only time www.peticijeonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	149.202.178.97 149.202.178.97	16276 (OVH) (OVH)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
41	19

5 149.202.178.97 (France)

ASN16276 (OVH, FR)

www.peticijeonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	154 KB
6	google.com www.google.com adservice.google.com	19 KB
5	gstatic.com www.gstatic.com	446 KB
5	peticijeonline.com www.peticijeonline.com	109 KB
4	cloudflare.com cdnjs.cloudflare.com	71 KB
4	fontawesome.com use.fontawesome.com	179 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	35 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	646 B
1	jquery.com code.jquery.com	30 KB
1	jsdelivr.net cdn.jsdelivr.net	4 KB
41	13

	Domain	Requested by
6	pagead2.googlesyndication.com	www.peticijeonline.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	www.gstatic.com	www.google.com
5	www.google.com	www.peticijeonline.com www.gstatic.com www.google.com
5	www.peticijeonline.com	www.peticijeonline.com code.jquery.com
4	cdnjs.cloudflare.com	www.peticijeonline.com
4	use.fontawesome.com	www.peticijeonline.com use.fontawesome.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	stackpath.bootstrapcdn.com	www.peticijeonline.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	www.peticijeonline.com
1	cdn.jsdelivr.net	www.peticijeonline.com
41	15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.accountspro.co
twitter.com

Subject Issuer	Validity	Valid
www.adressit.com R3	`2021-03-03` - `2021-06-01`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-26` - `2022-03-26`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
Frame ID: 5FD1A414BD387C932F6C3AA323193634
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/zrt_lookup.html
Frame ID: 50FF01D2ED61FB664DD9F62FF5C5D6E5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfgUMMUAAAAAKqRDxQyrx9qs147mH9vLReX8oQL&co=aHR0cHM6Ly93d3cucGV0aWNpamVvbmxpbmUuY29tOjQ0Mw..&hl=hr&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=bit3lufa3zsb
Frame ID: 98DE322BD942D52397F60B96C2BCD92A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5822174544192008&output=html&adk=1812271804&adf=3025194257&lmt=1619620193&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.peticijeonline.com%2Fquickbooks_2018_to_2021_upgrade&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619620193450&bpp=9&bdt=224&idt=78&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2535980563624&frm=20&pv=2&ga_vid=2041864576.1619620194&ga_sid=1619620194&ga_hid=1700603789&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820108473700623&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=92
Frame ID: FA6F0BEAFA70F80324A47D84B4DF5E00
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=hr&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfgUMMUAAAAAKqRDxQyrx9qs147mH9vLReX8oQL&cb=l623sv3fjtmq
Frame ID: A15011E1F06582EEA85BE0F76CAAA848
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 3F3006413D0EB13E7C51B86DFA6A7FBC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

41
Requests

100 %
HTTPS

84 %
IPv6

13
Domains

15
Subdomains

19
IPs

4
Countries

1080 kB
Transfer

2593 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/sharer.php?u=https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade&t=QuickBooks+2018+To+2021+Upgrade
Title: Podijelite na Facebooku

Search URL Search Domain Scan URL

URL: https://www.accountspro.co/blog/quickbooks-2018-to-2021/
Title: QuickBooks 2018 To 2021 Upgrade

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.peticijeonline.com%2Fquickbooks_2018_to_2021_upgrade
Title: Podijelite na Facebooku

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fwww.peticijeonline.com%2Fquickbooks_2018_to_2021_upgrade%3Futm_source%3Dtwitter
Title: Tweetajte svojim pratiteljima

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set quickbooks_2018_to_2021_upgrade Show response
www.peticijeonline.com/ 139 KB
44 KB 205ms
81ms Document
text/html 149.202.178.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.202.178.97 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.11.8 /
Resource Hash: 5755dc66d2a9aa8f0f378c8aaf68dac8041f4d1a9029850aa1e226ac914dd106

Request headers

Host: www.peticijeonline.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.11.8
Date: Wed, 28 Apr 2021 14:29:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=cioeok1ee59u3788uu0rpoc65m; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

GET
H2 200 bootstrap-social.css
cdn.jsdelivr.net/bootstrap-social/5.0.0/ 33 KB
4 KB 6ms
6ms Stylesheet
text/css 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap-social/5.0.0/bootstrap-social.css

Requested by

Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

37276cc90cdc39f4511cb9549ba9666bea14f4637c6913721026a4aab3ecd67b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 4786439
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3839
etag: W/"8427-MojkgHuZ9nsjkEniSCgkYBzsM5Y"
x-served-by: cache-fra19166-FRA
date: Wed, 28 Apr 2021 14:29:53 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 23ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Origin: https://www.peticijeonline.com
Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1619620193.dop226.fr8.t,1619620193.cds284.fr8.hc,1619620193.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H/1.1 200
OK ad-blocker.js Show response
www.peticijeonline.com/ 83 B
332 B 44ms
35ms Script
application/javascript 149.202.178.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.peticijeonline.com/ad-blocker.js
Requested by: Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.202.178.97 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.11.8 /
Resource Hash: 624255bc9cbc8844399dff35cedc6b26ff4378900128f313403c06e6a7c49ed6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.peticijeonline.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
Cookie: PHPSESSID=cioeok1ee59u3788uu0rpoc65m
Connection: keep-alive
Referer: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 14:29:53 GMT
Last-Modified: Tue, 02 Feb 2021 08:58:26 GMT
Server: nginx/1.11.8
ETag: "60191432-53"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/ 150 KB
20 KB 40ms
38ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css

Requested by

Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.peticijeonline.com
Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 462567
cdn-cachedat: 2021-04-23 06:44:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ba7bfbd50000c2f9c6adb000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:07 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ef44887d8b6f72ade49c8ac74ed888cc
cf-ray: 6470fc3fbbeac2f9-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
13 KB 58ms
19ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Origin: https://www.peticijeonline.com
Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: gzip
last-modified: Thu, 20 Dec 2018 17:45:13 GMT
server: NetDNA-cache/2.2
etag: W/"dc93d584e41f8417f6b7163320d34329"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/ 20 KB
7 KB 20ms
20ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/popper.min.js

Requested by

Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.peticijeonline.com
Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3172905
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6634
cf-request-id: 09ba7bfbd30000d6d5ef16f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-51ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ffJS7yglAy3STPL87s6lZQxRoxMpIvagYHDCEyv2AKqO2jq7dIgdzJaI45wqcs7%2FdzsyTgg5SId3VNMhor4zRAUHF20TO9O1G9T2BDclitPfgCQVj7GAQ%2BlqR%2B%2FRNl%2BHJQ%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6470fc3fbba1d6d5-FRA
expires: Mon, 18 Apr 2022 14:29:53 GMT

GET
H3-29 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/ 54 KB
14 KB 36ms
25ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/bootstrap.min.js

Requested by

Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
age: 3169138
cdn-cachedat: 2021-03-11 11:57:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09ba7bfc1900004abce0947000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:07 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1deea4f52ec4b1d3c98f6a74bea66425
cf-ray: 6470fc402f784abc-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 jquery.inview.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.inview/1.0.0/ 1 KB
1 KB 69ms
68ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.inview/1.0.0/jquery.inview.min.js

Requested by

Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

043af642c6f8db79077d7bbe7ec62def09b622503aba01cc259a69408b4eaf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1052447
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 547
cf-request-id: 09ba7bfc3600004db25b839000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-474"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oTR6RbaKpuIpWfMeEzMBLfxkyU0cAjEDnJLve0x6%2FhStG%2B7Vb3UBNxFflK9fWRpL9A%2BgLgYVyMj%2FDbZPXA6FG82q1LmTrNpBxxZS2SJtpx8ajP09WUTy1697%2B7kvtjPsaw%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6470fc405f444db2-FRA
expires: Mon, 18 Apr 2022 14:29:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
48 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76f4a23d06a4eb1629942669ac3e1b864baf7a756fe52b25fd6ccc243448cb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48376
x-xss-protection: 0
server: cafe
etag: 7770477186257580779
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 14:29:53 GMT

GET
H/1.1 200
OK qb-2018to2021,126.jpg
www.peticijeonline.com/uploads/images/ 64 KB
65 KB 41ms
40ms Image
image/jpeg 149.202.178.97
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.peticijeonline.com/uploads/images/qb-2018to2021,126.jpg
Requested by: Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.202.178.97 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.11.8 /
Resource Hash: 8b625953292205c9d41aff42269083294279eb90bf6881447486a490960bbfc7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.peticijeonline.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
Cookie: PHPSESSID=cioeok1ee59u3788uu0rpoc65m
Connection: keep-alive
Referer: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 14:29:53 GMT
Last-Modified: Wed, 28 Apr 2021 14:29:07 GMT
Server: nginx/1.11.8
ETag: "60897133-1018a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65930

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
648 B 15ms
15ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=hr

Requested by

Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2e1b44514e3b03b0ac3c96a256ce72c64cd4551949881cc2459fc9b847c11d71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Wed, 28 Apr 2021 14:29:53 GMT

GET
H3-29 200 hr.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.9.0/flags/4x3/ 78 KB
28 KB 48ms
46ms Image
image/svg+xml 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.9.0/flags/4x3/hr.svg

Requested by

Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b85162f2b9af65618b3f45822469226ca182c960855a0b39fff50ec1d2391ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 764797
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27870
cf-request-id: 09ba7bfc3600004db26f242000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5d-137ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YN2HEJZmGXkFAMQ2u77RahPPh0H0vO36fikNsgw9PetuaNrcTWTANjCtNdjpSTPug6E2DSi84y0ZJrQnoC%2FtrtLUrFYiq0FrPVNHXHv6zNL0s%2Br8WihQU27FvgnCTGYO%2Fw%3D%3D"}],"max_age":604800}
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6470fc405f404db2-FRA
expires: Mon, 18 Apr 2022 14:29:53 GMT

GET
H3-29 200 me.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.9.0/flags/4x3/ 106 KB
35 KB 64ms
62ms Image
image/svg+xml 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.9.0/flags/4x3/me.svg

Requested by

Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63596b35accdd819f7903c7679ab6e4634f7053ee12fedb5561fe61621f9e79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 451494
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34692
cf-request-id: 09ba7bfc3900004db2fc38b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5d-1a748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NACB0A8cuvPyNXzIk6ZHK%2BN4Mf5izBiw%2FmOnRaDif0v0xPSPXUjbd1nZ5V2A%2BoOyYAEt4msMOqJ0AhPCztmX1hALXi9Au3ICLXx85%2BcSJ4gV%2Fl45ZJXscqL5P7%2FaBU1PWg%3D%3D"}],"max_age":604800}
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6470fc405f424db2-FRA
expires: Mon, 18 Apr 2022 14:29:53 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 77 KB
78 KB 27ms
26ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Origin: https://www.peticijeonline.com
Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
last-modified: Thu, 20 Dec 2018 17:45:39 GMT
server: NetDNA-cache/2.2
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 79100

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 15 KB
15 KB 60ms
60ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492

Request headers

Origin: https://www.peticijeonline.com
Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
last-modified: Thu, 20 Dec 2018 17:45:35 GMT
server: NetDNA-cache/2.2
etag: "4b218302f9057d02864d4909661831e9"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 14872

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 73 KB
73 KB 21ms
20ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Origin: https://www.peticijeonline.com
Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
last-modified: Thu, 20 Dec 2018 17:45:33 GMT
server: NetDNA-cache/2.2
etag: "eac60e8a656781e13d2a674b4d9051c0"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 74288

GET
H2 200 recaptcha__hr.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ 336 KB
132 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__hr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=hr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad19dd80548139d81a78746222d518f758b1e938ca896ba56092fb970fcc02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.peticijeonline.com
Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 18:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158579
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134896
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Apr 2022 18:26:54 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/ 223 KB
83 KB 46ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822174544192008&plah=www.peticijeonline.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 5298758904806933499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 14:29:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/ Frame 50FF 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210426/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210426/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.peticijeonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.peticijeonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 28 Apr 2021 01:17:22 GMT
expires: Wed, 12 May 2021 01:17:22 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 47551
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK save_page_view.php Show response
www.peticijeonline.com/ 12 B
342 B 37ms
37ms XHR
text/html 149.202.178.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.peticijeonline.com/save_page_view.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.202.178.97 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.11.8 /
Resource Hash: 2bd9d2941efd3334450826489d097bdbf2b6b325a864f860dd64decbd63637d9

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.peticijeonline.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=cioeok1ee59u3788uu0rpoc65m; testing_if_javascript_works=1
Connection: keep-alive
Content-Length: 339
Pragma: no-cache
Host: www.peticijeonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 28 Apr 2021 14:29:53 GMT
Content-Encoding: gzip
Server: nginx/1.11.8
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 98DE 20 KB
11 KB 33ms
32ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfgUMMUAAAAAKqRDxQyrx9qs147mH9vLReX8oQL&co=aHR0cHM6Ly93d3cucGV0aWNpamVvbmxpbmUuY29tOjQ0Mw..&hl=hr&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=bit3lufa3zsb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__hr.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e39d141075777b7c4c63339a0d04ab9c2b9fae0491f2268767b140558a8a1f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jFYPz72h7wU3CQ5vzBw4jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfgUMMUAAAAAKqRDxQyrx9qs147mH9vLReX8oQL&co=aHR0cHM6Ly93d3cucGV0aWNpamVvbmxpbmUuY29tOjQ0Mw..&hl=hr&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=bit3lufa3zsb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.peticijeonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.peticijeonline.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Apr 2021 14:29:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-jFYPz72h7wU3CQ5vzBw4jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10974
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
646 B 126ms
61ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.peticijeonline.com&callback=_gfp_s_&client=ca-pub-5822174544192008

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210426/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5822174544192008&plah=www.peticijeonline.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e59dcdead0fbece28d1e85b107a013f6d36ac186f0c299c1db7c4492c477be41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.peticijeonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 36ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.peticijeonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 38ms
38ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.peticijeonline.com%2Fquickbooks_2018_to_2021_upgrade&tn=DIV&id=footer_sign_this_petition_button&ign=false

Requested by

Host: www.peticijeonline.com
URL: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 14:29:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA6F 603 B
67 B 42ms
28ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5822174544192008&output=html&adk=1812271804&adf=3025194257&lmt=1619620193&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.peticijeonline.com%2Fquickbooks_2018_to_2021_upgrade&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619620193450&bpp=9&bdt=224&idt=78&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2535980563624&frm=20&pv=2&ga_vid=2041864576.1619620194&ga_sid=1619620194&ga_hid=1700603789&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820108473700623&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=92

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5822174544192008&output=html&adk=1812271804&adf=3025194257&lmt=1619620193&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.peticijeonline.com%2Fquickbooks_2018_to_2021_upgrade&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619620193450&bpp=9&bdt=224&idt=78&shv=r20210426&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2535980563624&frm=20&pv=2&ga_vid=2041864576.1619620194&ga_sid=1619620194&ga_hid=1700603789&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=820108473700623&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=92
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.peticijeonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.peticijeonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 28 Apr 2021 14:29:53 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Apr-2021 14:44:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188783439141"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Wed, 28 Apr 2021 14:29:53 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 98DE 51 KB
25 KB 16ms
14ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfgUMMUAAAAAKqRDxQyrx9qs147mH9vLReX8oQL&co=aHR0cHM6Ly93d3cucGV0aWNpamVvbmxpbmUuY29tOjQ0Mw..&hl=hr&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=bit3lufa3zsb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
age: 995
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Thu, 28 Apr 2022 14:13:18 GMT

GET
H3-29 200 recaptcha__hr.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 98DE 336 KB
132 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__hr.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad19dd80548139d81a78746222d518f758b1e938ca896ba56092fb970fcc02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 09:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450532
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134896
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Apr 2022 09:21:01 GMT

GET
H3-29 200 W2xNIJZa3rU__xOhJSE22-BlHC3zQORVvVWr7ErpxMA.js Show response
www.google.com/js/bg/ Frame 98DE 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/W2xNIJZa3rU__xOhJSE22-BlHC3zQORVvVWr7ErpxMA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__hr.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b6c4d20965adeb53fff13a1252136dbe0651c2df340e455bd55abec4ae9c4c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfgUMMUAAAAAKqRDxQyrx9qs147mH9vLReX8oQL&co=aHR0cHM6Ly93d3cucGV0aWNpamVvbmxpbmUuY29tOjQ0Mw..&hl=hr&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=bit3lufa3zsb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 16:00:00 GMT
server: sffe
age: 1574
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5734
x-xss-protection: 0
expires: Thu, 28 Apr 2022 14:03:39 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 98DE 102 B
132 B 16ms
15ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=hr&v=dpzVjBAupwRfx3UzvXRnnAKb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

088c1e7b9731ae47e58ddd9a572c112d7f5484ddaf92f91c85e5b7f2633f4971

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfgUMMUAAAAAKqRDxQyrx9qs147mH9vLReX8oQL&co=aHR0cHM6Ly93d3cucGV0aWNpamVvbmxpbmUuY29tOjQ0Mw..&hl=hr&v=dpzVjBAupwRfx3UzvXRnnAKb&size=normal&cb=bit3lufa3zsb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 28 Apr 2021 14:29:53 GMT

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame A150 7 KB
1 KB 18ms
18ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=hr&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfgUMMUAAAAAKqRDxQyrx9qs147mH9vLReX8oQL&cb=l623sv3fjtmq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__hr.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0dad09004146e78922e70beaa4e496872fb4936c195aaecfa51920494dcd5011

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rM3+uav8qjl1ZGgIYhDdiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=hr&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfgUMMUAAAAAKqRDxQyrx9qs147mH9vLReX8oQL&cb=l623sv3fjtmq
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.peticijeonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.peticijeonline.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Apr 2021 14:29:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-rM3+uav8qjl1ZGgIYhDdiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1114
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame A150 51 KB
25 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=hr&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfgUMMUAAAAAKqRDxQyrx9qs147mH9vLReX8oQL&cb=l623sv3fjtmq

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
age: 995
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Thu, 28 Apr 2022 14:13:18 GMT

GET
H3-29 200 recaptcha__hr.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame A150 336 KB
132 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__hr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=hr&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6LfgUMMUAAAAAKqRDxQyrx9qs147mH9vLReX8oQL&cb=l623sv3fjtmq

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad19dd80548139d81a78746222d518f758b1e938ca896ba56092fb970fcc02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 09:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450532
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134896
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Apr 2022 09:21:01 GMT

POST
H/1.1 200
OK update_page_view.php Show response
www.peticijeonline.com/ 1 B
226 B 36ms
36ms XHR
text/html 149.202.178.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.peticijeonline.com/update_page_view.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.202.178.97 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.11.8 /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.peticijeonline.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=cioeok1ee59u3788uu0rpoc65m; testing_if_javascript_works=1; __gads=ID=5d65b31633297701-2271433af5c700fb:T=1619620193:RT=1619620193:S=ALNI_MZ1bJXKYBjE7tBr8oduNtwkOfR1AQ
Connection: keep-alive
Content-Length: 98
Pragma: no-cache
Host: www.peticijeonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 28 Apr 2021 14:29:53 GMT
Content-Encoding: gzip
Server: nginx/1.11.8
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 32ms
18ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210426&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05f63721a1186a81d00a7e37827e16819762073b1fa60eba0796d61df15ca46e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6908
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:29:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 28 Apr 2021 14:29:53 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3F30 12 KB
5 KB 21ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.peticijeonline.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.peticijeonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 28 Apr 2021 13:40:55 GMT
expires: Thu, 28 Apr 2022 13:40:55 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2938
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F30 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 12:51:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 5900
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5651
x-xss-protection: 0
expires: Thu, 28 Apr 2022 12:51:33 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210426&jk=820108473700623&bg=!AwClAETNAAZLnZBaS507ACkAdvg8WkGGfjeRmtB9jNy7wQ0BWV2l9b59VIJSUSnz0denYLQu9sk24wIAAAA_UgAAAAtoAQcKAI20wFN71SOkZ5QGJDCDQOAFhEhwqb-PG0AIgpzj7mZvrRqAJsGX9YhAaTOlq-yiwiLyCOojMn_HeGTY8kJbvAHUz508vJVbylfoyzWSTUOgTnnkUZ1iBwWcReLtoXEgOO8EhuBvj9WEntuHZ-eMdyeNvgYOGXXCJoKOJ-ughWAmeuX0NAlsip-qN0TCaMiZAiCTqIkaPzci8Tfm5tBpX7OvLaf-SD1XOGrWAAeU39-Y-nfcOwk005k0fSBFeNtQvfOPMYFYxfg2s0ueHgWMXh9HLjidj5JcCCXL5_15WQL_wEAtBMMCuzdr_s_qXC6ESSIQyqSlBQ0Islv7611bET5W_e_00XxrIJyRPCGT6mqFYy4HgdTrPn9rjA7UBJP8PCj-4qDO8U4JhDWlxipseXcvyzxz6gb6jVlvlSaZQdMs13KjHQi15QcXujGKlzC42Ui0z29ePhGu_Tz-nZjmb1xTSnqZq0BXfmo0Tkg-qTrf4DZ_YGAHJX_e8rzyzCN3ZPMT7oyDl8ZRVWZzal-wA2gA6twEjJzzdOqkdT_GHIAsAOT_2nmg-j5XmTNDseu2W1NpUJbXW2Kr-m-K-f0NotU9LeQa1e768pqhZAhmvYPZLL-H6hi8ypc4dRjyREVeM_yx6QpWCwEDQlbfsW5Jj-LaZYlFlqPUR4RuVPfssz-Y8XRUrNstEYwalA0s3z3W8TWkHx9dYfzF7eCcZcUM3v2TtY4GA4et8nHcfOeNY8Jo6imTM-EgS29VEb4D695wINBewjBAC142EwB78lmJUXPRxCvuIbjwMNt3uWTImxWMBA0NqAo98ABkFf0L1HHVG9Hdtd6yymXpXHHTn4e79ioh2bNfDMfZNTcuaFaCzHAJbHa-X2zlE5AOOkethEnNQ2DuoZf1Wt5f585RyaIBAaor

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.peticijeonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 14:29:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:53:41	Name: test_cookie Value: CheckForPermission
.peticijeonline.com/	1970-01-20 03:15:16	Name: __gads Value: ID=5d65b31633297701-2271433af5c700fb:T=1619620193:RT=1619620193:S=ALNI_MZ1bJXKYBjE7tBr8oduNtwkOfR1AQ
www.peticijeonline.com/	1969-12-31 23:59:59	Name: testing_if_javascript_works Value: 1
www.peticijeonline.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: cioeok1ee59u3788uu0rpoc65m

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://code.jquery.com/jquery-3.2.1.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at HTMLDocument.<anonymous> (https://www.peticijeonline.com/quickbooks_2018_to_2021_upgrade:1695:30) at j (https://code.jquery.com/jquery-3.2.1.min.js:2:29999) at k (https://code.jquery.com/jquery-3.2.1.min.js:2:30313) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
use.fontawesome.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.peticijeonline.com
142.250.185.98
149.202.178.97
2001:4de0:ac18::1:a:2b
23.111.9.35
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:801::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a04:4e42:3::621
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
043af642c6f8db79077d7bbe7ec62def09b622503aba01cc259a69408b4eaf61
05f63721a1186a81d00a7e37827e16819762073b1fa60eba0796d61df15ca46e
088c1e7b9731ae47e58ddd9a572c112d7f5484ddaf92f91c85e5b7f2633f4971
0dad09004146e78922e70beaa4e496872fb4936c195aaecfa51920494dcd5011
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492
2bd9d2941efd3334450826489d097bdbf2b6b325a864f860dd64decbd63637d9
2e1b44514e3b03b0ac3c96a256ce72c64cd4551949881cc2459fc9b847c11d71
37276cc90cdc39f4511cb9549ba9666bea14f4637c6913721026a4aab3ecd67b
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
5755dc66d2a9aa8f0f378c8aaf68dac8041f4d1a9029850aa1e226ac914dd106
587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560
5b6c4d20965adeb53fff13a1252136dbe0651c2df340e455bd55abec4ae9c4c0
624255bc9cbc8844399dff35cedc6b26ff4378900128f313403c06e6a7c49ed6
63596b35accdd819f7903c7679ab6e4634f7053ee12fedb5561fe61621f9e79e
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76f4a23d06a4eb1629942669ac3e1b864baf7a756fe52b25fd6ccc243448cb22
7b85162f2b9af65618b3f45822469226ca182c960855a0b39fff50ec1d2391ea
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8ad19dd80548139d81a78746222d518f758b1e938ca896ba56092fb970fcc02e
8b625953292205c9d41aff42269083294279eb90bf6881447486a490960bbfc7
8e39d141075777b7c4c63339a0d04ab9c2b9fae0491f2268767b140558a8a1f0
903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59dcdead0fbece28d1e85b107a013f6d36ac186f0c299c1db7c4492c477be41
e5d13a315184e4cc69d5c495682f8e5539478b0f7331165dc63e9aa4f224add0
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

www.peticijeonline.com Open in urlscan Pro 149.202.178.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

84 %IPv6

13 Domains

15 Subdomains

19 IPs

4 Countries

1080 kBTransfer

2593 kBSize

4 Cookies

4 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.peticijeonline.com Open in urlscan Pro
149.202.178.97 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

84 %
IPv6

13
Domains

15
Subdomains

19
IPs

4
Countries

1080 kB
Transfer

2593 kB
Size

4
Cookies

41 HTTP transactions
0 data transactions