urlscan.io logo urlscan.io
SecurityTrails logo

goo.by Open in urlscan Pro
2606:4700:3030::6815:56e9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://goo.by/
Effective URL: https://goo.by/
Submission: On July 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 10 countries across 32 domains to perform 222 HTTP transactions. The main IP is 2606:4700:3030::6815:56e9, located in United States and belongs to CLOUDFLARENET, US. The main domain is goo.by.
TLS certificate: Issued by GTS CA 1P5 on May 24th 2023. Valid for: 3 months.
This is the only time goo.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
16 2606:4700:303... 13335 (CLOUDFLAR...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
30 2a00:1450:400... 15169 (GOOGLE)
2 8 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
9 16 2a02:6b8::1:119 208722 (GLOBAL_DC)
20 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
48 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
3 3 52.57.153.48 16509 (AMAZON-02)
5 22 142.250.186.34 15169 (GOOGLE)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 34.91.62.186 396982 (GOOGLE-CL...)
1 2 34.96.105.8 396982 (GOOGLE-CL...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 37.157.6.243 198622 (ADFORM)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
3 4 37.252.171.85 29990 (ASN-APPNEX)
1 2 52.213.129.153 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3.33.220.150 16509 (AMAZON-02)
4 4 52.58.92.189 ()
1 1 193.0.160.130 ()
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 178.250.7.11 44788 (ASN-CRITE...)
2 142.250.184.226 15169 (GOOGLE)
2 2600:9000:223... ()
4 2600:1f18:1ac... ()
1 2 46.228.164.11 ()
2 2 213.155.156.185 ()
1 2 23.218.209.56 ()
222 29
1    2606:4700:3037::ac43:899a (United States)

ASN13335 (CLOUDFLARENET, US)
goo.by
16    2606:4700:3030::6815:56e9 (United States)

ASN13335 (CLOUDFLARENET, US)
goo.by
9    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
30    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
14    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
16    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
mc.yandex.by
20    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
48    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    52.57.153.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-153-48.eu-central-1.compute.amazonaws.com
pm.w55c.net
22    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    52.213.129.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-129-153.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
9    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    52.58.92.189 (None, )

ASN- ()
x.bidswitch.net
1    193.0.160.130 (None, )

ASN- ()
p.rfihub.com
2    2a05:d018:d29:3601:ec8d:4a3a:2499:c89d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2600:9000:223f:3c00:8:48e:53c0:93a1 (None, )

ASN- ()
static.adsafeprotected.com
4    2600:1f18:1aca:4281:3ef3:8a09:2e9e:80a7 (None, )

ASN- ()
dt.adsafeprotected.com
2    46.228.164.11 (None, )

ASN- ()
ad.turn.com
r.turn.com
2    213.155.156.185 (None, )

ASN- ()
d5p.de17a.com
2    23.218.209.56 (None, )

ASN- ()
sync.teads.tv
Apex Domain
Subdomains		 Transfer
78 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
1 MB
44 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346
328 KB
20 gstatic.com
www.gstatic.com
fonts.gstatic.com
606 KB
17 goo.by
goo.by
203 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 113
49 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 325
118 KB
9 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274
35 KB
8 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 951
static.adsafeprotected.com
dt.adsafeprotected.com
100 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
449 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
7 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9422
3 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
4 KB
5 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3245
60 KB
4 bidswitch.net
x.bidswitch.net
2 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
3 KB
4 yandex.by
mc.yandex.by — Cisco Umbrella Rank: 185818
632 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1044
3 KB
2 teads.tv
sync.teads.tv
452 B
2 de17a.com
d5p.de17a.com
653 B
2 turn.com
ad.turn.com
r.turn.com
869 B
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3235
207 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
1 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2276
572 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 981
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 893
s.tribalfusion.com — Cisco Umbrella Rank: 1946
1 KB
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 608
363 B
1 rfihub.com
p.rfihub.com
759 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 383
265 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1777
586 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 577
744 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1129
601 B
222 32
Domain Requested by
48 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
goo.by
30 pagead2.googlesyndication.com goo.by
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
22 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
20 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
goo.by
17 goo.by 1 redirects goo.by
14 www.gstatic.com www.google.com
www.gstatic.com
googleads.g.doubleclick.net
9 s0.2mdn.net goo.by
s0.2mdn.net
googleads.g.doubleclick.net
9 cdnjs.cloudflare.com goo.by
8 www.googletagservices.com googleads.g.doubleclick.net
goo.by
8 fonts.googleapis.com googleads.g.doubleclick.net
tpc.googlesyndication.com
8 www.google.com 2 redirects goo.by
www.gstatic.com
www.google.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
7 mc.yandex.com 3 redirects goo.by
6 fonts.gstatic.com www.google.com
fonts.googleapis.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 mc.yandex.ru 4 redirects goo.by
4 dt.adsafeprotected.com googleads.g.doubleclick.net
4 x.bidswitch.net 4 redirects
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 mc.yandex.by 2 redirects goo.by
3 pm.w55c.net 3 redirects
3 adservice.google.com pagead2.googlesyndication.com
2 sync.teads.tv 1 redirects
2 d5p.de17a.com 2 redirects
2 static.adsafeprotected.com googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net goo.by
2 pr-bh.ybp.yahoo.com 2 redirects
2 dclk-match.dotomi.com googleads.g.doubleclick.net
2 fw.adsafeprotected.com 1 redirects goo.by
2 c1.adform.net 2 redirects
2 tr.blismedia.com 1 redirects googleads.g.doubleclick.net
2 um.simpli.fi 2 redirects
1 r.turn.com
1 ad.turn.com 1 redirects
1 dis.criteo.com googleads.g.doubleclick.net
1 p.rfihub.com 1 redirects
1 match.adsrvr.org googleads.g.doubleclick.net
1 dsp.adfarm1.adition.com 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 sync.mathtag.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
222 41

This site contains no links.

Subject Issuer Validity Valid
goo.by
GTS CA 1P5		 2023-05-24 -
2023-08-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-06-09 -
2023-09-07		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh

This page contains 33 frames:

Primary Page: https://goo.by/
Frame ID: 38E4B54A9F49FBB3C353B83EE6388FA7
Requests: 45 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=v6p3xadwudc9
Frame ID: D70B2E585EDB5F1F8D762DD44CEBC3CE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Frame ID: 7B4D08754BBE86F61ADF648E4C2862BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&adk=293675617&adf=814277786&lmt=1689446531&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgoo.by%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530989&bpp=7&bdt=240&idt=262&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=21627994917&frm=20&pv=2&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=281
Frame ID: 604E51B39EB0891B09389CD42211DA2A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Frame ID: 262DEFF91986E5BA7F40DBE63910C478
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D13267AD3EBDDE1EAA62E39B57006305
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Frame ID: 0FE6116F38804015D2D1A088A68C0CC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Frame ID: 7BBA924CA8A245461C98DCFC0855B9DC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Frame ID: E65800348CD3D0F21CD97D17DA423006
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Frame ID: 906B460F2AD5F6F1985A7965221FAE15
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: 11FBBA0AEEA8919879DB21496E2E1549
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3F875DCE12F4799AF63FB46BD2127953
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6DFA2AE826847E7D755DA4AA28A3ACA6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4A17BC6A5D98F8DD5A6FC5D99F4141C8
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 886E0DA1E87F63BB077BC6E1BEFFC8A2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE30F12ACA9CCA3CDA4DFD78DAEE0FD8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/index.html
Frame ID: 36D2F43A0E7C140D436807D0505B925C
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Frame ID: 55EE84E255134564B0C64503851456B5
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B20C12CFB6D941D1DBD2BA68A97CB251
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 5A633EC55651961EE628565B9EAAC335
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Frame ID: FF8745947E0896E7137E9510BCF169AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Frame ID: 706B1C72E5163FEDFDE8BB4441A986F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Frame ID: BF2813B7B15E48A47C09224494E40A55
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4753926E96CEDDDE39E774FC164D6618
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Frame ID: C03E0117D5FD7BE027CC5AED720B57C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNV4_qHeqZwlQphz_nxvemsJKFkqpQW_9GRAlSptMSzLzp1v_RZ-1XzQtocrBE18voYrmm6RiF5znIFmv4FWFPRpWlpJdVuEqrAFGLqFykslnTYKuvVl2Pza6LhRtPXhEPjqmWIVVXDlu6_J9RzQtB-D6XZ7bmYUOc1QLfmGXx7g9gSAyBE
Frame ID: F54621BFB825C55B08B9D774D3A23FAE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 3F7DFCCB8D9EAB10309FAB259B477C95
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 07654524D118D189FF2BB5E3822FC37E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9BC4981FBDAE1349EA10D5E0A0775A77
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
Frame ID: 2FAF6928E6E247140952565122CAE9B1
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 702D38ACBDD71365A599459B731AD7EE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 834B203C5CD99B7E728950A1632C4D83
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Frame ID: 66F09FCC4603D362FAB114508BF5A98B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Goo.gl URL Shortener. Shorten URL Free!

Page URL History Show full URLs

  1. http://goo.by/ HTTP 301
    https://goo.by/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /jquery\.devbridge-autocomplete/([0-9.]+)/jquery\.autocomplete(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

222
Requests

88 %
HTTPS

53 %
IPv6

32
Domains

41
Subdomains

29
IPs

10
Countries

3040 kB
Transfer

7659 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://goo.by/ HTTP 301
    https://goo.by/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10065.mb0i4MRyAuBUCrdfwuHXeqD-UiR71hSIgIMddqtVgpC9bo0_cY85VYDB5cGSUT26.Hj4_4MDz7z6vMpY_QQmhUTmYTCE%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10065.G3ntgh6JujxnMovcnkNildbiNDMRyAeXXKTlb6rDslganqil6N-5SP56Cn0KVPmyrHQdebysN4I1P_aZgkKny11Dydgb2YZrEnEzNb6KRgw%2C.bqyuccxLu5hoYojVj0Icn45H1rk%2C
Request Chain 38
  • https://mc.yandex.by/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=10065.GwA6MYThFxajUoraEUKfZ_0zxa3piL5PmOF8iOYxmk4ksa4KSTnDZfG4U2MB_YWc.VC2OTj5lRByIMdhT0QJ2_Bny_eA%2C HTTP 302
  • https://mc.yandex.by/sync_cookie_image_decide?token=10065.8zAq_7DlI3Pq93wFxq1d7DEboagE6xLqm3cmwatKAq4wW6cXM2PCEjT9pTvPNJ98LCR9DxLZrncX9orvA2xIqcPWm3C8wZleinSif03H560%2C.Qg9-IY6HwC8SKoRECiorOZ0NJkc%2C
Request Chain 46
  • https://mc.yandex.com/watch/45619767?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhctrot7kpr%3Afp%3A319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1471427757468%3Ahid%3A323146047%3Az%3A0%3Ai%3A20230715184211%3Aet%3A1689446531%3Ac%3A1%3Arn%3A487314509%3Arqn%3A1%3Au%3A1689446531459058542%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C19%2C57%2C1%2C161%2C0%2C%2C99%2C19%2C%2C%2C%2C339%3Aco%3A0%3Acpf%3A1%3Ans%3A1689446530508%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689446531%3At%3AGoo.gl%20URL%20Shortener.%20Shorten%20URL%20Free!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/45619767/1?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhctrot7kpr%3Afp%3A319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1471427757468%3Ahid%3A323146047%3Az%3A0%3Ai%3A20230715184211%3Aet%3A1689446531%3Ac%3A1%3Arn%3A487314509%3Arqn%3A1%3Au%3A1689446531459058542%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C19%2C57%2C1%2C161%2C0%2C%2C99%2C19%2C%2C%2C%2C339%3Aco%3A0%3Acpf%3A1%3Ans%3A1689446530508%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689446531%3At%3AGoo.gl%20URL%20Shortener.%20Shorten%20URL%20Free%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Request Chain 47
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10065.wPPn1_Q2K6kRTRKPzuhhZOj02uBNIi8yeADOR5swudmeUgyzh0xmbq_SPXbwHnv-.Ax3cTdLHBbmRwAyksNm48v_29xI%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10065.iLJbSeKz-H5gqxMy-GEv5ket0uEAGnmxrTVpLRQEjGAtIcJtkrr30qY4qHsC9QzLT8V-398rSUZnhtMH4En-SCd3T1MtH3Yh_8jeGQbwZxE%2C._bNjDKLQxk8goL9hbm4cUmEWZiU%2C
Request Chain 48
  • https://mc.yandex.by/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.by&token=10065.yhiPst3aOXm69RxgAo3zjDZjHLHuU8iw4EQQRVW1PilDWpJF-X5eNpe532gKQrK5.jhpxFaukYBbhP8jNXgK4CjJYAJI%2C HTTP 302
  • https://mc.yandex.by/sync_cookie_image_decide_secondary?token=10065.lIJkPwMpT7_tBN-q-yeiD4ysFWWCioxiSKEVpRNjlParOTTgzGT9yo6LwyjgAs80UE6En1ugaHrmMHyxKnpHOvHgAHN26h7IzbFMCvnNPj0%2C.zdXInxcNR4QfYN-gG8W5ckMrvj0%2C
Request Chain 59
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 115
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 145
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&google_cver=1&google_push=AaAOQGHrvKYl3jY4T4hRP1yiU8o4eqBjelp50lRYDL3GKPDvFvrhDnbAMGJEXEBZW5pS5LcrQnnCba-nk6pRd4bnnJK-HU_1kSoymw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&google_cver=1&google_push=AaAOQGHrvKYl3jY4T4hRP1yiU8o4eqBjelp50lRYDL3GKPDvFvrhDnbAMGJEXEBZW5pS5LcrQnnCba-nk6pRd4bnnJK-HU_1kSoymw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S3JDYjEwY3UxUWtLZEY1&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&google_cver=1&google_push=AaAOQGHrvKYl3jY4T4hRP1yiU8o4eqBjelp50lRYDL3GKPDvFvrhDnbAMGJEXEBZW5pS5LcrQnnCba-nk6pRd4bnnJK-HU_1kSoymw
Request Chain 146
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAcqw1UiM3PyucsXy7A6jbo&google_cver=1&google_push=AaAOQGEQQdsqPhppKQg-PYhoSjo89rgYhhKCcW1jeKyzzNJrLCLI_Js2UsFzaQFZGFV2kR4NEa5Dik96JVflY4P1WCb2gJuRw_XHww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEQQdsqPhppKQg-PYhoSjo89rgYhhKCcW1jeKyzzNJrLCLI_Js2UsFzaQFZGFV2kR4NEa5Dik96JVflY4P1WCb2gJuRw_XHww
Request Chain 147
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGH299JXVGm-JSqtqqt1kOY&google_cver=1&google_push=AaAOQGE1EtOHaoAM-VLoYJxwiM2orCCzuYvQh7vHawQeV0CF4p4cqlnoMk9_zglkQ2j7JkoA1CnW-LazLp9fPeuxd6-a7ysY5OO2ug&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE1EtOHaoAM-VLoYJxwiM2orCCzuYvQh7vHawQeV0CF4p4cqlnoMk9_zglkQ2j7JkoA1CnW-LazLp9fPeuxd6-a7ysY5OO2ug%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGH299JXVGm-JSqtqqt1kOY&google_cver=1&google_push=AaAOQGE1EtOHaoAM-VLoYJxwiM2orCCzuYvQh7vHawQeV0CF4p4cqlnoMk9_zglkQ2j7JkoA1CnW-LazLp9fPeuxd6-a7ysY5OO2ug&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE1EtOHaoAM-VLoYJxwiM2orCCzuYvQh7vHawQeV0CF4p4cqlnoMk9_zglkQ2j7JkoA1CnW-LazLp9fPeuxd6-a7ysY5OO2ug%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 148
  • https://um.simpli.fi/gp_match?google_gid=CAESEJlPONWT1DM13FEjHaCzqWs&google_cver=1&google_push=AaAOQGFIjw3nYvHX0fvVh34T-SAkars5URsARGugvgoNW8-AYlII0iZh6eojJN8Jo1G3tsncrc431zVjRu04hGfV1ZwZsbpkOYn9Sg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0D5AFDB49FD46E19C94C78A2F74DCFA&google_push=AaAOQGFIjw3nYvHX0fvVh34T-SAkars5URsARGugvgoNW8-AYlII0iZh6eojJN8Jo1G3tsncrc431zVjRu04hGfV1ZwZsbpkOYn9Sg
Request Chain 150
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDLworaSMxh-VRZE-ffVPak&google_cver=1&google_push=AaAOQGHtzSCjncrWoAG8F_tWiX9xiQLfaFFqDd0D2-bP7kk5cuOn7HQr6sazjAow0A8_vQNlYIicml8YRbYdA8PeqMPWkHKAetlzCw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NjExNzYxNjE3NjkyMDcyNg%3D%3D&google_push=AaAOQGHtzSCjncrWoAG8F_tWiX9xiQLfaFFqDd0D2-bP7kk5cuOn7HQr6sazjAow0A8_vQNlYIicml8YRbYdA8PeqMPWkHKAetlzCw
Request Chain 151
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAcQVGOMj3fpZwkEFoh4qEE&google_cver=1&google_push=AaAOQGHXGl3uAau6Dt45c4cEs2icUnPv8NIYvj4TGNrR9LnGhnivmqWblFPZuHrcPXy3NJ65xZQ-q4zSMUf-G_0JGbapXxTyxywxPA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAcQVGOMj3fpZwkEFoh4qEE&google_cver=1&google_push=AaAOQGHXGl3uAau6Dt45c4cEs2icUnPv8NIYvj4TGNrR9LnGhnivmqWblFPZuHrcPXy3NJ65xZQ-q4zSMUf-G_0JGbapXxTyxywxPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MzEwNTM0MTg3ODIzMjQ5OA&google_push=AaAOQGHXGl3uAau6Dt45c4cEs2icUnPv8NIYvj4TGNrR9LnGhnivmqWblFPZuHrcPXy3NJ65xZQ-q4zSMUf-G_0JGbapXxTyxywxPA
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH9Q-0QJbwjTwAt8XXS3ew4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH9Q-0QJbwjTwAt8XXS3ew4&google_cver=1&C=1
Request Chain 165
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLLoh-iX-.nvTJ5ASAGa1wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH9Q-0QJbwjTwAt8XXS3ew4&google_cver=1&google_hm=2
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKaKxtHCfcKXajSI3LO5h04&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKaKxtHCfcKXajSI3LO5h04%26google_cver%3D1
Request Chain 167
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1NTkyMzUwNTI3Mzg2OTAwNw%3D%3D
Request Chain 180
  • https://um.simpli.fi/gp_match?google_gid=CAESEJlPONWT1DM13FEjHaCzqWs&google_cver=1&google_push=AaAOQGEL4GCtLXbRYoZDoKyzlcGon5FRRhhR1ahLspZ98vff3Ahdchu4J87fLnckGbka_Iy4UH7gcKq4kHCym8ERqy5-KfMrVOS9SBI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0D5AFDB49FD46E19C94C78A2F74DCFA&google_push=AaAOQGEL4GCtLXbRYoZDoKyzlcGon5FRRhhR1ahLspZ98vff3Ahdchu4J87fLnckGbka_Iy4UH7gcKq4kHCym8ERqy5-KfMrVOS9SBI
Request Chain 182
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMq9310oxafi-lkgaSmh5aE&google_cver=1&google_push=AaAOQGEIqp0B5jOw_2u45KXvOs2hIEnpr7ccjF5wck2bd5Sb0uIVceILQifHqfODH4yy8mI31nR5JFJ_TfRuLvbP2zZoyUehNGF2pu4 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AaAOQGEIqp0B5jOw_2u45KXvOs2hIEnpr7ccjF5wck2bd5Sb0uIVceILQifHqfODH4yy8mI31nR5JFJ_TfRuLvbP2zZoyUehNGF2pu4&google_hm=hmSy6Ie5XI9rwCD-iQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64B2E887B95C8F6BC020FE89BLIS
Request Chain 183
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH-FRMwJtJwgPKLF2e_oiVg&google_cver=1&google_push=AaAOQGGBv5EZLWrG0NpLlx_t6k8zUvw01zostHjnpv0-fkToawy2oOarfcifr6qckFYp3VH9q5RlZFhEDt5vnqHOHjZJDnpXMBEx8VM HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEH-FRMwJtJwgPKLF2e_oiVg&google_cver=1&google_push=AaAOQGGBv5EZLWrG0NpLlx_t6k8zUvw01zostHjnpv0-fkToawy2oOarfcifr6qckFYp3VH9q5RlZFhEDt5vnqHOHjZJDnpXMBEx8VM HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322327417874577&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGBv5EZLWrG0NpLlx_t6k8zUvw01zostHjnpv0-fkToawy2oOarfcifr6qckFYp3VH9q5RlZFhEDt5vnqHOHjZJDnpXMBEx8VM&google_hm=5mfJBJcNSZWubBr_TF4XDg==
Request Chain 184
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELWaEDYmJEyMpTKxGwh7x34&google_cver=1&google_push=AaAOQGEDkwMf72DufIeAHiKlMn9GoOfhrFWiYcg6PxdlTD3-djn5Od-kGxfHIU_RfA2dVbqse7mAE0KjeU-fgIr3U_fjpmD0N6TXe3E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEDkwMf72DufIeAHiKlMn9GoOfhrFWiYcg6PxdlTD3-djn5Od-kGxfHIU_RfA2dVbqse7mAE0KjeU-fgIr3U_fjpmD0N6TXe3E&google_hm=eS1sNzZpX0RGRTJwSENQZGtLc3ZDeDQ3SGlpX3lUYmduOH5B
Request Chain 193
  • https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-8917830189100721&ias_chanId=1&ias_placementId=19422215943&bidurl=https://goo.by/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gjd2wsuHcmV9bzP3hS33H2&adContainerId=brand_safety_h-iyZL-3KvCt9u8P-sOdiAk&cbFunctionName=goog_wrapCb_h-iyZL-3KvCt9u8P-sOdiAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fgoo.by&adsafe_type=g&adsafe_url=https%3A%2F%2Fgoo.by%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8917830189100721%26output%3Dhtml%26h%3D600%26adk%3D3715219313%26adf%3D4246272525%26pi%3Dt.aa~a.1063380833~rp.2%26w%3D288%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1689446533%26rafmt%3D1%26to%3Dqs%26pwprc%3D8236848451%26format%3D288x600%26url%3Dhttps%253A%252F%252Fgoo.by%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1689446533945%26bpp%3D1%26bdt%3D3196%26idt%3D-M%26shv%3Dr20230711%26mjsv%3Dm202307110102%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dfe2b70647ff2b390-221907c7bce200b9%253AT%253D1689446531%253ART%253D1689446531%253AS%253DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw%26gpic%3DUID%253D00000cc2b658b887%253AT%253D1689446531%253ART%253D1689446531%253AS%253DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg%26prev_fmts%3D0x0%252C1140x280%252C1140x280%26nras%3D4%26correlator%3D21627994917%26frm%3D20%26pv%3D1%26ga_vid%3D1965465884.1689446531%26ga_sid%3D1689446531%26ga_hid%3D684428966%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D578%26ady%3D2316%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C44788442%252C44796827%26oid%3D2%26psts%3DABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg%26pvsid%3D2524045809004870%26tmod%3D1124752156%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3DNXkBaOjKh3%26p%3Dhttps%253A%2F%2Fgoo.by%26dtd%3D17&adsafe_type=bed&adsafe_jsinfo=,id:3d0df05a-b2ee-8068-85b9-4a00b301f1aa,c:isL1C0,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-559f95d5b4-dxc56,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:5,mot:0,app:0,maw:0,fm:tK6BuAX+111%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C171*.990511-61634098%7C1711%7C1712%7C17131%7C1714%7C18%7C1911%7C1a1%7C1b11%7C1b12%7C1c1%7C1d,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:30,oid:51dfd810-233f-11ee-86cd-82ea9790f1c1,v:19.8.428,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_h-iyZL-3KvCt9u8P-sOdiAk&cbFunctionName=goog_wrapCb_h-iyZL-3KvCt9u8P-sOdiAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Request Chain 218
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEILebdSuAEYw9TSxD-L1dHM&google_cver=1&google_push=AaAOQGFLHCbi1F-9-fP5RhEWCn6JC3DRiiGPxmT8DOVIMOuXTfcFhb_U2xkQeY9qWCPTMa5SCaFNgYX7SPIX8GedqgDXyQaf0Q5NuT0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjUxNjEyMjI4OTQ3ODM5ODczMQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEILebdSuAEYw9TSxD-L1dHM&google_cver=1
Request Chain 220
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&google_cver=1&google_push=AaAOQGHM6dDXix_nraqynTmLkT-S0mnkOIkRMHXCpDWCHCSvbGbbAwgf7R1CN2iFvvEqp-sQfmkFiM1t8YqIVFSAz5yPCalpgYL03w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S3JDYjEwY3UxUWtLZEY1&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&google_cver=1&google_push=AaAOQGHM6dDXix_nraqynTmLkT-S0mnkOIkRMHXCpDWCHCSvbGbbAwgf7R1CN2iFvvEqp-sQfmkFiM1t8YqIVFSAz5yPCalpgYL03w
Request Chain 221
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH-FRMwJtJwgPKLF2e_oiVg&google_cver=1&google_push=AaAOQGFMRmEtcsFjyXybN74Uk8KTs38_jOnYQoXf0iOJoC5QDgQ12lJqj0q0IJT3lkieXwkTMxIAYMtq-DiBxDGQ6vyCm49FfQ-Pyw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFMRmEtcsFjyXybN74Uk8KTs38_jOnYQoXf0iOJoC5QDgQ12lJqj0q0IJT3lkieXwkTMxIAYMtq-DiBxDGQ6vyCm49FfQ-Pyw&google_hm=5mfJBJcNSZWubBr_TF4XDg==
Request Chain 222
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELWaEDYmJEyMpTKxGwh7x34&google_cver=1&google_push=AaAOQGGAiVG8MhuTezECxqExaa8M6_j9lemX4Y4VLKiJAReXAL6EXNJrpCr3noK7QaEIVu7PcrAv85g8ga93ZNias557gxz7t_9OVjo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGGAiVG8MhuTezECxqExaa8M6_j9lemX4Y4VLKiJAReXAL6EXNJrpCr3noK7QaEIVu7PcrAv85g8ga93ZNias557gxz7t_9OVjo&google_hm=eS1sNzZpX0RGRTJwSENQZGtLc3ZDeDQ3SGlpX3lUYmduOH5B
Request Chain 223
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOzw3uPZd4Fid42OVc0h3vw&google_cver=1&google_push=AaAOQGHqrJc59Cpwg9ufDcKkLP0EW-9tIylgUSAGM2fDWLNcTXcfMCuUgGkDtdWjpnJQPGElOt4LWhP4RTAxHnAhufi5Sag8cjAfBv8 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOzw3uPZd4Fid42OVc0h3vw&google_cver=1&google_push=AaAOQGHqrJc59Cpwg9ufDcKkLP0EW-9tIylgUSAGM2fDWLNcTXcfMCuUgGkDtdWjpnJQPGElOt4LWhP4RTAxHnAhufi5Sag8cjAfBv8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHqrJc59Cpwg9ufDcKkLP0EW-9tIylgUSAGM2fDWLNcTXcfMCuUgGkDtdWjpnJQPGElOt4LWhP4RTAxHnAhufi5Sag8cjAfBv8
Request Chain 224
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEN9A4TtpbUNuTKRGoQJLHaQ&google_cver=1&google_push=AaAOQGG35mU180yV92m30QpMxQSLRdGrSVijJOF9BSZ9YQcVm8iQWu6uRErhQQRQhRIwK07WO4CUrHXZ0ScO3LrB7M0zEYP8gGUeAF14 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGG35mU180yV92m30QpMxQSLRdGrSVijJOF9BSZ9YQcVm8iQWu6uRErhQQRQhRIwK07WO4CUrHXZ0ScO3LrB7M0zEYP8gGUeAF14 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

222 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
goo.by/
Redirect Chain
  • http://goo.by/
  • https://goo.by/
25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f27a0a9f152cb4f848809bc66b44a4869691f1011ca0083103791f884fd92ace

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7e7424d0dfc99b3a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 15 Jul 2023 18:42:10 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLA2wonMfl1VjdHZ9kpPiFcwz9%2Bt5E3A024zFzkZbchWl9EkYMkMZCKctzkSA%2BilN3OvWhSdwrf07PIjBwGrHM8Jq%2F7gma6%2F5utSbE7pMgUX8SL4Dhgsa7oYNkD%2BcBfeZWmQvpo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
7e7424d05c739966-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 15 Jul 2023 18:42:10 GMT
Expires
Sat, 15 Jul 2023 19:42:10 GMT
Location
https://goo.by/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEQa9tFe60uH2l2eg1pW2f%2FdpikoOcU7xaU4r7r56RlD7x5a6dC196KgxWkThb63N4GkLekSwZkCUCVZu7ChvMF9DrlyYXudB6Q8rKG2PFySeiqMGg910s1stWJZQzx1QaId7Ds%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
goo.by/static/css/ 		89 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://goo.by/static/css/bootstrap.min.css
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1912ec9329c898b56073a8120eb94e72e0bb858b390443cbc65d18a494572215

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Apr 2022 05:41:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
21720549
etag
W/"626b7a86-1631a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FRp1VoxLO5ayeVcB%2FP4ueUmrzlGwld5%2FXJmq0dSmWmfEvxTbfYm7fJLO4FW150XaJSXkTyqxpzh4Apdg%2FM3dnpMDN2qsm0wjqBUmOjunhZx0Oah04T9FHoXp1XIBolMmGcL4Oo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7e7424d138219b3a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
goo.by/themes/spartan/ 		69 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://goo.by/themes/spartan/style.css
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44313430f757e3a44c796394ad431ad413d363d4467dfbc6cf1867e560969c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21699648
cf-polished
origSize=84847
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 05:41:48 GMT
server
cloudflare
etag
W/"626b7a9c-14b6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFw549AGcemo5UZCzHEq8oBYXmhMuGBYqZR2NaxACiTuzDYF%2FNdKjTKevLFUJQ%2FsT4IYeU4%2BrUoblAWot%2FnhKJnS4pGdb7S%2B%2BqYAqN8c%2Ba8ShdSN4DrZ2ISCvQbFvNpEfkRjZog%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7e7424d138229b3a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
components.min.css
goo.by/static/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://goo.by/static/css/components.min.css
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
195ffe64f7501043f3700fdf9fbf2012d0b66fa26dcad328db4d5e8430fb520b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Apr 2022 05:41:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
21699648
etag
W/"626b7a87-4b61"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6NWNZGLqsUKg%2Bb5j0alCu5Qvz9Ms6KK%2BX1OCjcpVNFjLkHTmEBBJDsoj41YyigUFUBqKsxm%2BSfpQ0Lzi0L3%2BBHCGRKwyWVKqcimhLoS1uD%2BEMv%2BecqkzDcW2Z9cHOv3Z7QsYaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7e7424d138239b3a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-all.min.css
goo.by/static/css/ 		56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://goo.by/static/css/fa-all.min.css
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Apr 2022 05:41:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
21699648
etag
W/"626b7a86-df5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3WrWQ2L4jIQrbCaxGwG3YfmIkpH94zzk4G2e4X39lEH947CR3he9hHr%2FNDhkLTWNMjgBqdahAkqJUNa6sqASk%2BervVv2YkUuaq4nmxFUuviL%2BHEwFCn3cCxeb7uTYBL%2BaQTP60%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7e7424d138249b3a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
goo.by/static/js/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://goo.by/static/js/jquery.min.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Apr 2022 05:41:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
21699648
etag
W/"626b7a93-14696"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AizJiV2ueod7%2B%2FmXphS56wlhBz2kfdvtLSM%2F080UoHQ78Lkgb5HtjNIuLP%2BaqUHCk4plAHeqTHT5%2BN1tnH4lk%2B0kYXBuMBkB5T1P3SVSPb%2F1bRn1Ol0HXlX5AMFhAPaHfJXK6x4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7e7424d138269b3a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.js
goo.by/static/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://goo.by/static/bootstrap.min.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c785dee6ed2b248070e51f80868e1b938665681c17188c4e579c9c509ae05d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Apr 2022 05:39:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
21699648
etag
W/"626b7a28-d5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fbVfZl2nN5wrEG0%2BptTheOeLBZFSl9wdP1rlfMZTdpuaCU0TNVNy9WznF1l6pTnNWPKwtfJruneMH8J89TGkkeoVZZBZDQ0Q94Buh8L7eUWheHOVcf16c%2BVYIvaik9Lw9qYEiA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7e7424d138279b3a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
application.fn.js
goo.by/static/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://goo.by/static/application.fn.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
877de2ffab95719d6ff1f1048fa912e70ee31879a2a31f868eb5b1770252d8fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21331141
cf-polished
origSize=4361
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 05:39:52 GMT
server
cloudflare
etag
W/"626b7a28-1109"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2Fk9eqoyQFjArLtoOf5furtU%2BcpxfSqKvCyCI1Xi%2B%2F8mGuzcHuApdAOJMBn%2FUYXvLwi05ZyxCvufGiNXvy6dUPmkhW4AhEfI6QPVFcishiY4GAJjui1xrNqKjOjoJWGN2V5GxjM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7e7424d138289b3a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
datepicker.min.js
cdnjs.cloudflare.com/ajax/libs/datepicker/0.6.4/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/datepicker/0.6.4/datepicker.min.js?v=0.6.4
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43df0eac8cd04fe4184d857d79cb2b72f9c636dfbc7d3bc6555ce0aacf2f2c47
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13036629
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5100
last-modified
Mon, 04 May 2020 16:09:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e33-4449"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1z3ReOlyvTZ6n%2FOrKr0cTjCKpWAUjFpvt7nfe9A90gjAj%2BSgddEhnnQmMikMoYVv8l9ZqOGYKT%2F81ImZ3AVUFxvEwzol4fQUvL1bgGx5uqgyhIMb4MB8Qrb%2Bo3HFyNDRTgAwDyXtS30XHzsaHspCxKDS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e7424d15c59bb4d-FRA
expires
Thu, 04 Jul 2024 18:42:10 GMT
datepicker.min.css
cdnjs.cloudflare.com/ajax/libs/datepicker/0.6.4/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/datepicker/0.6.4/datepicker.min.css?v=0.6.4
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68decb9b04351770373306a7d4eef2a677b9f2541d790a42fc6f72e8cdcc7bd0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6484004
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
720
last-modified
Mon, 04 May 2020 16:09:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e33-d76"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVDzYbXEufLF7rabvVJxMWDzvq3eU3fdo2r3G%2FX4m7k928lMqECmthSr4tqhxrmCml2Oe7M4KWsEJEgcEA9%2B5oBriGT5fNmyMQMNFwapp1%2B7LwBxaXt%2Ftv%2BV5UdOz4WxHIk2ncoYew4lfM2fBmFdsmnI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e7424d15c57bb4d-FRA
expires
Thu, 04 Jul 2024 18:42:10 GMT
chosen.jquery.min.js
cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5671610
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5483
last-modified
Mon, 04 May 2020 16:09:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e23-6956"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jg1RlydzN3yyk3bO24YdmYkLMmY%2F61tA4cFSkxNylDvyRDzYgxZPKEd%2BcNE1%2BgDSZ%2FVATrCBeU2AW%2BtQfXdgbI3n3UDOtymlzcM%2F9vwLqpDOsjtQ9gvhXA%2F%2BjWqMYbYerGKkXKrV5LZ340iJe1y2oKX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e7424d16c5cbb4d-FRA
expires
Thu, 04 Jul 2024 18:42:10 GMT
icheck.min.js
cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1981725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1911
last-modified
Mon, 04 May 2020 16:11:10 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9e-11a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15M8WjMbXjfQF6Rf%2FCVSjHqiVTrMfQ504rnJPjN6HGF9UKU5rxN19PRC4dmn6IPolEs7v9Lz%2FEC68TfcVj93cvTN6xQqy1FviUZnjTlC80sJOqdRdiGPpjPO7bFUo%2F2LO7pavLFNFboItl8tGzy8xu8M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e7424d16c5dbb4d-FRA
expires
Thu, 04 Jul 2024 18:42:10 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/clipboard.min.js?v=1.5.15
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2732297
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2906
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-2824"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwDAr%2BgR1XfIGFarZmfY9t4552r5u2yLpw6Vz60S9UHSOM3uJGRp%2FEXjfjjxYKBSJlFsZJx3sWhTbTPn1U0eXp7Xlc0SFJ4fDuE8PC4Xzjd7p4kBoAO%2FJUAJtb0NJ92dgTLwt8MMxaRm%2Fake3VNxtHmo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e7424d16c5ebb4d-FRA
expires
Thu, 04 Jul 2024 18:42:10 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3380470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5676
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-4d5a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2cOICvlDfUZK%2F%2FgBg1nnxxgN25Pb42JdP4uiLUyjIaozYMIIco7uJKB1VjpADpxG%2B5d3O5jmYeiHbs85juyIp4%2BBiiDBpYTpSZaZZQ79suj5rFC%2FDMGsqiT6ZUPwjOI1Q9CN3LshLkH9WyTVxn18x6A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e7424d16c63bb4d-FRA
expires
Thu, 04 Jul 2024 18:42:10 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
62568
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
948
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-f62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxwPwYmbV9fNh63Rb20%2FMtRP2PMpeAMg9Mn4HfqKZqp9H3OhsDJMXvpHF%2Fs14JHgV5g4ehBhe8YXBjZ4Bu5SewgziXXAOIeJFKcWz70gAWRS4EJZLWnPaFiSQ5N5fXr3C0%2FYoPKmxsGE%2B4TFxfq3ToIU"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e7424d15c58bb4d-FRA
expires
Thu, 04 Jul 2024 18:42:10 GMT
jquery.autocomplete.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/jquery.autocomplete.min.js?v=1.1.5
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
682628
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3860
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-331b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mz%2FOZX14oSBtGOejKRUuA0hwXKssUbYQeYDXXMzxZCcVLj3C%2BqAf0UgY6pucHn%2BzmHLwEq13UGl0VCgHsWkyY953q%2F%2F2ViZekbfMink6gNrjAWqqJJ%2BUrIKzrzJOIFyb2k6fQ3B1LP4gvLOTCBavninm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e7424d16c5fbb4d-FRA
expires
Thu, 04 Jul 2024 18:42:10 GMT
pace.js
cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/ 		25 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4417157
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5158
last-modified
Mon, 04 May 2020 16:13:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f40-621b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZegZ2uf4Gxz6MzdRxobXkk16ty0yBV8Z%2FXehwzhIP1TAeA1sflU%2BI7bZaiwx3mENJUxRMPsswdrYjLPZYhNB8%2FRbBsnpdS%2BNDqFHs4RUbfN4hUrlw7B%2FhNrO3f0cMVgDYbZSS0C9%2BhyUE4nGKKsdazh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e7424d16c60bb4d-FRA
expires
Thu, 04 Jul 2024 18:42:10 GMT
application.js
goo.by/static/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://goo.by/static/application.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171ca22825d9d3284a7e20e85120854bc2bf6fb15b821ce6bed382f14ff51c29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21699648
cf-polished
origSize=19442
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 05:39:51 GMT
server
cloudflare
etag
W/"626b7a27-4bf2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1LU1dsN%2F04Jk2%2BMBV5K%2F809KZlM%2Bp7mcFrNQhmrxkQjV3CgjYUK%2FgO6pirlm%2BeUO6WpCYQMAHIfUM6N%2FGzEenHQ0qtkY4fVm3%2BjXbpBK%2FAChfBxMOdRDO5fd%2FNDCwA88LWlsTU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7e7424d138299b3a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
server.js
goo.by/static/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://goo.by/static/server.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c3e55eaa9ecaa4ca4a2ebffc199b1d3b5c4c568e832a107811ca61db66bcbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21699648
cf-polished
origSize=12112
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 05:39:52 GMT
server
cloudflare
etag
W/"626b7a28-2f50"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8Qco7DN%2B9%2FU0tHS5ayiIuytOSBNF0fIRlUzoGAZoCix5BlsA5eBFlkX%2F4kz6I4YrKUMe%2FRHULBkvWHqJWBjN%2BnAWBOeBfwuGZcnESIpnqIOXkmCNsi90FFtGpKvKHU92rSLQ%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7e7424d1382b9b3a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8cb35e6295b2fb5380e957dd0f63ee72fb005270c536e34be4007e1785590f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50879
x-xss-protection
0
server
cafe
etag
5511715417967888541
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 15 Jul 2023 18:42:10 GMT
auto_site_logo.png
goo.by/content/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goo.by/content/auto_site_logo.png
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6461e3d621bb44222b85c04e787c3a1bc2c296316d77bc175e682c177557fa76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12961198
alt-svc
h3=":443"; ma=86400
content-length
3400
last-modified
Sun, 08 May 2022 12:53:50 GMT
server
cloudflare
etag
"6277bd5e-d48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEDUmGtxiS%2FPRh7a8HEaGszKN5sgzE3hjFzqDYC7%2FbVBqZr5lDsRAiThY274x7tkaZGFAUtG8p%2FeF1c9%2F%2F01i%2FydHBc8h5p04iJTXIM17wYkjrMFj0T2opGVV4ovMFHL1OSAkzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7e7424d19e5919af-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
api.js
www.google.com/recaptcha/ 		884 B
906 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en&render=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8e7cf4443c1edd4cdb6f1fba38d5e0951c45f41e584f5827420cc8e4f144c209
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
586
x-xss-protection
1; mode=block
expires
Sat, 15 Jul 2023 18:42:10 GMT
landing.png
goo.by/themes/cleanex/assets/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goo.by/themes/cleanex/assets/images/landing.png
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e337c98d5ed7ed7e852c87ee65bf108bd1cf6377d585c9f7b595a9e54ad41fa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14208293
alt-svc
h3=":443"; ma=86400
content-length
17186
last-modified
Fri, 29 Apr 2022 05:44:07 GMT
server
cloudflare
etag
"626b7b27-4322"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRYnz8BaJ8pHN0eY7OS1ASzDCrMFhJ7%2F5pvX0OSRqFKGvPIL%2BiTSiHgjpn4Hxx3Sj%2BpNHkmZIlz0%2FIdgXrUxVJjNM3sGaGo1dsvkjfVVVjP8LlTxocSUxVC21%2BFq7xRDx09Pong%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7e7424d19e5d19af-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
profiles.png
goo.by/static/img/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goo.by/static/img/profiles.png
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d69ba2a3cb603ff3aba5f081ad98b683d0b0788524d62f5b4df4f240658b4c90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14208293
alt-svc
h3=":443"; ma=86400
content-length
63985
last-modified
Fri, 29 Apr 2022 05:41:34 GMT
server
cloudflare
etag
"626b7a8e-f9f1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xd59huA1AV%2B%2BKRdmru%2Fpq%2Bf36qGVosqr6n%2FFy0iAOVZsBUt4SRubNxihGTnzvRhCkPaSbIYR2iWxXRbJCIFEusHLlucmBEaO9w1L%2FsRhhpfNaBgo69ogSs3%2B0HS8EaNP9gtoOBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7e7424d19e5f19af-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
goo.by/themes/spartan/assets/js/ 		794 B
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://goo.by/themes/spartan/assets/js/main.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08ec63812b5c543fbc24b98cf05328d849347f0dc0b2cbdf9bc463435b5ad1f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14208293
cf-polished
origSize=869
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 05:44:04 GMT
server
cloudflare
etag
W/"626b7b24-365"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpuI42gdCfQGaSzQEayESIYpHvn%2F1HXl3aJwY6Wly8cWoKGgPpw2FahuDv0%2BHQzncpVDJVS%2BY6WSaUI%2BwoUmtT8MJDDN3aeMEV7eZxUGvpj40IX5PKfeL7mzu%2BTLggZe2CVUOtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7e7424d18e4419af-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
server.js
goo.by/static/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://goo.by/static/server.js?v=1.0
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c3e55eaa9ecaa4ca4a2ebffc199b1d3b5c4c568e832a107811ca61db66bcbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
320565
cf-polished
origSize=12112
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 05:39:52 GMT
server
cloudflare
etag
W/"626b7a28-2f50"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90vTZxH5MsZ%2FqrlvUPMR2RaP6ru9zG2lIFf%2FF2m4QMnCL1YuSAL3PwRaHLsvnNuxhufLkMHuCPP%2BF0u76GLDBtPr9JsirmkC08LLXBPd6%2F%2BzxWt7%2BtlFXV1lknkhcaGEWR3Xsp0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7e7424d19e5619af-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
glyphicons-halflings-regular.woff
goo.by/static/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://goo.by/static/fonts/glyphicons-halflings-regular.woff
Requested by
Host: goo.by
URL: https://goo.by/static/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

Referer
https://goo.by/static/css/bootstrap.min.css
Origin
https://goo.by
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14208292
alt-svc
h3=":443"; ma=86400
content-length
23320
last-modified
Fri, 29 Apr 2022 05:41:25 GMT
server
cloudflare
etag
"626b7a85-5b18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUOQ1MyfF9fEHN1AvUyojt%2FHinGy74RIws5XTWHFAu50HloyqrpPsPqffQ%2BJh2Evf0xQUj0O6X8gNqVJdIRpr6OThYmnNINvrT1BmVn%2BQbjI%2Bo5R%2F%2BMwxKoXjiqJnpRn98K6kWw%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7e7424d19e6a19af-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ 		428 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33fff5e71230b233c586df2513ccfc7fb79983af64a59022d1359e262b8c689a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://goo.by/
Origin
https://goo.by
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 17:03:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176042
x-xss-protection
0
last-modified
Sun, 09 Jul 2023 08:00:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 Jul 2024 17:03:11 GMT
watch.js
mc.yandex.ru/metrika/ 		166 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ac9c288761ebc7cfd5f241861b1e14d8f57ff6e9c5fbfb297202989f2625d950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 12 Jul 2023 11:40:09 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64ae66e9-e882"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
59522
expires
Sat, 15 Jul 2023 19:42:10 GMT
anchor
www.google.com/recaptcha/api2/ Frame D70B 		50 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=v6p3xadwudc9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ffed7a2c4fa2dd61fb875c8b95a443b330911678d410487fb426c0599d103a66
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XeIFIxVP8l24y22327xXTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
28032
content-security-policy
script-src 'report-sample' 'nonce-XeIFIxVP8l24y22327xXTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:42:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a64f9f125cbb4d62162fe77c142dd51264563a33c9dd9e8da61a784641fc7f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125350
x-xss-protection
0
server
cafe
etag
10410249566795324481
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 15 Jul 2023 18:42:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/ Frame 7B4D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://goo.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23591
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 12:09:00 GMT
etag
12368291122986407432
expires
Sat, 29 Jul 2023 12:09:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame D70B 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=v6p3xadwudc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 17:03:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 09 Jul 2023 08:00:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 Jul 2024 17:03:11 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame D70B 		428 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=v6p3xadwudc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33fff5e71230b233c586df2513ccfc7fb79983af64a59022d1359e262b8c689a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 17:03:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176042
x-xss-protection
0
last-modified
Sun, 09 Jul 2023 08:00:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 Jul 2024 17:03:11 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D70B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 15:17:24 GMT
x-content-type-options
nosniff
age
98687
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 21 Jul 2023 15:17:24 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D70B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=v6p3xadwudc9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 00:06:15 GMT
x-content-type-options
nosniff
age
326156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jul 2024 00:06:15 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D70B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=v6p3xadwudc9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:47:45 GMT
x-content-type-options
nosniff
age
3266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 17:47:45 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame D70B 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=v6p3xadwudc9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5821f4e403aaeb62da748cb2a7063009beee58bc4015e83da29a72de886d1382
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=v6p3xadwudc9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 15 Jul 2023 18:42:11 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10065.mb0i4MRyAuBUCrdfwuHXeqD-UiR71hSIgIMddqtVgpC9bo0_cY85VYDB5cGSUT26.Hj4_4MDz7z6vMpY_QQmhUTmYTCE%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10065.G3ntgh6JujxnMovcnkNildbiNDMRyAeXXKTlb6rDslganqil6N-5SP56Cn0KVPmyrHQdebysN4I1P_aZgkKny11Dydgb2YZrEnEzNb6KRgw%2C.bqyuccxLu5hoYojVj0Icn45H1rk%2C
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10065.G3ntgh6JujxnMovcnkNildbiNDMRyAeXXKTlb6rDslganqil6N-5SP56Cn0KVPmyrHQdebysN4I1P_aZgkKny11Dydgb2YZrEnEzNb6KRgw%2C.bqyuccxLu5hoYojVj0Icn45H1rk%2C
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:11 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10065.G3ntgh6JujxnMovcnkNildbiNDMRyAeXXKTlb6rDslganqil6N-5SP56Cn0KVPmyrHQdebysN4I1P_aZgkKny11Dydgb2YZrEnEzNb6KRgw%2C.bqyuccxLu5hoYojVj0Icn45H1rk%2C
date
Sat, 15 Jul 2023 18:42:11 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_decide
mc.yandex.by/
Redirect Chain
  • https://mc.yandex.by/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=10065.GwA6MYThFxajUoraEUKfZ_0zxa3piL5PmOF8iOYxmk4ksa4KSTnDZfG4U2MB_YWc.VC2OTj5lRByIMdhT0QJ2_Bny_eA%2C
  • https://mc.yandex.by/sync_cookie_image_decide?token=10065.8zAq_7DlI3Pq93wFxq1d7DEboagE6xLqm3cmwatKAq4wW6cXM2PCEjT9pTvPNJ98LCR9DxLZrncX9orvA2xIqcPWm3C8wZleinSif03H560%2C.Qg9-IY6HwC8SKoRECiorOZ0NJkc%2C
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.by/sync_cookie_image_decide?token=10065.8zAq_7DlI3Pq93wFxq1d7DEboagE6xLqm3cmwatKAq4wW6cXM2PCEjT9pTvPNJ98LCR9DxLZrncX9orvA2xIqcPWm3C8wZleinSif03H560%2C.Qg9-IY6HwC8SKoRECiorOZ0NJkc%2C
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:11 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.by/sync_cookie_image_decide?token=10065.8zAq_7DlI3Pq93wFxq1d7DEboagE6xLqm3cmwatKAq4wW6cXM2PCEjT9pTvPNJ98LCR9DxLZrncX9orvA2xIqcPWm3C8wZleinSif03H560%2C.Qg9-IY6HwC8SKoRECiorOZ0NJkc%2C
date
Sat, 15 Jul 2023 18:42:11 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:11 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 12 Jul 2023 11:40:09 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64ae66e9-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 15 Jul 2023 19:42:11 GMT
cookie.js
partner.googleadservices.com/gampad/ 		379 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=goo.by&callback=_gfp_s_&client=ca-pub-8917830189100721
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcef99774a5a5293efaa18178d619d904232083dc8faaa9bcb5436e845f7043a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=goo.by
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=cc-window%20cc-floating%20cc-type-info%20cc-theme-classic%20cc-bottom%20cc-right%20cc-color-override-1971232268%20&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 604E 		611 KB
136 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&adk=293675617&adf=814277786&lmt=1689446531&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgoo.by%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530989&bpp=7&bdt=240&idt=262&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=21627994917&frm=20&pv=2&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=281
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce39ed1aa89634077f4128d101729d2bd5b820d3f807538c10f35c7da41708b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://goo.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
138735
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:42:13 GMT
expires
Sat, 15 Jul 2023 18:42:13 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 262D 		109 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0cfff2204e53adccd5795e056e75218f5309b0ef684e34451f14c1fd6594bda6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://goo.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
38179
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:42:12 GMT
expires
Sat, 15 Jul 2023 18:42:12 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reload
www.google.com/recaptcha/api2/ Frame D70B 		33 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
97f4cb1cd8fad2e1abc701f6574be3e331c429c0ed982bff9413e1547878912c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&cb=v6p3xadwudc9
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 15 Jul 2023 18:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18952
x-xss-protection
1; mode=block
expires
Sat, 15 Jul 2023 18:42:11 GMT
1
mc.yandex.com/watch/45619767/
Redirect Chain
  • https://mc.yandex.com/watch/45619767?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhctrot7kpr%3Afp%3A319%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
  • https://mc.yandex.com/watch/45619767/1?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhctrot7kpr%3Afp%3A319%3Afu%3A0%3Aen%3Autf-8%3Ala...
435 B
578 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/45619767/1?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhctrot7kpr%3Afp%3A319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1471427757468%3Ahid%3A323146047%3Az%3A0%3Ai%3A20230715184211%3Aet%3A1689446531%3Ac%3A1%3Arn%3A487314509%3Arqn%3A1%3Au%3A1689446531459058542%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C19%2C57%2C1%2C161%2C0%2C%2C99%2C19%2C%2C%2C%2C339%3Aco%3A0%3Acpf%3A1%3Ans%3A1689446530508%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689446531%3At%3AGoo.gl%20URL%20Shortener.%20Shorten%20URL%20Free%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
2bedcc84c0a3c97983f3e0d59d9f56a64765d6db95927abb689067f2fbe49a99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 15-Jul-2023 18:42:11 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://goo.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Sat, 15-Jul-2023 18:42:11 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:11 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 15-Jul-2023 18:42:11 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/45619767/1?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhctrot7kpr%3Afp%3A319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1471427757468%3Ahid%3A323146047%3Az%3A0%3Ai%3A20230715184211%3Aet%3A1689446531%3Ac%3A1%3Arn%3A487314509%3Arqn%3A1%3Au%3A1689446531459058542%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C19%2C57%2C1%2C161%2C0%2C%2C99%2C19%2C%2C%2C%2C339%3Aco%3A0%3Acpf%3A1%3Ans%3A1689446530508%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689446531%3At%3AGoo.gl%20URL%20Shortener.%20Shorten%20URL%20Free%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://goo.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 15-Jul-2023 18:42:11 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10065.wPPn1_Q2K6kRTRKPzuhhZOj02uBNIi8yeADOR5swudmeUgyzh0xmbq_SPXbwHnv-.Ax3cTdLHBbmRwAyksNm48v_29xI%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10065.iLJbSeKz-H5gqxMy-GEv5ket0uEAGnmxrTVpLRQEjGAtIcJtkrr30qY4qHsC9QzLT8V-398rSUZnhtMH4En-SCd3T1MtH3Yh_8jeGQbwZxE%2C._bNjDKLQxk8goL9hb...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10065.iLJbSeKz-H5gqxMy-GEv5ket0uEAGnmxrTVpLRQEjGAtIcJtkrr30qY4qHsC9QzLT8V-398rSUZnhtMH4En-SCd3T1MtH3Yh_8jeGQbwZxE%2C._bNjDKLQxk8goL9hbm4cUmEWZiU%2C
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:11 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10065.iLJbSeKz-H5gqxMy-GEv5ket0uEAGnmxrTVpLRQEjGAtIcJtkrr30qY4qHsC9QzLT8V-398rSUZnhtMH4En-SCd3T1MtH3Yh_8jeGQbwZxE%2C._bNjDKLQxk8goL9hbm4cUmEWZiU%2C
date
Sat, 15 Jul 2023 18:42:11 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_decide_secondary
mc.yandex.by/
Redirect Chain
  • https://mc.yandex.by/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.by&token=10065.yhiPst3aOXm69RxgAo3zjDZjHLHuU8iw4EQQRVW1PilDWpJF-X5eNpe532gKQrK5.jhpxFaukYBbhP8jNXgK4CjJYAJI%2C
  • https://mc.yandex.by/sync_cookie_image_decide_secondary?token=10065.lIJkPwMpT7_tBN-q-yeiD4ysFWWCioxiSKEVpRNjlParOTTgzGT9yo6LwyjgAs80UE6En1ugaHrmMHyxKnpHOvHgAHN26h7IzbFMCvnNPj0%2C.zdXInxcNR4QfYN-gG8...
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.by/sync_cookie_image_decide_secondary?token=10065.lIJkPwMpT7_tBN-q-yeiD4ysFWWCioxiSKEVpRNjlParOTTgzGT9yo6LwyjgAs80UE6En1ugaHrmMHyxKnpHOvHgAHN26h7IzbFMCvnNPj0%2C.zdXInxcNR4QfYN-gG8W5ckMrvj0%2C
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:11 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.by/sync_cookie_image_decide_secondary?token=10065.lIJkPwMpT7_tBN-q-yeiD4ysFWWCioxiSKEVpRNjlParOTTgzGT9yo6LwyjgAs80UE6En1ugaHrmMHyxKnpHOvHgAHN26h7IzbFMCvnNPj0%2C.zdXInxcNR4QfYN-gG8W5ckMrvj0%2C
date
Sat, 15 Jul 2023 18:42:11 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
90cda0d4b2e9798013d5ae8e8588fe0b.js
www.gstatic.com/mysidia/ Frame 262D 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/90cda0d4b2e9798013d5ae8e8588fe0b.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 23:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3972
x-xss-protection
0
last-modified
Thu, 06 Jul 2023 22:47:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 08 Oct 2023 23:17:17 GMT
369d21e23798e41a4bd263e83a9ef671.js
www.gstatic.com/mysidia/ Frame 262D 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/369d21e23798e41a4bd263e83a9ef671.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffeca646555545c8fb0fb9fc1d08b6e9481509b0f0fb78b4243807ca076410c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 19:38:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4215
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 07:02:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 19:38:20 GMT
css
fonts.googleapis.com/ Frame 262D 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Jul 2023 18:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 17:15:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jul 2023 18:42:12 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 262D 		2 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 262D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
33267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 09:27:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 262D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2539
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 17:59:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 262D 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 262D 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jul 2023 18:42:12 GMT
2a76cf1338a212cd33ad52adb05195b7.js
www.gstatic.com/mysidia/ Frame 262D 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 23:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14183
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 07:02:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 23:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D132 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:11:46 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame D132
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:42:12 GMT
expires
Sat, 15 Jul 2023 18:42:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:42:12 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 262D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89607b7831b876448bb4accffa32bcf7bf4256581da324fb82a34ddafe7f13c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 262D 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:09:17 GMT
x-content-type-options
nosniff
age
343975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 19:09:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 262D 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CiIX2g-iyZNvMF6nJ1fAP1tqu2Aa8_JHAcZjH5K2cEQoQASCL2vscYJX6l4KsB6AB0oDgiQPIAQGpAnKZAbhI1rI-qAMByAPDBKoEuQFP0IRIjQD2i6DY51-kBmz0HMb-z1ZweVXQ7V_BRPc3-5MgG_5QGcWKc-CUNMNXm-3el5Uk9m2rJdUOzYlEAphSKjcANqVDIHgoXg5Rc-XJk8YaHQ3I0Y5dXSb2K3IE-iHREBXN8K9NYHjAo2AdxNzqNIIw6K1atuljooxNzlIE5VRYdYCkr002QCr0o0WkC1qAU2ejlgfJtbC9jDazTVlHAtlx1AqH3JpO43aiaoVSW7JlkMwKL7G6ZMAEn5b9j6UEkgUECAQYAZIFBAgFGASgBmaAB5b_n3aoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRCY6Z0B0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi04OTE3ODMwMTg5MTAwNzIxGAA&sigh=ixD-fN71Ooo&uach_m=[UACH]&cid=CAQSGwBpAlJWPSOMNDzvA1N8fHkDq1pjl1vkqjFiQBgB&cbvp=2&vis=1
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 15 Jul 2023 18:42:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 15 Jul 2023 18:42:12 GMT
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame 0FE6 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446531&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446530996&bpp=1&bdt=247&idt=353&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCKsBIPzQZ&p=https%3A//goo.by&dtd=356
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
31800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Jul 2024 09:52:12 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230711&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b345d441f8263951c97304e6a36b9a85d846103028477b313efb40b2d6b5ec54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11662
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9958e01353d3e13e2d50c49439ad21e6ee08029f9af83f2598368659178ce548
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53520
x-xss-protection
0
server
cafe
etag
15955421668446519219
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Jul 2023 18:42:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 262D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHPpPok0wFn1EwUdqTrNiJsom7KUZcu_r4pD9VE7QcAXUI0hxqA3LCAaRC5QefiIAhnbmcFn-3Y0dz_urk6p4lc8BoSVbT8WbvOFFKAd4jjQtwKFkqzQa7vRXwWYWnNCpd6KxNCS4G6KCK&sai=AMfl-YTeP2jRnwiUODI4MblTWvTa4L_ZtkGB9WuOTVld5lOU9d_pD5QJUSEUePoGbob4L-ENpFzk3Ac2BpW2&sig=Cg0ArKJSzEfZzvhqfZruEAE&cid=CAQSGwBpAlJWPSOMNDzvA1N8fHkDq1pjl1vkqjFiQBgB&id=lidar2&mcvt=1025&p=0,0,280,1140&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2348938529&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689446531353&rpt=1541&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=goo.by
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7BBA 		115 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88fb056853e8acb305d341c4a3eec102a7f434e1db2e56d30601ece2d19a3264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://goo.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
40207
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:42:15 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E658 		26 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35888c1ba052fc59f7c75a8f8b003812083eef76af30fa450f59608dfb7f12f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://goo.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
11369
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:42:15 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 906B 		114 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
edaf330afe022ec612c4d0517d27a2d7aa97a928079a67f7e2874cc4c3e0bddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://goo.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
39865
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:42:16 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 15 Jul 2023 18:42:14 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=goo.by
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame 11FB 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://goo.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13147
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 15:03:07 GMT
etag
12368291122986407432
expires
Sat, 29 Jul 2023 15:03:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame 3F87 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://goo.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13147
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 15:03:07 GMT
etag
12368291122986407432
expires
Sat, 29 Jul 2023 15:03:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame 6DFA 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://goo.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13147
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 15:03:07 GMT
etag
12368291122986407432
expires
Sat, 29 Jul 2023 15:03:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/ Frame 4A17 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://goo.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13147
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 15:03:07 GMT
etag
12368291122986407432
expires
Sat, 29 Jul 2023 15:03:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 11FB 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Jul 2023 18:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 17:17:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jul 2023 18:42:14 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 11FB 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 09:18:57 GMT
x-content-type-options
nosniff
age
120197
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 17:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 13 Jul 2024 09:18:57 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 11FB 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 12:13:24 GMT
x-content-type-options
nosniff
age
23330
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 17:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 14 Jul 2024 12:13:24 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 11FB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dd63824a6304e84f5ac8549da2750d150a0eb24c50960dd83e08a63d5a97f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 23:51:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
67852
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6331
x-xss-protection
0
server
cafe
etag
18044331813203521086
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 28 Jul 2023 23:51:22 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 11FB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 14:53:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
13721
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8599
x-xss-protection
0
server
cafe
etag
12796843930313450165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 14:53:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 886E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://goo.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2048
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:08:06 GMT
expires
Sun, 14 Jul 2024 18:08:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DE30 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6df3e08475f8803eb60c7d347181915f5f81b6011c234008da831ac99dc5d3e2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-STgpwjChLYBV2B5wt0gi_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.by/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-STgpwjChLYBV2B5wt0gi_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:42:14 GMT
expires
Sat, 15 Jul 2023 18:42:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ Frame 3F87 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Jul 2023 18:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 17:16:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jul 2023 18:42:14 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 3F87 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 3F87 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
33269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 09:27:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 3F87 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 17:59:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 3F87 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F87 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jul 2023 18:42:14 GMT
2a76cf1338a212cd33ad52adb05195b7.js
www.gstatic.com/mysidia/ Frame 3F87 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 23:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14183
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 07:02:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 23:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/ Frame 36D2 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/index.html
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c115d957ef05aed690ca2d26691aa3ee6da5f72dd9339f8b006529aaf99de3d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
112687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3976
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Jul 2023 11:24:07 GMT
expires
Sat, 13 Jul 2024 11:24:07 GMT
last-modified
Mon, 19 Jun 2023 14:35:27 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 55EE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
33269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 09:27:45 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B20C 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1828
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:11:46 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 55EE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 17:59:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 55EE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 55EE 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jul 2023 18:42:14 GMT
css
fonts.googleapis.com/ Frame 4A17 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Jul 2023 18:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 17:13:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jul 2023 18:42:14 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 4A17 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 4A17 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
33269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 09:27:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 4A17 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 17:59:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 4A17 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A17 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jul 2023 18:42:14 GMT
2a76cf1338a212cd33ad52adb05195b7.js
www.gstatic.com/mysidia/ Frame 4A17 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 23:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14183
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 07:02:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 23:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 36D2 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 16:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
7452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 16 Jul 2023 16:38:02 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 36D2 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 01:47:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
60869
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 16 Jul 2023 01:47:45 GMT
9737fa3721435dc8e7320a00b07fcab8.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/ Frame 36D2 		96 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/9737fa3721435dc8e7320a00b07fcab8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a3329ff5055e90e2f0849d6c36c7cd3b2c0830d11b2a1c226d9a3adb4fa287a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 14 Jul 2023 11:24:08 GMT
age
112686
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27472
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 14:35:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 Jul 2024 11:24:08 GMT
css
fonts.googleapis.com/ Frame 5A63 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Jul 2023 18:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 17:19:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jul 2023 18:42:14 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 5A63 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 5A63 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
33269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 09:27:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 5A63 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 17:59:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 5A63 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5A63 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jul 2023 18:42:14 GMT
2a76cf1338a212cd33ad52adb05195b7.js
www.gstatic.com/mysidia/ Frame 5A63 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 23:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14183
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 07:02:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 23:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DE30 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230711&jk=2524045809004870&rc=05AHju0w-IBnHyCvGfFR2UNrqvPIUbg1DDJMRGLfFfoOztQlMbcD50pqUx61OpSeYNjy-CemVRmnfiRKqXnGBrQgwf9P--QNKwZkeP90WTwe2RSi6YQxEZqzcJGBlnF3RadLQwrXqPaLqty_3CDYlO_lMAUJQgDghUJw15SVPjAPz98Ms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame B20C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:42:14 GMT
expires
Sat, 15 Jul 2023 18:42:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:42:14 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame 886E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
31802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Jul 2024 09:52:12 GMT
css
fonts.googleapis.com/ Frame 36D2 		2 KB
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/9737fa3721435dc8e7320a00b07fcab8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f85cdf3499d284b8a072fdf645d8314e4ff7e444856f0c43d9ca27bfb007b0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Jul 2023 18:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 17:42:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jul 2023 18:42:14 GMT
6ab7b527fa8663b54f04e94567366c79.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/media/ Frame 36D2 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/media/6ab7b527fa8663b54f04e94567366c79.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3921684c87c0101c80824f586a9c9f5497e34c48d32fc743a6f8bf757ca2127
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 14 Jul 2023 11:24:08 GMT
x-content-type-options
nosniff
age
112686
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
181321
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 14:35:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 Jul 2024 11:24:08 GMT
58c28061ca58240bdd6988a49be3344f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/media/ Frame 36D2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/media/58c28061ca58240bdd6988a49be3344f.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
908ebdf78c476f4a88612b40be7c1043786c4f66a2dd7c6ac1211ac4c8da462a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 14 Jul 2023 11:24:08 GMT
x-content-type-options
nosniff
age
112686
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3022
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 14:35:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 Jul 2024 11:24:08 GMT
9d138cf53ccdd188efd00d451829afc2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/media/ Frame 36D2 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/media/9d138cf53ccdd188efd00d451829afc2.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c6a67fb45c024ee1195323e541fe75c52f5774d535911cde5689df09e383ec
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 14 Jul 2023 11:24:08 GMT
age
112686
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2721
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 14:35:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 Jul 2024 11:24:08 GMT
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame FF87 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
31802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Jul 2024 09:52:12 GMT
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame 706B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
31802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Jul 2024 09:52:12 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 36D2 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 08 Jul 2023 23:09:41 GMT
x-content-type-options
nosniff
age
588753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12848
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jul 2024 23:09:41 GMT
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame BF28 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
31802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Jul 2024 09:52:12 GMT
truncated
/ Frame 55EE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c782f8a457b45118f83937420917ed26b369552f04e470d618f37477734421d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
6ab7b527fa8663b54f04e94567366c79.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/media/ Frame 36D2 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/media/6ab7b527fa8663b54f04e94567366c79.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3921684c87c0101c80824f586a9c9f5497e34c48d32fc743a6f8bf757ca2127
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 14 Jul 2023 11:24:08 GMT
x-content-type-options
nosniff
age
112686
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
181321
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 14:35:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 Jul 2024 11:24:08 GMT
58c28061ca58240bdd6988a49be3344f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/media/ Frame 36D2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/media/58c28061ca58240bdd6988a49be3344f.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
908ebdf78c476f4a88612b40be7c1043786c4f66a2dd7c6ac1211ac4c8da462a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 14 Jul 2023 11:24:08 GMT
x-content-type-options
nosniff
age
112686
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3022
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 14:35:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 Jul 2024 11:24:08 GMT
4508f8579be634d0962cffc25e8465f4.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/media/ Frame 36D2 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4868330052100230188/media/4508f8579be634d0962cffc25e8465f4.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93467545529fed7d0edebb9441a127d9a0dddcd13a36fef21fc377b1910257c1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 14 Jul 2023 11:24:08 GMT
age
112686
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1306
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 14:35:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 Jul 2024 11:24:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 55EE 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CYGXvg-iyZLaXE7PtxgPX3pewBPi73sxxzeOUxbER5MbNu-M8EAEgi9r7HGCV-peCrAegAbm2w5ICyAEJqQJymQG4SNayPqgDAcgDSKoE1QFP0MGdp6-OeLryVw9NdSrwBsvss_pIM85l_ImICSlS-H5NF7D-Zo8DoxtINSo_-81hcDdDmXVuqMNKC9KBRrt7WTOk_9JzPsoMBjRhfWq5XmRUTp0oigg68W7OEyFp4JloKLCJy3_648QaE2mONICr2mag4Scub8MnWTN-gcDJ6NAMURYeS9KTBSNTNQDk487I7Wdsp-Qh2sgZUxaLGV1aP0Ub2wrx6JerMVfBGguEr1_sihnDxGiKOY4aHq2rivSkZsp8jvTgqo--Er9YL8_fvh1PIXTABN_r2c6rBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAevybztAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJzsFtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItODkxNzgzMDE4OTEwMDcyMRgA&sigh=NxxvTEpH43E&uach_m=[UACH]&cid=CAQSGwBpAlJWBbn-6X7diGfgzluulLKUlsgMpv7_lRgB&template_id=419&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 15 Jul 2023 18:42:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame 36D2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
31802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Jul 2024 09:52:12 GMT
generate_204
tpc.googlesyndication.com/ Frame 886E 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?HVtOFA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
css
fonts.googleapis.com/ Frame 7BBA 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Jul 2023 18:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 17:17:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jul 2023 18:42:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 7BBA 		2 KB
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 7BBA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
33270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 09:27:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 7BBA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 17:59:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 7BBA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
l
www.google.com/ads/measurement/ Frame 7BBA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZQxrw4uMAbbu3l2vRumP18TDHx7VlBD1YbzbZXKb5JRDt9O313pR9POYp7e7EUM9nhUlP7c1rPigPzLH9eDzKNObU7Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7BBA 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jul 2023 18:42:15 GMT
2a76cf1338a212cd33ad52adb05195b7.js
www.gstatic.com/mysidia/ Frame 7BBA 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 23:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14183
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 07:02:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 23:00:00 GMT
3514131790483889263
tpc.googlesyndication.com/simgad/5259545589139996529/ Frame 7BBA 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5259545589139996529/3514131790483889263?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48e51c17cfae37fecdfbbcdfaa4f2236d6c8d08106484ce227cf1a61f6086da5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 10:43:41 GMT
x-content-type-options
nosniff
age
28714
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41535
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 03:37:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 14 Jul 2024 10:43:41 GMT
truncated
/ Frame 7BBA 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7BBA 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4753 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:37:24 GMT
etag
48472445140208031
expires
Sun, 16 Jul 2023 18:37:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7BBA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a636e71512d2338cbab37feffec2af1d52668daf9080ef90e30e0740145822d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 4753
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S3JDYjEwY3UxUWtLZEY1&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&google_cver=1&google_push=AaAOQGHrvKYl3jY4T4hRP1yiU8o4eqBjelp50lRYDL3GKPD...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S3JDYjEwY3UxUWtLZEY1&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&google_cver=1&google_push=AaAOQGHrvKYl3jY4T4hRP1yiU8o4eqBjelp50lRYDL3GKPDvFvrhDnbAMGJEXEBZW5pS5LcrQnnCba-nk6pRd4bnnJK-HU_1kSoymw
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 15 Jul 2023 18:42:15 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-039373edd24dbbb61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S3JDYjEwY3UxUWtLZEY1&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&google_cver=1&google_push=AaAOQGHrvKYl3jY4T4hRP1yiU8o4eqBjelp50lRYDL3GKPDvFvrhDnbAMGJEXEBZW5pS5LcrQnnCba-nk6pRd4bnnJK-HU_1kSoymw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4753
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAcqw1UiM3PyucsXy7A6jbo&google_cver=1&google_push=AaAOQGEQQdsqPhppKQg-PYhoSjo89rgYhhKCcW1jeKyzzNJrLCLI_Js2UsFzaQFZGFV2kR4NEa5Dik96JVflY4P1...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEQQdsqPhppKQg-PYhoSjo89rgYhhKCcW1jeKyzzNJrLCLI_Js2UsFzaQFZGFV2kR4NEa5Dik96JVflY4P1WCb2gJuRw_XHww
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEQQdsqPhppKQg-PYhoSjo89rgYhhKCcW1jeKyzzNJrLCLI_Js2UsFzaQFZGFV2kR4NEa5Dik96JVflY4P1WCb2gJuRw_XHww
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 15 Jul 2023 18:42:15 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x8 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGEQQdsqPhppKQg-PYhoSjo89rgYhhKCcW1jeKyzzNJrLCLI_Js2UsFzaQFZGFV2kR4NEa5Dik96JVflY4P1WCb2gJuRw_XHww
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
x-status
O1
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 15 Jul 2023 18:42:14 GMT
i.match
s.tribalfusion.com/z/ Frame 4753
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGH299JXVGm-JSqtqqt1kOY&google_cver=1&google_push=AaAOQGE1EtOHaoAM-VLoYJxwiM2orCCzuYvQh7vHawQeV0CF4p4cqlnoMk9_zglkQ2j7JkoA1CnW-LazLp9fPeuxd6-a7ysY5OO2u...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGH299JXVGm-JSqtqqt1kOY&google_cver=1&google_push=AaAOQGE1EtOHaoAM-VLoYJxwiM2orCCzuYvQh7vHawQeV0CF4p4cqlnoMk9_zglkQ2j7JkoA1CnW-LazLp9fPeuxd6-a7ysY5OO...
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGH299JXVGm-JSqtqqt1kOY&google_cver=1&google_push=AaAOQGE1EtOHaoAM-VLoYJxwiM2orCCzuYvQh7vHawQeV0CF4p4cqlnoMk9_zglkQ2j7JkoA1CnW-LazLp9fPeuxd6-a7ysY5OO2ug&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE1EtOHaoAM-VLoYJxwiM2orCCzuYvQh7vHawQeV0CF4p4cqlnoMk9_zglkQ2j7JkoA1CnW-LazLp9fPeuxd6-a7ysY5OO2ug%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7e7424ef2cd239df-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1817
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGH299JXVGm-JSqtqqt1kOY&google_cver=1&google_push=AaAOQGE1EtOHaoAM-VLoYJxwiM2orCCzuYvQh7vHawQeV0CF4p4cqlnoMk9_zglkQ2j7JkoA1CnW-LazLp9fPeuxd6-a7ysY5OO2ug&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGE1EtOHaoAM-VLoYJxwiM2orCCzuYvQh7vHawQeV0CF4p4cqlnoMk9_zglkQ2j7JkoA1CnW-LazLp9fPeuxd6-a7ysY5OO2ug%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7e7424edcb4539df-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4753
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJlPONWT1DM13FEjHaCzqWs&google_cver=1&google_push=AaAOQGFIjw3nYvHX0fvVh34T-SAkars5URsARGugvgoNW8-AYlII0iZh6eojJN8Jo1G3tsncrc431zVjRu04hGfV1ZwZsbpkOYn9Sg
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0D5AFDB49FD46E19C94C78A2F74DCFA&google_push=AaAOQGFIjw3nYvHX0fvVh34T-SAkars5URsARGugvgoNW8-AYlII0iZh6eojJN8Jo1G3tsncrc431zVjRu04hGf...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0D5AFDB49FD46E19C94C78A2F74DCFA&google_push=AaAOQGFIjw3nYvHX0fvVh34T-SAkars5URsARGugvgoNW8-AYlII0iZh6eojJN8Jo1G3tsncrc431zVjRu04hGfV1ZwZsbpkOYn9Sg
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 15 Jul 2023 18:42:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0D5AFDB49FD46E19C94C78A2F74DCFA&google_push=AaAOQGFIjw3nYvHX0fvVh34T-SAkars5URsARGugvgoNW8-AYlII0iZh6eojJN8Jo1G3tsncrc431zVjRu04hGfV1ZwZsbpkOYn9Sg
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 14 Jul 2023 18:42:15 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4753 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMq9310oxafi-lkgaSmh5aE&google_cver=1&google_push=AaAOQGEnf4yhPph8iffzp57xgGiQqLL86SPhaoT1k_Ldo37qJvZb52pUK2FOeDn7cnFjNuSoQuOU_-PkDhFza3MjEJLMfsJIhBsnZw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 4753
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDLworaSMxh-VRZE-ffVPak&google_cver=1&google_push=AaAOQGHtzSCjncrWoAG8F_tWiX9xiQLfaFFqDd0D2-bP7kk5cuOn7HQr6sazjAow0A8_vQNlYIicml8YRbYdA8...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NjExNzYxNjE3NjkyMDcyNg%3D%3D&google_push=AaAOQGHtzSCjncrWoAG8F_tWiX9xiQLfaFFqDd0D2-bP7kk5cuOn7HQr6sazjAow0A8_vQNlYIicml8YRbYdA8PeqM...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NjExNzYxNjE3NjkyMDcyNg%3D%3D&google_push=AaAOQGHtzSCjncrWoAG8F_tWiX9xiQLfaFFqDd0D2-bP7kk5cuOn7HQr6sazjAow0A8_vQNlYIicml8YRbYdA8PeqMPWkHKAetlzCw
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1NjExNzYxNjE3NjkyMDcyNg%3D%3D&google_push=AaAOQGHtzSCjncrWoAG8F_tWiX9xiQLfaFFqDd0D2-bP7kk5cuOn7HQr6sazjAow0A8_vQNlYIicml8YRbYdA8PeqMPWkHKAetlzCw
Date
Sat, 15 Jul 2023 18:42:15 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 4753
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAcQVGOMj3fpZwkEFoh4qEE&google_cver=1&google_push=AaAOQGHXGl3uAau6Dt45c4cEs2icUnPv8NIYvj4TGNrR9LnGhnivmqWblFPZuHrcPXy3NJ65xZQ-q4zS...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAcQVGOMj3fpZwkEFoh4qEE&google_cver=1&google_push=AaAOQGHXGl3uAau6Dt45c4cEs2icUnPv8NIYvj4TGNrR9LnGhnivmqWblFPZuHrcPXy3NJ65xZQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MzEwNTM0MTg3ODIzMjQ5OA&google_push=AaAOQGHXGl3uAau6Dt45c4cEs2icUnPv8NIYvj4TGNrR9LnGhnivmqWblFPZuHrcPXy3NJ65xZQ-q4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MzEwNTM0MTg3ODIzMjQ5OA&google_push=AaAOQGHXGl3uAau6Dt45c4cEs2icUnPv8NIYvj4TGNrR9LnGhnivmqWblFPZuHrcPXy3NJ65xZQ-q4zSMUf-G_0JGbapXxTyxywxPA
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjc5MzEwNTM0MTg3ODIzMjQ5OA&google_push=AaAOQGHXGl3uAau6Dt45c4cEs2icUnPv8NIYvj4TGNrR9LnGhnivmqWblFPZuHrcPXy3NJ65xZQ-q4zSMUf-G_0JGbapXxTyxywxPA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 4753 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ja6xN-yMlkU7-3wXedU1Kix5PkdM7zZCaRchUp6weguHagrJERfL8jGbfeaGblhxqGrnB-
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7BBA 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:09:17 GMT
x-content-type-options
nosniff
age
343978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 19:09:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7BBA 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUGHhheiyZOyiPIvG1fAP1sm3wAf-vfDUcZDm8pCpEZOsqJ7jPhABIIva-xxglfqXgqwHoAGItd7cKcgBCagDAcgDywSqBLcBT9DX-0KgqPhPdvUpbCllXqzpv3p3-dWvjrtksGoyR7tyjTUTSHdl9WM9V4byqDvcqexzxEfJ4GXxzpfcvDiHrz5-1xeCyaFqGUI0dV4WSYaWvp1i7jDDZzkGpJFHQQByLnwRat_7d9Am8wCDnH5PzXh_PKL6XvHWbb5bjaeueUNyflY8D1hKcbOX_Z-ab7xn4-CE1Bel2Lv87zFeoJJippOYXIbiXfRSyIZl-1kjkJkKae_GZ9ekwASj4pPWyASSBQQIBBgBkgUECAUYBKAGLoAHxZbBzQSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDi9Q7SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBogwIKgYKBMOwsQLYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItODkxNzgzMDE4OTEwMDcyMRgA&sigh=oTRoA14xFDc&uach_m=[UACH]&cid=CAQSPABpAlJWxR47ar4kGUJF6SIzniIPH723TREU-hyJEkaisu-6pqlhVYvudqOSy1LRBdhFhqNWxSa8xlbp0BgB&template_id=5000&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 15 Jul 2023 18:42:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame C03E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280&nras=3&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=k4FHMrVXM7&p=https%3A//goo.by&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
31803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Jul 2024 09:52:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230711&jk=2524045809004870&bg=!5Oel57PNAAb90kgr3dI7ADkAdvg8Ws_yStwzv36uvinwW6RQ7eSQMNyPfqqE_Z4eC8EULs_ABusdCTz06wqS5rR1HyfSNSmi3dMCAAABd1IAAAAcaAEHCgDagDHaMpgNUsFSelNnsTR8X-M_IRFW3gGcQdEnXNupJVTYN9RMjkKXSu5H2wA_g4Uvd1DIzNdUtfaJ_B4uKjpWt_b0DJbumTBvO84Y6L7NKcIyiA9ZIbVU7zWJT0eInlPp6d5jHKcNzLD47hNYreCTDFb439kFTTlCyl9taYg9STh6JNpkEoibhOTGZEhKTzc8Ure7gNCnFwjh1Nj7bp0XjRrB5cYqfctyGVecbg5rZqRYoLSzT0oQ5TiPyeLV0A2CAIrV-VVsM4fvFVR4oy3JBLLYrz2vHZs_6ZSZAp2bljYzeiXPmQ7LzSsOPInkzg-EfHDUfNi5LagQtOKoVOMczXmspgs2WRgPmoSyy5mim9BQVhQX9fQxQf9cxdBfvdlGvfWRiVA2jESQid094uj0qkukz04NnTw_9qsfpN4dZT15hkkiZ8zdXts0M5m0nerGPQX65yCVZ3YE8oZccS8MZeQNWqZIwxUbPokhx-5ozwOeE3rTot4-5hmmBafj-7R6JLCBCyaVBa3Eja4NgcbQP_qMICVM8R_4Y2lXF8x3uTtOTNMO7wW0zLjWgvekBT-6o2fMql1ypFfEEWRZIzS4mhTgOBZYFIhGXpEGoEc-BBv_wgg2mP0ghN95XOHRCWrE_XzpesJifHZAhccnFF_pTBtQwUQ3OMVPBjIlIu9auibhfMlgscZDgCvwZXF5mTIPS2jH7ibrI93AFMeEW1oHFaDGQtt61Gky4CoEePZiBY5QBn4p8GRtEw0DgqdRNZNHLvCK27D9foTgt0AgPFU3ZSGv7Bl5fgG2h7kRndxaNkiHl2TZn7s5UvJyNIe5ZY2Es77RAzeTyHoDrBYjdpmZ8EdYtFd1MlIfhbfChHjCKuo8DdQJpYT2KlN3eiXCKQ2zU3tPL_VvEOjg0thppxUJIUguZ2XNlAokbwokxT2J9Q68CREgxQGl8ElQ7WqhGkC0D0T8qK3sx_cB5RKso9mz0dn3xC67A0q_ckLBcjGMuWiTC_uRi5_fnjpWVfXF4bwcrm23nOGQvcYztIfMaQwNOCgzkIFsgfU52SpTabA0uh46P5LONLPUTVoCIBPsYHAfmAUHfLwMXFgc34EPUe1G1VrISQawZRNP2yWvJnwEkLtgwCd6lXO3G5J_Gmf9xDSgb8pauBDnqjlXDbzXawtj-iD3SAxQLMM_Cpc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame F546 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNV4_qHeqZwlQphz_nxvemsJKFkqpQW_9GRAlSptMSzLzp1v_RZ-1XzQtocrBE18voYrmm6RiF5znIFmv4FWFPRpWlpJdVuEqrAFGLqFykslnTYKuvVl2Pza6LhRtPXhEPjqmWIVVXDlu6_J9RzQtB-D6XZ7bmYUOc1QLfmGXx7g9gSAyBE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:42:15 GMT
expires
Sat, 15 Jul 2023 18:42:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3F7D 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
server
cafe
etag
4315658989838864570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 15 Jul 2023 18:42:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 3F7D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2542
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 17:59:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 3F7D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F7D 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jul 2023 18:42:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F7D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BH2Hd8i190hyr0A_YiHrxU-CfErhCcF6dMOcBqCocQ2J2QF6kZZeaBTbV79cZ2d1kJX_X9F870QZogzVmalVXY83dEzeqwt0WElHH-AF0xXE_uLxo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F7D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15526308069402362810&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F546
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH9Q-0QJbwjTwAt8XXS3ew4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH9Q-0QJbwjTwAt8XXS3ew4&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH9Q-0QJbwjTwAt8XXS3ew4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNV4_qHeqZwlQphz_nxvemsJKFkqpQW_9GRAlSptMSzLzp1v_RZ-1XzQtocrBE18voYrmm6RiF5znIFmv4FWFPRpWlpJdVuEqrAFGLqFykslnTYKuvVl2Pza6LhRtPXhEPjqmWIVVXDlu6_J9RzQtB-D6XZ7bmYUOc1QLfmGXx7g9gSAyBE
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 Jul 2023 18:42:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 15 Jul 2023 18:42:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEH9Q-0QJbwjTwAt8XXS3ew4&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame F546
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLLoh-iX-.nvTJ5ASAGa1wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH9Q-0QJbwjTwAt8XXS3ew4&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH9Q-0QJbwjTwAt8XXS3ew4&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNV4_qHeqZwlQphz_nxvemsJKFkqpQW_9GRAlSptMSzLzp1v_RZ-1XzQtocrBE18voYrmm6RiF5znIFmv4FWFPRpWlpJdVuEqrAFGLqFykslnTYKuvVl2Pza6LhRtPXhEPjqmWIVVXDlu6_J9RzQtB-D6XZ7bmYUOc1QLfmGXx7g9gSAyBE
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 15 Jul 2023 18:42:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH9Q-0QJbwjTwAt8XXS3ew4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame F546
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKaKxtHCfcKXajSI3LO5h04&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKaKxtHCfcKXajSI3LO5h04%26google_cver%3D1
43 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKaKxtHCfcKXajSI3LO5h04%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNV4_qHeqZwlQphz_nxvemsJKFkqpQW_9GRAlSptMSzLzp1v_RZ-1XzQtocrBE18voYrmm6RiF5znIFmv4FWFPRpWlpJdVuEqrAFGLqFykslnTYKuvVl2Pza6LhRtPXhEPjqmWIVVXDlu6_J9RzQtB-D6XZ7bmYUOc1QLfmGXx7g9gSAyBE
Protocol
H2
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
an-x-request-uuid
6606b12c-f91e-4aa9-b593-dd58459b20cc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.133; 138.199.38.133; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
an-x-request-uuid
60c22c73-7c8d-4a01-8bea-e9eb65cdfe26
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKaKxtHCfcKXajSI3LO5h04%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.133; 138.199.38.133; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F546
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1NTkyMzUwNTI3Mzg2OTAwNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1NTkyMzUwNTI3Mzg2OTAwNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNV4_qHeqZwlQphz_nxvemsJKFkqpQW_9GRAlSptMSzLzp1v_RZ-1XzQtocrBE18voYrmm6RiF5znIFmv4FWFPRpWlpJdVuEqrAFGLqFykslnTYKuvVl2Pza6LhRtPXhEPjqmWIVVXDlu6_J9RzQtB-D6XZ7bmYUOc1QLfmGXx7g9gSAyBE
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
an-x-request-uuid
aad2e525-aca1-42f6-97c7-e35e56a8d777
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1NTkyMzUwNTI3Mzg2OTAwNw%3D%3D
x-proxy-origin
138.199.38.133; 138.199.38.133; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F7D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4022199233816&version=m202306200101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F7D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4022199233816&version=m202306200101&ct=76&x=1&cor=15526308069402362000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3F7D 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANszadceEWaFgFB9c-CerEgAD8LT_ccQixD4ckj9yQS7OICAGsHfYH5j52afmAaqNZZbxir1g5LwR1AMWdfk6SEkhKRGCXuDrIhKwZPNoPKdHOeMWwl5wuWrhUsznju2rYvvIHgqmcmj8kETNahmMfNqsbIhhxIURa-MDsOk8PJy363_A&dbm_d=AKAmf-CAVAr3wRcboBVzahWtneoQRpbMvMeUEO6dDJV66lWT7y1bg6MbVJrC5w04ZJEynyuDdIHIFgaR2Ah_aoFyoE28pe_MAZKS5UfZKk6R_mwS4nnUpIScG-ilfwmuIGRVqwyXKYlZP1q6JPYBA1uipI3qybw6diexJwJOBtQbzpx-QmxXPpejfE7SOpRNCxSIhYqopwVjHyeNYcjuwhRKhNA3o21f4aj4sYyrUd9_ZgQ-WMoMVuKfFrtR8VZs_m8onZYC0MZEureP0KiHNebBF6LOUvoCTf3URXoAIR9evGdZm1KhEbaa3Y19lHfavjHIZDZJ-Jq6r_tTWj8sJZoaCbPdM1tBDJ_ViaJ_LaaMdkEkfzo1-9Je5nYN3X1ROAdBIB6wVavPxSzhEyXEC_YZzRvFGKGIVD-EIR-DiP4LayIWl6tb9P1XiTHHOEz0i8WxqAcyVAcOebvFTUTnrEOH1F6cQwPQywOsZbT4pWKGRKaqMNJl1FPdwkb9qGdAqxL7dDqNvCw0QCSRxzC50sNK8OgXH_eHDwAZ2y1FpkSRIM1C0o7EUbKWfln8V2FIqkA1PA2FeggbfBJlQS4jreNkzmujCi82LOzloAnJW7AAuUWupTpBgO8czKeNtWNo6A2vHA7JtG59mCS1Vlqh9GaAGlhHq4iL_LM2YunyQaoYT9uZseP6MN4aOwdeMU98sqkoUwq5Izo19sh3q2S22rMUnQGWKJ7ef0lrsU9n5WNxZ5WhkLcG1Kt8ETT6xxOQhVw41Nq7sbE2TCEjZLimDWjDg2XHUYwqqRszkeYzJao4Eh7QoHpA-GQw6cPvDUocXNfpS1pujGTo2vvYegiF5SfTBNIa3DERlFN8SXCK83ou2aW8SkwV8aT7vu2M5aBYqt1Tgo6ZitA3zVBXjSt-Z4bvBuGuGdO1SE4pQFu0QbY0Yg7VqrgCmyWxjf-Q2NIUdkTdYa7bMzMyaHfuq-QJN1aaefYmfIlkoZe-hBqM6opRJ3ZMT_lQFDAq0cadg1FwE9r-4s34UkI2irgk488_o3FUMvLb820eeJBBkWRsvyXmaRgaq0JarwNMyJUghMSyqOJN7X7kvRyDLa-maMqSiExCtZgYXJgbTs6Rk1IyQ5hCy_Vm6AXA1qgSEVq3h_YJ9NAgbWvJ-RhBxfvqQ4Y7f74h4hXExX7C7l5z41RBvgrrG77wLS6ZMhYy2TOb5mM-QjNc2HMfVqkIWr7PSvh2YlIh6b_HvGrCde6Nm1kRg8OQnEEiG2ACtST_LLHhTiutI58JV9qZwQ4sejC5NQbAUgBWMN5kijWJ-VEsCpXopRJAp92QYBqKK3IxYF9ugs-Ns7Cnp_iBoMUi7AafMI2APhDTHc4MU8m1QHxk0ul0n3Mp1jwYHnZAahPi-_RxY7FEkKsd0BUq1JGwv03c2GMeBLV8xI6m_sBTPvwgj4mCoTkMh4MccUL34iBgKTPzuCu60dupK3T08LN8ZqHgCgM86PnZi1ZjTaJUieLCsEGUm8gGHAWiIv-Z58bevBDAlvUBBNFx6TST6fWRd6-8ZLpLxFAiapzmU92u00aq5S1XL1mFJax7dsauq19zjtwXq53lObvEhSiGN-JQbtBY-7H2XNOBiIGJtcdsFwLYiywV3F9W0G-ul94AVt5bS5DBwThBcSDdJJcrr5FykhFzr0O01czxklnuk29BvyLUR4rurboVBVkgUlLLy5pgoJSobxHqeO26uCSzdGRKVDCOf08GEjTc_RYWMslnthP0eZHGjYUKr7o4G4WCxcwBeKs4tj8A_yiVBFRnyx5JJvtj5PiYr733QmRD_FlfpocfiCsT1g5_2LzsMXga_sgB61QgUCFuCH_zm5L7KzhlUeHRp0Rprrsw0gYqxqYoNJ23f0T298MS27LfCM6zFj5QqnsUkqvQKYWyPk9PnvP-KdM_vpXAzFHbLMMYOSTTvM8OPUk-1NTkhopW_DaMbA5LesJ4ZcbB_JZnK579kCLhaNUiSyYBL7Nhmi7_S3UP7pllFwu2W-RvaUlLOsVooIIdBCLAhGAooD4kwE4yhcraF4SB86VYFMHbW0TM-XqNzSl_u_w1GlupM1DE6nINJwwHGcuVaDVpcdI1nbouoJzoN-9CoekVH6XQINtsYl1TipCZ4tvV3a_uP7k0ppg7Dzi-faIQ5zexzWFFq6aVZ-n8noP8IsMxYLEh82aRcu_sqQkRfQoMMbDuMtu2dmjRvWX_KW8hrpEfgrcO-E7nrqdScC1zFze0e-NZimkONubN6Q7ZMwRHeeOvAZXK0L3TrpHfAS6AeLNVXAaRfST91gSL5sRAOauNraZbKiQM5SodC43Jl16Nexo8uPpodkmmSRhlQ11zGZu8awu7xZbFajVp18WaL0R-hOjRMsCigP2wd8-teV88jMONQyqWn_cEf2AeYTEOPerB1_A1DdlB8sghUm1kRrSoOPvbQhQazorvAncK2ihgW-XfjtFziBiVJYBX4ghuWJBHnuF2BL6l_wSjfaHeZm51pr11JOTsUleC5j1cp3fmGEe9NiGzC2iS9sjTQsburzCql8N1gLDJMnk-RnNEyGGyLcHO4Ssotafq0J9bDsoNj78gGvn2L_hGNpZ2PmCQGbOAgjYqgrmFPsl5_j6oeEZZxkovJiMIHVSNv0DA6yU38NDFL-Fd94aTLn9OEbyaRQ_eB5bpeaBh2CrC_uR1bhlXstQzol0X3Jsqg-w2oFGUs0alDqEaoDzc5HRYnbhcfAiHSxNZ79v6ocjyrA6-ePPleTTNlmxjwNWnbVAFfe-SbDQA8cSbm_1yAr50ydGnZ48168B8bw2c5-eQWGKMQ3x_r09GZ_ehTRGRWt1Wt846Biv9IOMhsLkBtvESUpBsR3SAk1R1xiz9n2h8xPTBWcHU76JWWAVQIKirX_JX7vWen1mhs-QE8xKsoYCPDIKFC8_DFA3qSNVr6zC3j8CWrtmcsCDQxeMIxMsyuZy4ihvasnmJaS7lcuFsLZXL6-pa2IVkf4EzW-6lnO9oGiZ1J-POrwVMALeUc0AiDNpQ6tBxIM8FyDlH_jTZ6D4xe2LEyrQXFFwnfaWaEe82-IyOUO93nAnUflkCERAULRnqQ9PJTvvvnUsehMucYzVatlmiPzSPfP9jdDzdnf3zvOsntqscLG9lCahP5VP8WAfAK0iGlhZkg9HbPXXMTMj8rBe66wz7vykkDSpzpZRtGrEt2Z_oLyC2awwv_gvPzn3Ik0hRQjM0U-JIVG5rvXcnyCM3N7pgQLTj71Wh2mEBAvB-nAz0O4gNtsoHSZ6Q3vKbfDzVHBp9srmTQVdkDKZT2ZrhIICLegbVLdKscB_tYIOsVAmuToqvsizZLH2it4FjdZ_EHnb35Xu85aXdOTQ&cid=CAQSPABpAlJWgE7KfY50SZ4ZKbuH5G43JTw5-GE8o4wjCBepRzKElQk-d2GpkuPp4CHQ76pyp6VHayTiNH0TKRgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fgoo.by%2F&ds=l&xdt=1&iif=1&cor=15526308069402362000&adk=521587874&idt=152&cac=0&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c3d6eab4b31312e60add24fbf7ea775ecec85628cc08798dd966605e9a3833c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40081
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 55EE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_BfljonfWOc1sVO3VQxs0LB0AnpPvuXQJdgxWuXdkXknCDRKihh4gueaZM0avwEKiffzcQg83DaUdtuOjFuvtRZc4sfA2kxFZ7Zzc-C4uawPyDX8r3WmJ0mXmhtrELxmQOkeRI0KSYAEu&sai=AMfl-YQLy48mtUm5pxdDBQVImaWpY7G6IAgUNJyfS6G6jZY-twk1T-p2g84T0yexMr_VKwhQNb2EUfwaQ4QV&sig=Cg0ArKJSzPCgtA-dZpBvEAE&cid=CAQSGwBpAlJWBbn-6X7diGfgzluulLKUlsgMpv7_lRgB&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=293675614&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689446534181&rpt=162&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634098/ Frame 3F7D 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634098/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-8917830189100721&ias_chanId=1&ias_placementId=19422215943&bidurl=https://goo.by/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gjd2wsuHcmV9bzP3hS33H2
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.129.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-129-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
89369469e406287df00fb9bcdb9dedde63561c7a60c83b3da63df11a6c7ab3f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 3F7D 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:52:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17361
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jul 2023 13:52:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 3F7D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANszadceEWaFgFB9c-CerEgAD8LT_ccQixD4ckj9yQS7OICAGsHfYH5j52afmAaqNZZbxir1g5LwR1AMWdfk6SEkhKRGCXuDrIhKwZPNoPKdHOeMWwl5wuWrhUsznju2rYvvIHgqmcmj8kETNahmMfNqsbIhhxIURa-MDsOk8PJy363_A&dbm_d=AKAmf-CAVAr3wRcboBVzahWtneoQRpbMvMeUEO6dDJV66lWT7y1bg6MbVJrC5w04ZJEynyuDdIHIFgaR2Ah_aoFyoE28pe_MAZKS5UfZKk6R_mwS4nnUpIScG-ilfwmuIGRVqwyXKYlZP1q6JPYBA1uipI3qybw6diexJwJOBtQbzpx-QmxXPpejfE7SOpRNCxSIhYqopwVjHyeNYcjuwhRKhNA3o21f4aj4sYyrUd9_ZgQ-WMoMVuKfFrtR8VZs_m8onZYC0MZEureP0KiHNebBF6LOUvoCTf3URXoAIR9evGdZm1KhEbaa3Y19lHfavjHIZDZJ-Jq6r_tTWj8sJZoaCbPdM1tBDJ_ViaJ_LaaMdkEkfzo1-9Je5nYN3X1ROAdBIB6wVavPxSzhEyXEC_YZzRvFGKGIVD-EIR-DiP4LayIWl6tb9P1XiTHHOEz0i8WxqAcyVAcOebvFTUTnrEOH1F6cQwPQywOsZbT4pWKGRKaqMNJl1FPdwkb9qGdAqxL7dDqNvCw0QCSRxzC50sNK8OgXH_eHDwAZ2y1FpkSRIM1C0o7EUbKWfln8V2FIqkA1PA2FeggbfBJlQS4jreNkzmujCi82LOzloAnJW7AAuUWupTpBgO8czKeNtWNo6A2vHA7JtG59mCS1Vlqh9GaAGlhHq4iL_LM2YunyQaoYT9uZseP6MN4aOwdeMU98sqkoUwq5Izo19sh3q2S22rMUnQGWKJ7ef0lrsU9n5WNxZ5WhkLcG1Kt8ETT6xxOQhVw41Nq7sbE2TCEjZLimDWjDg2XHUYwqqRszkeYzJao4Eh7QoHpA-GQw6cPvDUocXNfpS1pujGTo2vvYegiF5SfTBNIa3DERlFN8SXCK83ou2aW8SkwV8aT7vu2M5aBYqt1Tgo6ZitA3zVBXjSt-Z4bvBuGuGdO1SE4pQFu0QbY0Yg7VqrgCmyWxjf-Q2NIUdkTdYa7bMzMyaHfuq-QJN1aaefYmfIlkoZe-hBqM6opRJ3ZMT_lQFDAq0cadg1FwE9r-4s34UkI2irgk488_o3FUMvLb820eeJBBkWRsvyXmaRgaq0JarwNMyJUghMSyqOJN7X7kvRyDLa-maMqSiExCtZgYXJgbTs6Rk1IyQ5hCy_Vm6AXA1qgSEVq3h_YJ9NAgbWvJ-RhBxfvqQ4Y7f74h4hXExX7C7l5z41RBvgrrG77wLS6ZMhYy2TOb5mM-QjNc2HMfVqkIWr7PSvh2YlIh6b_HvGrCde6Nm1kRg8OQnEEiG2ACtST_LLHhTiutI58JV9qZwQ4sejC5NQbAUgBWMN5kijWJ-VEsCpXopRJAp92QYBqKK3IxYF9ugs-Ns7Cnp_iBoMUi7AafMI2APhDTHc4MU8m1QHxk0ul0n3Mp1jwYHnZAahPi-_RxY7FEkKsd0BUq1JGwv03c2GMeBLV8xI6m_sBTPvwgj4mCoTkMh4MccUL34iBgKTPzuCu60dupK3T08LN8ZqHgCgM86PnZi1ZjTaJUieLCsEGUm8gGHAWiIv-Z58bevBDAlvUBBNFx6TST6fWRd6-8ZLpLxFAiapzmU92u00aq5S1XL1mFJax7dsauq19zjtwXq53lObvEhSiGN-JQbtBY-7H2XNOBiIGJtcdsFwLYiywV3F9W0G-ul94AVt5bS5DBwThBcSDdJJcrr5FykhFzr0O01czxklnuk29BvyLUR4rurboVBVkgUlLLy5pgoJSobxHqeO26uCSzdGRKVDCOf08GEjTc_RYWMslnthP0eZHGjYUKr7o4G4WCxcwBeKs4tj8A_yiVBFRnyx5JJvtj5PiYr733QmRD_FlfpocfiCsT1g5_2LzsMXga_sgB61QgUCFuCH_zm5L7KzhlUeHRp0Rprrsw0gYqxqYoNJ23f0T298MS27LfCM6zFj5QqnsUkqvQKYWyPk9PnvP-KdM_vpXAzFHbLMMYOSTTvM8OPUk-1NTkhopW_DaMbA5LesJ4ZcbB_JZnK579kCLhaNUiSyYBL7Nhmi7_S3UP7pllFwu2W-RvaUlLOsVooIIdBCLAhGAooD4kwE4yhcraF4SB86VYFMHbW0TM-XqNzSl_u_w1GlupM1DE6nINJwwHGcuVaDVpcdI1nbouoJzoN-9CoekVH6XQINtsYl1TipCZ4tvV3a_uP7k0ppg7Dzi-faIQ5zexzWFFq6aVZ-n8noP8IsMxYLEh82aRcu_sqQkRfQoMMbDuMtu2dmjRvWX_KW8hrpEfgrcO-E7nrqdScC1zFze0e-NZimkONubN6Q7ZMwRHeeOvAZXK0L3TrpHfAS6AeLNVXAaRfST91gSL5sRAOauNraZbKiQM5SodC43Jl16Nexo8uPpodkmmSRhlQ11zGZu8awu7xZbFajVp18WaL0R-hOjRMsCigP2wd8-teV88jMONQyqWn_cEf2AeYTEOPerB1_A1DdlB8sghUm1kRrSoOPvbQhQazorvAncK2ihgW-XfjtFziBiVJYBX4ghuWJBHnuF2BL6l_wSjfaHeZm51pr11JOTsUleC5j1cp3fmGEe9NiGzC2iS9sjTQsburzCql8N1gLDJMnk-RnNEyGGyLcHO4Ssotafq0J9bDsoNj78gGvn2L_hGNpZ2PmCQGbOAgjYqgrmFPsl5_j6oeEZZxkovJiMIHVSNv0DA6yU38NDFL-Fd94aTLn9OEbyaRQ_eB5bpeaBh2CrC_uR1bhlXstQzol0X3Jsqg-w2oFGUs0alDqEaoDzc5HRYnbhcfAiHSxNZ79v6ocjyrA6-ePPleTTNlmxjwNWnbVAFfe-SbDQA8cSbm_1yAr50ydGnZ48168B8bw2c5-eQWGKMQ3x_r09GZ_ehTRGRWt1Wt846Biv9IOMhsLkBtvESUpBsR3SAk1R1xiz9n2h8xPTBWcHU76JWWAVQIKirX_JX7vWen1mhs-QE8xKsoYCPDIKFC8_DFA3qSNVr6zC3j8CWrtmcsCDQxeMIxMsyuZy4ihvasnmJaS7lcuFsLZXL6-pa2IVkf4EzW-6lnO9oGiZ1J-POrwVMALeUc0AiDNpQ6tBxIM8FyDlH_jTZ6D4xe2LEyrQXFFwnfaWaEe82-IyOUO93nAnUflkCERAULRnqQ9PJTvvvnUsehMucYzVatlmiPzSPfP9jdDzdnf3zvOsntqscLG9lCahP5VP8WAfAK0iGlhZkg9HbPXXMTMj8rBe66wz7vykkDSpzpZRtGrEt2Z_oLyC2awwv_gvPzn3Ik0hRQjM0U-JIVG5rvXcnyCM3N7pgQLTj71Wh2mEBAvB-nAz0O4gNtsoHSZ6Q3vKbfDzVHBp9srmTQVdkDKZT2ZrhIICLegbVLdKscB_tYIOsVAmuToqvsizZLH2it4FjdZ_EHnb35Xu85aXdOTQ&cid=CAQSPABpAlJWgE7KfY50SZ4ZKbuH5G43JTw5-GE8o4wjCBepRzKElQk-d2GpkuPp4CHQ76pyp6VHayTiNH0TKRgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fgoo.by%2F&ds=l&xdt=1&iif=1&cor=15526308069402362000&adk=521587874&idt=152&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:58:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
17023
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:58:32 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 3F7D 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANszadceEWaFgFB9c-CerEgAD8LT_ccQixD4ckj9yQS7OICAGsHfYH5j52afmAaqNZZbxir1g5LwR1AMWdfk6SEkhKRGCXuDrIhKwZPNoPKdHOeMWwl5wuWrhUsznju2rYvvIHgqmcmj8kETNahmMfNqsbIhhxIURa-MDsOk8PJy363_A&dbm_d=AKAmf-CAVAr3wRcboBVzahWtneoQRpbMvMeUEO6dDJV66lWT7y1bg6MbVJrC5w04ZJEynyuDdIHIFgaR2Ah_aoFyoE28pe_MAZKS5UfZKk6R_mwS4nnUpIScG-ilfwmuIGRVqwyXKYlZP1q6JPYBA1uipI3qybw6diexJwJOBtQbzpx-QmxXPpejfE7SOpRNCxSIhYqopwVjHyeNYcjuwhRKhNA3o21f4aj4sYyrUd9_ZgQ-WMoMVuKfFrtR8VZs_m8onZYC0MZEureP0KiHNebBF6LOUvoCTf3URXoAIR9evGdZm1KhEbaa3Y19lHfavjHIZDZJ-Jq6r_tTWj8sJZoaCbPdM1tBDJ_ViaJ_LaaMdkEkfzo1-9Je5nYN3X1ROAdBIB6wVavPxSzhEyXEC_YZzRvFGKGIVD-EIR-DiP4LayIWl6tb9P1XiTHHOEz0i8WxqAcyVAcOebvFTUTnrEOH1F6cQwPQywOsZbT4pWKGRKaqMNJl1FPdwkb9qGdAqxL7dDqNvCw0QCSRxzC50sNK8OgXH_eHDwAZ2y1FpkSRIM1C0o7EUbKWfln8V2FIqkA1PA2FeggbfBJlQS4jreNkzmujCi82LOzloAnJW7AAuUWupTpBgO8czKeNtWNo6A2vHA7JtG59mCS1Vlqh9GaAGlhHq4iL_LM2YunyQaoYT9uZseP6MN4aOwdeMU98sqkoUwq5Izo19sh3q2S22rMUnQGWKJ7ef0lrsU9n5WNxZ5WhkLcG1Kt8ETT6xxOQhVw41Nq7sbE2TCEjZLimDWjDg2XHUYwqqRszkeYzJao4Eh7QoHpA-GQw6cPvDUocXNfpS1pujGTo2vvYegiF5SfTBNIa3DERlFN8SXCK83ou2aW8SkwV8aT7vu2M5aBYqt1Tgo6ZitA3zVBXjSt-Z4bvBuGuGdO1SE4pQFu0QbY0Yg7VqrgCmyWxjf-Q2NIUdkTdYa7bMzMyaHfuq-QJN1aaefYmfIlkoZe-hBqM6opRJ3ZMT_lQFDAq0cadg1FwE9r-4s34UkI2irgk488_o3FUMvLb820eeJBBkWRsvyXmaRgaq0JarwNMyJUghMSyqOJN7X7kvRyDLa-maMqSiExCtZgYXJgbTs6Rk1IyQ5hCy_Vm6AXA1qgSEVq3h_YJ9NAgbWvJ-RhBxfvqQ4Y7f74h4hXExX7C7l5z41RBvgrrG77wLS6ZMhYy2TOb5mM-QjNc2HMfVqkIWr7PSvh2YlIh6b_HvGrCde6Nm1kRg8OQnEEiG2ACtST_LLHhTiutI58JV9qZwQ4sejC5NQbAUgBWMN5kijWJ-VEsCpXopRJAp92QYBqKK3IxYF9ugs-Ns7Cnp_iBoMUi7AafMI2APhDTHc4MU8m1QHxk0ul0n3Mp1jwYHnZAahPi-_RxY7FEkKsd0BUq1JGwv03c2GMeBLV8xI6m_sBTPvwgj4mCoTkMh4MccUL34iBgKTPzuCu60dupK3T08LN8ZqHgCgM86PnZi1ZjTaJUieLCsEGUm8gGHAWiIv-Z58bevBDAlvUBBNFx6TST6fWRd6-8ZLpLxFAiapzmU92u00aq5S1XL1mFJax7dsauq19zjtwXq53lObvEhSiGN-JQbtBY-7H2XNOBiIGJtcdsFwLYiywV3F9W0G-ul94AVt5bS5DBwThBcSDdJJcrr5FykhFzr0O01czxklnuk29BvyLUR4rurboVBVkgUlLLy5pgoJSobxHqeO26uCSzdGRKVDCOf08GEjTc_RYWMslnthP0eZHGjYUKr7o4G4WCxcwBeKs4tj8A_yiVBFRnyx5JJvtj5PiYr733QmRD_FlfpocfiCsT1g5_2LzsMXga_sgB61QgUCFuCH_zm5L7KzhlUeHRp0Rprrsw0gYqxqYoNJ23f0T298MS27LfCM6zFj5QqnsUkqvQKYWyPk9PnvP-KdM_vpXAzFHbLMMYOSTTvM8OPUk-1NTkhopW_DaMbA5LesJ4ZcbB_JZnK579kCLhaNUiSyYBL7Nhmi7_S3UP7pllFwu2W-RvaUlLOsVooIIdBCLAhGAooD4kwE4yhcraF4SB86VYFMHbW0TM-XqNzSl_u_w1GlupM1DE6nINJwwHGcuVaDVpcdI1nbouoJzoN-9CoekVH6XQINtsYl1TipCZ4tvV3a_uP7k0ppg7Dzi-faIQ5zexzWFFq6aVZ-n8noP8IsMxYLEh82aRcu_sqQkRfQoMMbDuMtu2dmjRvWX_KW8hrpEfgrcO-E7nrqdScC1zFze0e-NZimkONubN6Q7ZMwRHeeOvAZXK0L3TrpHfAS6AeLNVXAaRfST91gSL5sRAOauNraZbKiQM5SodC43Jl16Nexo8uPpodkmmSRhlQ11zGZu8awu7xZbFajVp18WaL0R-hOjRMsCigP2wd8-teV88jMONQyqWn_cEf2AeYTEOPerB1_A1DdlB8sghUm1kRrSoOPvbQhQazorvAncK2ihgW-XfjtFziBiVJYBX4ghuWJBHnuF2BL6l_wSjfaHeZm51pr11JOTsUleC5j1cp3fmGEe9NiGzC2iS9sjTQsburzCql8N1gLDJMnk-RnNEyGGyLcHO4Ssotafq0J9bDsoNj78gGvn2L_hGNpZ2PmCQGbOAgjYqgrmFPsl5_j6oeEZZxkovJiMIHVSNv0DA6yU38NDFL-Fd94aTLn9OEbyaRQ_eB5bpeaBh2CrC_uR1bhlXstQzol0X3Jsqg-w2oFGUs0alDqEaoDzc5HRYnbhcfAiHSxNZ79v6ocjyrA6-ePPleTTNlmxjwNWnbVAFfe-SbDQA8cSbm_1yAr50ydGnZ48168B8bw2c5-eQWGKMQ3x_r09GZ_ehTRGRWt1Wt846Biv9IOMhsLkBtvESUpBsR3SAk1R1xiz9n2h8xPTBWcHU76JWWAVQIKirX_JX7vWen1mhs-QE8xKsoYCPDIKFC8_DFA3qSNVr6zC3j8CWrtmcsCDQxeMIxMsyuZy4ihvasnmJaS7lcuFsLZXL6-pa2IVkf4EzW-6lnO9oGiZ1J-POrwVMALeUc0AiDNpQ6tBxIM8FyDlH_jTZ6D4xe2LEyrQXFFwnfaWaEe82-IyOUO93nAnUflkCERAULRnqQ9PJTvvvnUsehMucYzVatlmiPzSPfP9jdDzdnf3zvOsntqscLG9lCahP5VP8WAfAK0iGlhZkg9HbPXXMTMj8rBe66wz7vykkDSpzpZRtGrEt2Z_oLyC2awwv_gvPzn3Ik0hRQjM0U-JIVG5rvXcnyCM3N7pgQLTj71Wh2mEBAvB-nAz0O4gNtsoHSZ6Q3vKbfDzVHBp9srmTQVdkDKZT2ZrhIICLegbVLdKscB_tYIOsVAmuToqvsizZLH2it4FjdZ_EHnb35Xu85aXdOTQ&cid=CAQSPABpAlJWgE7KfY50SZ4ZKbuH5G43JTw5-GE8o4wjCBepRzKElQk-d2GpkuPp4CHQ76pyp6VHayTiNH0TKRgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fgoo.by%2F&ds=l&xdt=1&iif=1&cor=15526308069402362000&adk=521587874&idt=152&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 14:06:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
16561
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11545
x-xss-protection
0
server
cafe
etag
12064860844701496540
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 14:06:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3F7D 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 13:52:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
362980
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 13:52:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0765 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:37:24 GMT
etag
48472445140208031
expires
Sun, 16 Jul 2023 18:37:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3F7D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9363425eaeddea02ca3eabf13e1e7888150ed776dbe1fbd2c93bd6c6e31114df

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 0765 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMT6qGOdIS9edJ9sa2UqdII&google_cver=1&google_push=AaAOQGHBmcPXudzV4Qcl5RdZmjyyNQpEAyE8IV_0qfI-jqrtHHGWZOK3OJMg2peN2MqHjE8eeR_YjwNHR8kQU6weq613vrQ2NM9d93A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 0765
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJlPONWT1DM13FEjHaCzqWs&google_cver=1&google_push=AaAOQGEL4GCtLXbRYoZDoKyzlcGon5FRRhhR1ahLspZ98vff3Ahdchu4J87fLnckGbka_Iy4UH7gcKq4kHCym8ERqy5-KfMrVOS9SBI
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0D5AFDB49FD46E19C94C78A2F74DCFA&google_push=AaAOQGEL4GCtLXbRYoZDoKyzlcGon5FRRhhR1ahLspZ98vff3Ahdchu4J87fLnckGbka_Iy4UH7gcKq4kHCym8E...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0D5AFDB49FD46E19C94C78A2F74DCFA&google_push=AaAOQGEL4GCtLXbRYoZDoKyzlcGon5FRRhhR1ahLspZ98vff3Ahdchu4J87fLnckGbka_Iy4UH7gcKq4kHCym8ERqy5-KfMrVOS9SBI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 15 Jul 2023 18:42:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0D5AFDB49FD46E19C94C78A2F74DCFA&google_push=AaAOQGEL4GCtLXbRYoZDoKyzlcGon5FRRhhR1ahLspZ98vff3Ahdchu4J87fLnckGbka_Iy4UH7gcKq4kHCym8ERqy5-KfMrVOS9SBI
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 14 Jul 2023 18:42:15 GMT
google
match.adsrvr.org/track/cmf/ Frame 0765 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJV96iqbp_3qfxtdihO1XFA&google_cver=1&google_push=AaAOQGEOiW71J4Scq6XOOAOi6kF9NNdl0PG7MatZxFslCeydXl7J8VdgVuLHo0IwQyIrblffbQS7B6vLthdnpfa_uNNESJ3r0DEgrVw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0765
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMq9310oxafi-lkgaSmh5aE&google_cver=1&google_push=AaAOQGEIqp0B5jOw_2u45KXvOs2hIEnpr7ccjF5wck2bd5Sb0uIVceILQifHqfODH4yy8mI31nR5JFJ_TfRuLv...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AaAOQGEIqp0B5jOw_2u45KXvOs2hIEnpr7ccjF5wck2bd5Sb0uIVceILQifHqfODH4yy8mI31nR5JFJ_TfRuLvbP2zZoyUehNGF2pu4&google_hm=hmSy6Ie5XI9rwC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AaAOQGEIqp0B5jOw_2u45KXvOs2hIEnpr7ccjF5wck2bd5Sb0uIVceILQifHqfODH4yy8mI31nR5JFJ_TfRuLvbP2zZoyUehNGF2pu4&google_hm=hmSy6Ie5XI9rwCD-iQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64B2E887B95C8F6BC020FE89BLIS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AaAOQGEIqp0B5jOw_2u45KXvOs2hIEnpr7ccjF5wck2bd5Sb0uIVceILQifHqfODH4yy8mI31nR5JFJ_TfRuLvbP2zZoyUehNGF2pu4&google_hm=hmSy6Ie5XI9rwCD-iQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D64B2E887B95C8F6BC020FE89BLIS
date
Sat, 15 Jul 2023 18:42:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0765
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH-FRMwJtJwgPKLF2e_oiVg&google_cver=1&google_push=AaAOQGGBv5EZLWrG0NpLlx_t6k8zUvw01zostHjnpv0-fkToawy2oOarfcifr6qckFYp3VH9q5RlZFhEDt5vnqHOHjZJ...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEH-FRMwJtJwgPKLF2e_oiVg&google_cver=1&google_push=AaAOQGGBv5EZLWrG0NpLlx_t6k8zUvw01zostHjnpv0-fkToawy2oOarfcifr6qckFYp3VH9q5RlZFhEDt5vnq...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322327417874577&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGBv5EZLWrG0NpLlx_t6k8zUvw01zostHjnpv0-fkToawy2oOarfcifr6qckFYp3VH9q5RlZFhEDt5vnqHOHjZJDnpXMBEx8VM&google_hm=5mfJBJcNSZWubBr_TF4X...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGBv5EZLWrG0NpLlx_t6k8zUvw01zostHjnpv0-fkToawy2oOarfcifr6qckFYp3VH9q5RlZFhEDt5vnqHOHjZJDnpXMBEx8VM&google_hm=5mfJBJcNSZWubBr_TF4XDg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGGBv5EZLWrG0NpLlx_t6k8zUvw01zostHjnpv0-fkToawy2oOarfcifr6qckFYp3VH9q5RlZFhEDt5vnqHOHjZJDnpXMBEx8VM&google_hm=5mfJBJcNSZWubBr_TF4XDg==
date
Sat, 15 Jul 2023 18:42:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0765
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELWaEDYmJEyMpTKxGwh7x34&google_cver=1&google_push=AaAOQGEDkwMf72DufIeAHiKlMn9GoOfhrFWiYcg6PxdlTD3-djn5Od-kGxfHIU_RfA2dVbqse7mAE0KjeU-fgIr3U_fjpmD...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEDkwMf72DufIeAHiKlMn9GoOfhrFWiYcg6PxdlTD3-djn5Od-kGxfHIU_RfA2dVbqse7mAE0KjeU-fgIr3U_fjpmD0N6TXe3E&google_hm=eS1sNzZpX0RGRTJwSEN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEDkwMf72DufIeAHiKlMn9GoOfhrFWiYcg6PxdlTD3-djn5Od-kGxfHIU_RfA2dVbqse7mAE0KjeU-fgIr3U_fjpmD0N6TXe3E&google_hm=eS1sNzZpX0RGRTJwSENQZGtLc3ZDeDQ3SGlpX3lUYmduOH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 15 Jul 2023 18:42:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGEDkwMf72DufIeAHiKlMn9GoOfhrFWiYcg6PxdlTD3-djn5Od-kGxfHIU_RfA2dVbqse7mAE0KjeU-fgIr3U_fjpmD0N6TXe3E&google_hm=eS1sNzZpX0RGRTJwSENQZGtLc3ZDeDQ3SGlpX3lUYmduOH5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 0765 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEBSFQryrz_yzZJ8MOpOprzk&google_cver=1&google_push=AaAOQGEcc59WBa_rOodFfHB9DR1FI4ZNP9FF3ZuKlV9Xr6pPwShLvFV0BsWf_LHnLHBq8H4zPrjhFdapoNnTO4aQ1RviIbz8t8p3GA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:15 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
309447
expires
Sat, 15 Jul 2023 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0765 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LCtCE18QVsumx2tKdby5u6IpHWLg3hxdG4vIMgWuBw-0M_9_i4-NO3chXHHeof-wP-qWpF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9BC4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
182109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jul 2023 16:07:06 GMT
expires
Fri, 12 Jul 2024 16:07:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/10256918388168393334/ Frame 2FAF 		148 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c69976cd568b69a76e60900676f5e45c901c66b2cd4b0181e1ac468bc28c986c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
375053
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
23597
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jul 2023 10:31:22 GMT
expires
Wed, 10 Jul 2024 10:31:22 GMT
last-modified
Wed, 09 Feb 2022 10:34:13 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3F7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssg3CRbbHQS5lxgDxpXUchBot6fCyKdo6QOjzOzS1W04Qg7GJJdGel-byiLBiROWyNVTQ0AS2sTlIQKhibNLKREHUv2Q_hp4-hj4kNcqnGmIp9nNnGBhGTpPqoMjf13YGFvbqhgVqYD5cuESXfSy7KhWjtgCGWI8fy56KXkxFy0zzEZyVvtr2tPoWKWIaYw5HP9HXJ--TouvnEPGrCQgQcyu16oARxfmqklleWvIgQNFW8BAg_lxUxrZky0fb0ofTKJzmVWaXYALKJT7oaDnKXURieps9dJneWFA62DkQG3UU4JEgtV2QHQ1_IqDDuuTy1JRxgcrt7PK-Bx0O9JOInNv8emH4BV1vYF1eEJo5zaEW_4qp7fEpbGt2Ajng-zkiN6oocEWRgd3lwWPjGN8FcubQZ3gxMoXjTNb4jy_Y6cicMpHi2CtRiNkGvm2hHRLmEnvFGF7CmOnYZhtdoHZQWIkKLQ16HCLqJmo-t1rqMq2GYXv2T229VH_xed82EKMD56tJa4GnCWb1pF1RiKoA0A1KkepJKNYg2TrWydyEElCucvoo4PLiZg7lwmaeRg-YLA9cwPaLbZp9h5-6YsqQYIN4pMBv4TS7MmFsccXgnK0uuS5VqwZ0FUD1zcLD0xnWhOICHHxVyKyu8JT2pGnmz7syWzRNkqGdR4fkwezTwjK3SdWMKKjiHYyVfrf_WtNuHe1XA3V0lqYAD3kWeogwNZpM1j0-YRFJyVItj01JBAMEUjjUdems6eBlFc9rhVYUmuFaybdUBdG_IABZFNGN50OxKHBFfjbBb9om24lMrZuPYlh72EVIRMCMLxBDYjrdFk6qqQd_lxGvKZb-TCprRKEPkUdNNk53MqU90YMYZH2Pt3CcqQ6jgfrhdxSIXqIQZI5Ig66dXKwDP4hJRUnHuEbzmXayfzH1Tm3HbP9W0O6mT92E3ltPxXI5hgHx5Vv5eaYb8EdQaJaZT_3AJf21CHVdl8U1HeEEAqiNQxXtifmk8AB3VMq39YQGp-cnKKUMyPinZTTD0kldo-xfZquKYgjxtjf3uuCIHY1ZkNKW1SGk6HOQFT6ELLYe-QbfG0FinUqekJ825-xPhYAuhz-43qo9FmXf-dRKNmfUsrXU8nMKzrKZxEPYfJdHGyv_IHFwn1zgMxdf6obnFiNJapyWi3mj1rczYuVpycmTMF2m0Ke09jZstOT7iE_U2lkIeJ4JPBY8CjAkj6XBNbORpsBsgjBipgX_OxFHJNntdRo4mbBN3I1CIZuLy8MbcC&sai=AMfl-YS1euHjhjpFLtuPpyFLwIjol0iklywrCI7XXbtwRTw5QEPd5Y6SXPqLNC5JQXW7sYkYiGhp-Vo56FDJTlGarqPgHhsM7YnRE9vAYtAEs56w3UEO7J-AOQy__qRVtNQQmUr0XrVvXRBHl7cTu-1V-HLIUXJBdJcVCGY_XlZLW5oESfj6XRBG8MELrGklZT9nB6kosrPXtZyCMnwdbeFiArRJ9l30rpLml_vcuPZqC8Tek4iXWfCBM7Xi-h7SPb4VUczoTxM&sig=Cg0ArKJSzE0haVdK4sJGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=85&cbvp=1&cstd=81&cisv=r20230711.69466&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 15 Jul 2023 18:42:15 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 15 Jul 2023 18:42:15 GMT
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame 9BC4 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
31803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Jul 2024 09:52:12 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 2FAF 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 16:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jul 2023 16:31:23 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3F7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssg3CRbbHQS5lxgDxpXUchBot6fCyKdo6QOjzOzS1W04Qg7GJJdGel-byiLBiROWyNVTQ0AS2sTlIQKhibNLKREHUv2Q_hp4-hj4kNcqnGmIp9nNnGBhGTpPqoMjf13YGFvbqhgVqYD5cuESXfSy7KhWjtgCGWI8fy56KXkxFy0zzEZyVvtr2tPoWKWIaYw5HP9HXJ--TouvnEPGrCQgQcyu16oARxfmqklleWvIgQNFW8BAg_lxUxrZky0fb0ofTKJzmVWaXYALKJT7oaDnKXURieps9dJneWFA62DkQG3UU4JEgtV2QHQ1_IqDDuuTy1JRxgcrt7PK-Bx0O9JOInNv8emH4BV1vYF1eEJo5zaEW_4qp7fEpbGt2Ajng-zkiN6oocEWRgd3lwWPjGN8FcubQZ3gxMoXjTNb4jy_Y6cicMpHi2CtRiNkGvm2hHRLmEnvFGF7CmOnYZhtdoHZQWIkKLQ16HCLqJmo-t1rqMq2GYXv2T229VH_xed82EKMD56tJa4GnCWb1pF1RiKoA0A1KkepJKNYg2TrWydyEElCucvoo4PLiZg7lwmaeRg-YLA9cwPaLbZp9h5-6YsqQYIN4pMBv4TS7MmFsccXgnK0uuS5VqwZ0FUD1zcLD0xnWhOICHHxVyKyu8JT2pGnmz7syWzRNkqGdR4fkwezTwjK3SdWMKKjiHYyVfrf_WtNuHe1XA3V0lqYAD3kWeogwNZpM1j0-YRFJyVItj01JBAMEUjjUdems6eBlFc9rhVYUmuFaybdUBdG_IABZFNGN50OxKHBFfjbBb9om24lMrZuPYlh72EVIRMCMLxBDYjrdFk6qqQd_lxGvKZb-TCprRKEPkUdNNk53MqU90YMYZH2Pt3CcqQ6jgfrhdxSIXqIQZI5Ig66dXKwDP4hJRUnHuEbzmXayfzH1Tm3HbP9W0O6mT92E3ltPxXI5hgHx5Vv5eaYb8EdQaJaZT_3AJf21CHVdl8U1HeEEAqiNQxXtifmk8AB3VMq39YQGp-cnKKUMyPinZTTD0kldo-xfZquKYgjxtjf3uuCIHY1ZkNKW1SGk6HOQFT6ELLYe-QbfG0FinUqekJ825-xPhYAuhz-43qo9FmXf-dRKNmfUsrXU8nMKzrKZxEPYfJdHGyv_IHFwn1zgMxdf6obnFiNJapyWi3mj1rczYuVpycmTMF2m0Ke09jZstOT7iE_U2lkIeJ4JPBY8CjAkj6XBNbORpsBsgjBipgX_OxFHJNntdRo4mbBN3I1CIZuLy8MbcC&sai=AMfl-YS1euHjhjpFLtuPpyFLwIjol0iklywrCI7XXbtwRTw5QEPd5Y6SXPqLNC5JQXW7sYkYiGhp-Vo56FDJTlGarqPgHhsM7YnRE9vAYtAEs56w3UEO7J-AOQy__qRVtNQQmUr0XrVvXRBHl7cTu-1V-HLIUXJBdJcVCGY_XlZLW5oESfj6XRBG8MELrGklZT9nB6kosrPXtZyCMnwdbeFiArRJ9l30rpLml_vcuPZqC8Tek4iXWfCBM7Xi-h7SPb4VUczoTxM&sig=Cg0ArKJSzE0haVdK4sJGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&vt=11&dtpt=112&dett=3&cstd=81&cisv=r20230711.69466&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: goo.by
URL: https://goo.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 15 Jul 2023 18:42:15 GMT
4.js
static.adsafeprotected.com/ Frame 3F7D
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-8917830189100721&ias_chanId=1&ias_placementId=19422215943&bidurl=https://goo.by/&ias_dealI...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_h-iyZL-3KvCt9u8P-sOdiAk&cbFunctionName=goog_wrapCb_h-iyZL-3KvCt9u8P-sOdiAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_h-iyZL-3KvCt9u8P-sOdiAk&cbFunctionName=goog_wrapCb_h-iyZL-3KvCt9u8P-sOdiAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H2
Server
2600:9000:223f:3c00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 20:47:10 GMT
x-amz-version-id
ZLSniZK0L39N2kTaoFj3AGSHtE16Dznr
content-encoding
gzip
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
165307
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 13 Jul 2023 20:47:08 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
maSYGjHqCiCmg3yZ142V36dIyRDoHUZhBUozTpj6_T_0c-A6Qj-YBA==

Redirect headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
server
nginx
x-server-name
app15.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_h-iyZL-3KvCt9u8P-sOdiAk&cbFunctionName=goog_wrapCb_h-iyZL-3KvCt9u8P-sOdiAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 702D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3c00:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
25671960
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
UQNwI3DLsdKN47joVXo4D5vOjafEWDYdzbSihknzoldzk6JyafNJRg==
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 2FAF 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:41:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Jul 2023 18:56:23 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 2FAF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:41:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Jul 2023 18:56:39 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 2FAF 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Jul 2023 18:56:38 GMT
head2_5line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2FAF 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_5line_paare.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fc65e436756cddb5fdfe98535eb5c0dadda31f81801a21fa4c0839d45daebd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3331
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 13:00:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Jul 2023 18:53:08 GMT
head1_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2FAF 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_2line_paare.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ab6793dc8e7ecc84e623176376fac17df0d4513fc68ab392d3850200da5f13b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1686
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 13:00:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Jul 2023 18:54:02 GMT
160x600_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 2FAF 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/160x600_kv_paar.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d6d8aa9116c8538da4416d44de1532dcf9f5ec4ddc85f4d524714e8ed918ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:38:08 GMT
x-content-type-options
nosniff
age
248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37561
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 08:15:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Jul 2023 18:53:08 GMT
dt
dt.adsafeprotected.com/ Frame 3F7D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3d0df05a-b2ee-8068-85b9-4a00b301f1aa&tv=%7Bc:isL1CH,pingTime:-3,time:72,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:73,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tK6BuAX+111%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C171*.990511-61634098%7C1711%7C1712%7C17131%7C1714%7C18%7C1911%7C1a1%7C1b11%7C1b12%7C1c1%7C1d,idMap:171*,rmeas:1,rend:0,renddet:na,siq:31%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:3ef3:8a09:2e9e:80a7 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3F7D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3d0df05a-b2ee-8068-85b9-4a00b301f1aa&tv=%7Bc:isL1CJ,pingTime:-6,time:74,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:74,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tK6BuAX+111%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C171*.990511-61634098%7C1711%7C1712%7C17131%7C1714%7C18%7C1911%7C1a1%7C1b11%7C1b12%7C1c1%7C1d,idMap:171*,rmeas:1,rend:0,renddet:na,siq:31%7D&tpiLookup=ao:goo.by*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:3ef3:8a09:2e9e:80a7 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3F7D 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3d0df05a-b2ee-8068-85b9-4a00b301f1aa&tv=%7Bc:isL1D2,pingTime:-2,time:93,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:469,beZ:471,mfA:474,cmA:476,inA:476,inZ:481,prA:482,prZ:491,si:499,poA:501,poZ:528,cmZ:528,mfZ:528,loA:543,loZ:546,ltA:562,ltZ:562%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:93,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B84~0%5D,as:%5B84~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tK6BuAX+111%7C12%7C13%7C14%7C151%7C152%7C161%7C162%7C171*.990511-61634098%7C1711%7C1712%7C17131%7C1714%7C18%7C1911%7C1a1%7C1b11%7C1b12%7C1c1%7C1d,idMap:171*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:31,sinceFw:61,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:3ef3:8a09:2e9e:80a7 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BC4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7gQFh-iyZL-3KvCt9u8P-sOdiAkAAAAAOAHgBAI&bg=!rK-lr_vNAAb90kgr3dI7ADkAdvg8WrMbR1kAvH3jS-r5RpC9FAIPIsxrXF2xYiJ3rg6l-vknOed4bdi0mHG2_PKaDPqyx01dbWoCAAAA4FIAAAAGaAEHmQLxVfK2XZ9oxRnHMeMg7BsdAXZJ7wv4Jx08fRceHOaIvVUpVZEOzjsJQZr6ljlelpFxz32cvtu-9BOkQ7KFtKQCjVI5n53wfowzuqF1QlfqK9kXxxBWy5om8KGCjcdOp8zVHeXClAhAM2pULG5X5NtskZ-XVJ0PNPT15Abwoe2bc5XXYlAhbXqrqfF6WB6iMYUB5i1cFV_vE3KOrMapAY9XDoGqxae6ZuisFNkw44t2mcWrodLofjHTjMhiZQunNe2PlfVi-pm4u-DJMHAAHqIQ7n5mgOFq82LSzkzOdLS_TfQJB_2KZ2tvEITXtso1_YDy_0zUAzpI5ywstbL_mGB8JdnPZDhSxS05a-SSzf_X6FN_w_Hq4oTgNJjqYFu4gvDUXFW10s9EeD98HnGIMGw8ilW0NeW5UpOXiN2HNwpnHFbF-xtmc__QGKoyBkpMJMXFv0dZ4-NEVGQbOGAULgbYArjirK2I6Qs4KplTHNscG_tMbrN7aY9In65xrM6CdlgrFRo11uNrjRsk_vHAVV69Se0fPUWOGOH49JOlT0lQGS7N1ynK82fPkVbTZ5HvJmU8MdCS4w2AVg8728_R3bGJMSphqnGSv8rwPKvcCon09x62KBBjg1BPToLc9ah6AHOghl0X6TXorqD1WHa9TitG2s0wWt9tUF7PQ9670zOSc0Wjl4JiY3xAw2HQl8_XftuR6wYUVwPkDbRQLWLANX2Jac4I2CCIkB_K4Ps6uT2RIwpP8NCfOKpNBlGoCgFkEok-yMfAwuOm0AQKPxkbXl0x-QzmHG51VYiIH_JxvJSVTNHVSdT32soC9kE0p-rrieiww-CENbncwgaRIMPVsuw7GojC8BUsiRcFE9OFXCll4ijEbsYLUrgQJGdGfJebanmCWd35keYVLvVzYqkwWrsaLPrOmFBy1cm_92ngIqb6fKSZ59NIaVQ9up2saN3ZqXLQmo14CX_DwKDK6W5TqWfcxYFaRshCWKSq0L-0hWibob97
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=-M&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=NXkBaOjKh3&p=https%3A//goo.by&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 3F7D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3d0df05a-b2ee-8068-85b9-4a00b301f1aa&tv=%7Bc:isL1It,pingTime:-10,time:430,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1689446536401%7C%7Cdc91c2e555d544553909dcda42deb626%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7Cd9a90d494915ac745ebb07eb17f42a13%7C%7Cef714b9737a1aef9f3e16aeef5532aec%7C%7C5a0857461b5b6b146f150e953be1c80d%7C%7Ca3ec9068e28e1bcc7893a1cdfc39e298%7C%7Cafd22c91c5cb424e9fa40cfa1d2a68b2%7C%7C1663701684,im:%7Bpci:%7Btdr:394%7D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:3ef3:8a09:2e9e:80a7 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
css
fonts.googleapis.com/ Frame 906B 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Jul 2023 18:42:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 17:12:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jul 2023 18:42:16 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 906B 		2 KB
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 906B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:27:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
33271
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 09:27:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 906B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:59:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2543
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 17:59:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 906B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 13:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8314
x-xss-protection
0
server
cafe
etag
15120507268597061312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 13:55:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 906B 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57311
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689162493659380"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Jul 2023 18:42:16 GMT
2a76cf1338a212cd33ad52adb05195b7.js
www.gstatic.com/mysidia/ Frame 906B 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 23:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14183
x-xss-protection
0
last-modified
Tue, 11 Jul 2023 07:02:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 23:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 834B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
292
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jul 2023 18:37:24 GMT
etag
48472445140208031
expires
Sun, 16 Jul 2023 18:37:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
3514131790483889263
tpc.googlesyndication.com/simgad/8219673177138455966/ Frame 906B 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8219673177138455966/3514131790483889263?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60451fa6368369575afaf59a74eb3c3a1f1495b97691a14715ea0cf54709779f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:14:16 GMT
x-content-type-options
nosniff
age
134880
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28104
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 08:33:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 Jul 2024 05:14:16 GMT
truncated
/ Frame 906B 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 906B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 906B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1689295a1398f86baf78136db1b68b176f64ec6d3b2093220e295db50c1630e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 834B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEILebdSuAEYw9TSxD-L1dHM&google_cver=1&google_push=AaAOQGFLHCbi1F-9-fP5RhEWCn6JC3DRiiGPxmT8DOVIMOuXTfcFhb_U2xkQeY9qWCPTMa5SCaFNgYX7SPIX8GedqgDXyQaf0Q5NuT0
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjUxNjEyMjI4OTQ3ODM5ODczMQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEILebdSuAEYw9TSxD-L1dHM&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEILebdSuAEYw9TSxD-L1dHM&google_cver=1
Protocol
H2
Server
46.228.164.11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEILebdSuAEYw9TSxD-L1dHM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 834B 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMT6qGOdIS9edJ9sa2UqdII&google_cver=1&google_push=AaAOQGElnPM1RKUJ4Ao9RAkSAueImOw3Zys5QE0G1mAapAgSzxHCXtdypIcMvJ5puehNKm9kTHlDtk0DY-8Zjl4Du0yCY1-G-VeZfT8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 834B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S3JDYjEwY3UxUWtLZEY1&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&google_cver=1&google_push=AaAOQGHM6dDXix_nraqynTmLkT-S0mnkOIkRMHXCpDWCHCS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S3JDYjEwY3UxUWtLZEY1&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&google_cver=1&google_push=AaAOQGHM6dDXix_nraqynTmLkT-S0mnkOIkRMHXCpDWCHCSvbGbbAwgf7R1CN2iFvvEqp-sQfmkFiM1t8YqIVFSAz5yPCalpgYL03w
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 15 Jul 2023 18:42:16 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-0ee6b652682556fe2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S3JDYjEwY3UxUWtLZEY1&google_gid=CAESEAXaP9yC3ybCwtKkti-XXQE&google_cver=1&google_push=AaAOQGHM6dDXix_nraqynTmLkT-S0mnkOIkRMHXCpDWCHCSvbGbbAwgf7R1CN2iFvvEqp-sQfmkFiM1t8YqIVFSAz5yPCalpgYL03w
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 834B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH-FRMwJtJwgPKLF2e_oiVg&google_cver=1&google_push=AaAOQGFMRmEtcsFjyXybN74Uk8KTs38_jOnYQoXf0iOJoC5QDgQ12lJqj0q0IJT3lkieXwkTMxIAYMtq-DiBxDGQ6vyC...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFMRmEtcsFjyXybN74Uk8KTs38_jOnYQoXf0iOJoC5QDgQ12lJqj0q0IJT3lkieXwkTMxIAYMtq-DiBxDGQ6vyCm49FfQ-Pyw&google_hm=5mfJBJcNSZWubBr_TF4XDg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFMRmEtcsFjyXybN74Uk8KTs38_jOnYQoXf0iOJoC5QDgQ12lJqj0q0IJT3lkieXwkTMxIAYMtq-DiBxDGQ6vyCm49FfQ-Pyw&google_hm=5mfJBJcNSZWubBr_TF4XDg==
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AaAOQGFMRmEtcsFjyXybN74Uk8KTs38_jOnYQoXf0iOJoC5QDgQ12lJqj0q0IJT3lkieXwkTMxIAYMtq-DiBxDGQ6vyCm49FfQ-Pyw&google_hm=5mfJBJcNSZWubBr_TF4XDg==
date
Sat, 15 Jul 2023 18:42:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 834B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELWaEDYmJEyMpTKxGwh7x34&google_cver=1&google_push=AaAOQGGAiVG8MhuTezECxqExaa8M6_j9lemX4Y4VLKiJAReXAL6EXNJrpCr3noK7QaEIVu7PcrAv85g8ga93ZNias557gxz...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGGAiVG8MhuTezECxqExaa8M6_j9lemX4Y4VLKiJAReXAL6EXNJrpCr3noK7QaEIVu7PcrAv85g8ga93ZNias557gxz7t_9OVjo&google_hm=eS1sNzZpX0RGRTJwSEN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGGAiVG8MhuTezECxqExaa8M6_j9lemX4Y4VLKiJAReXAL6EXNJrpCr3noK7QaEIVu7PcrAv85g8ga93ZNias557gxz7t_9OVjo&google_hm=eS1sNzZpX0RGRTJwSENQZGtLc3ZDeDQ3SGlpX3lUYmduOH5B
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 15 Jul 2023 18:42:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGGAiVG8MhuTezECxqExaa8M6_j9lemX4Y4VLKiJAReXAL6EXNJrpCr3noK7QaEIVu7PcrAv85g8ga93ZNias557gxz7t_9OVjo&google_hm=eS1sNzZpX0RGRTJwSENQZGtLc3ZDeDQ3SGlpX3lUYmduOH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 834B
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOzw3uPZd4Fid42OVc0h3vw&google_cver=1&google_push=AaAOQGHqrJc59Cpwg9ufDcKkLP0EW-9tIylgUSAGM2fDWLNcTXcfMCuUgGkDtdWjpnJQPGElOt4LWhP4RTAxHnAhufi5Sag...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOzw3uPZd4Fid42OVc0h3vw&google_cver=1&google_push=AaAOQGHqrJc59Cpwg9ufDcKkLP0EW-9tIylgUSAGM2fDWLNcTXcfMCuUgGkDtdWjpnJQPGElOt4LWhP4RTAxHnAhufi5S...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHqrJc59Cpwg9ufDcKkLP0EW-9tIylgUSAGM2fDWLNcTXcfMCuUgGkDtdWjpnJQPGElOt4LWhP4RTAxHnAhufi5Sag8cjAfBv8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHqrJc59Cpwg9ufDcKkLP0EW-9tIylgUSAGM2fDWLNcTXcfMCuUgGkDtdWjpnJQPGElOt4LWhP4RTAxHnAhufi5Sag8cjAfBv8
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AaAOQGHqrJc59Cpwg9ufDcKkLP0EW-9tIylgUSAGM2fDWLNcTXcfMCuUgGkDtdWjpnJQPGElOt4LWhP4RTAxHnAhufi5Sag8cjAfBv8
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
report
sync.teads.tv/um/ Frame 834B
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEN9A4TtpbUNu...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGG35mU180yV92m30QpMxQSLRdGrSVijJOF9BSZ9YQcVm8iQWu6uRErhQQRQhRIwK07WO4CUrHXZ0ScO3LrB7M0zEYP8gGUeAF14
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
23.218.209.56 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sat, 15 Jul 2023 18:42:17 GMT
pragma
no-cache
date
Sat, 15 Jul 2023 18:42:17 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 834B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9BVmGPLMl2yWMZ5UH3YXP6KSpc8xlty9I2Xc8wJJ40nEEk-BKKcs1ppsjTo6-lO4dkL8lbQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:42:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 906B 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 19:09:17 GMT
x-content-type-options
nosniff
age
343979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 19:09:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 906B 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CfdPTheiyZK7PPMSJ1fAPw5epqAOHm6vGcarenqP7EGQQASCL2vscYJX6l4KsB6ABrtfc3SjIAQmpAnKZAbhI1rI-qAMByAPLBKoEugFP0F6jyosWrVenkVim5Imce_tpYUd4CU8DGdwlsA2tfdvgRDNlDndAIEEuoOm4H1XtewBsyRZBkp8JEt-syWDkBj2_rRPTnfSgfBAHWXXq_JsQ_0vi8QC3x1a_F2j52TbkPCF00MJU8_z4oNuIE0dIIjIaC1Q3VxHfUV8aeStD_Xe4ghUAY821HzKR4xCZtzh9HG34uwpY5G0uL6NgER2ZDFMJtEKImlHHQinOCqIX6Q55QCvkySQhDJzABOGgmPK2BJIFBAgEGAGSBQQIBRgEoAYugAeuj629A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKroBtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi04OTE3ODMwMTg5MTAwNzIxGAA&sigh=oy78xG4gQtM&uach_m=[UACH]&cid=CAQSPABpAlJWDT0bwdZy3zsgQaH18MfqpRaiiIQMKeA9SDDb6ivZJd1Pi-MEgKqMZ-vp4xO07iwsin590MCgeRgB&template_id=5000&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 15 Jul 2023 18:42:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame 66F0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689446533&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689446533945&bpp=1&bdt=3196&idt=0&shv=r20230711&mjsv=m202307110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe2b70647ff2b390-221907c7bce200b9%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw&gpic=UID%3D00000cc2b658b887%3AT%3D1689446531%3ART%3D1689446531%3AS%3DALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=21627994917&frm=20&pv=1&ga_vid=1965465884.1689446531&ga_sid=1689446531&ga_hid=684428966&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44788442%2C44796827&oid=2&psts=ABnkTfB-qsXIFJoSE2i7SJV9B2PN4i0rMGO_m5VLSX2mg_PCyffHhYbsIvdz8SQ7orpU_DnVujpnRBkVlXTy4QNLqhIyIg&pvsid=2524045809004870&tmod=1124752156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=inwxGIg5LB&p=https%3A//goo.by&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 09:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
31804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14631
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Jul 2024 09:52:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F7D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4022199233816&version=m202306200101&ct=76&x=1&cor=15526308069402362000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 15 Jul 2023 18:42:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| is_mobile function| is_tablet string| appurl string| token object| cookieconsent object| Pace function| icheck_reload function| show_forgot_password function| update_sidebar function| zClipload function| loadall function| update_autocomplete function| validateForm function| form_switch function| changeTheme function| showBundle function| showAll function| server function| refreshLinks function| archive function| addtobundle object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| recaptcha object| lang object| closure_lm_945730 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| Ya object| yaCounter45619767 function| google_sa_impl boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp object| GoogleGcLKhOms

40 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AHju0w8f1NljFPOIiHER8IyrLfj3P4hrIyu1TmgKOlYr4hwgTWSQn8JsVu05LrBr7i8VXXaBp0Fswnw3EUjaP0U
goo.by/ Name: PHPSESSID
Value: 8u12orr41ok7ki59f2pefj82hv
.goo.by/ Name: _ym_uid
Value: 1689446531459058542
.goo.by/ Name: _ym_d
Value: 1689446531
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 909875674fake
.mc.yandex.by/ Name: sync_cookie_csrf
Value: 1007600880fake
.goo.by/ Name: _ym_isad
Value: 2
.goo.by/ Name: __gads
Value: ID=fe2b70647ff2b390-221907c7bce200b9:T=1689446531:RT=1689446531:S=ALNI_MbohLl-mZlG5M7pZQDqPJHMl8s9Mw
.goo.by/ Name: __gpi
Value: UID=00000cc2b658b887:T=1689446531:RT=1689446531:S=ALNI_MYi-sXg8H6Sqz3LOgJ9cLRWTZ_WFg
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2871667793fake
mc.yandex.com/ Name: yabs-sid
Value: 1506639561689446531
.yandex.com/ Name: i
Value: 3g8TE8Mn09QK+uIJDX3i8rP2OYVuAm4+AhqvBhGfKsjXow/ATaW/2TAWdU2b2WV0Nbdlf40K7JyZi97L7jdnvU3QWVE=
.yandex.com/ Name: yandexuid
Value: 9640153281689446531
.yandex.com/ Name: yuidss
Value: 9640153281689446531
.yandex.com/ Name: ymex
Value: 1720982531.yc.1689446531#1720982531.yrts.1689446531#1720982531.yrtsi.1689446531
.yandex.com/ Name: bh
Value: KgI/MA==
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUl_wUtR-gMnv96OUhnxrATk-E7yDc5OANUb4lvhdKctDIdB4_G5WRyjGavds0c
.adfarm1.adition.com/ Name: UserID1
Value: 7256117616176920726
.simpli.fi/ Name: suid
Value: C0D5AFDB49FD46E19C94C78A2F74DCFA
.w55c.net/ Name: wfivefivec
Value: KrCb10cu1QkKdF5
.blismedia.com/ Name: b
Value: 64B2E887B95C8F6BC020FE89BLIS
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: mt_mop
Value: 4:1689446536
.w55c.net/ Name: matchgoogle
Value: 5
.adform.net/ Name: uid
Value: 2793105341878232498
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb>FdqIf!@wnfH8K6pQK`!5=E<*L5?%KDiG_0pde=A'7!LG3k`NOsmde9i:'oQ@q*w52%nugO%v4VB%nlg3)hM(T
.casalemedia.com/ Name: CMID
Value: ZLLoh-iX-.nvTJ5ASAGa1wAA
.casalemedia.com/ Name: CMPS
Value: 2128
.casalemedia.com/ Name: CMPRO
Value: 2128
.adnxs.com/ Name: uuid2
Value: 5055923505273869007
.tribalfusion.com/ Name: ANON_ID
Value: ainseFt3er66AxvPAB9XYbZaR3yJh328JDUOcVgZcrx5a1fWXwOeqU7AIOTaOQ0OBWUHPt7BN10K0L7PWqZdZd5l
.doubleclick.net/ Name: APC
Value: Aa3gxNov61PQfvLRsSwJB_kukSmtv_Iz_8vEKQoMiIXfb1tUhdCqwg
.yahoo.com/ Name: A3
Value: d=AQABBIfosmQCEOiv4h_QiDBBjTmmFTWkjXcFEgEBAQE6tGS8ZAAAAAAA_eMAAA&S=AQAAAnMwJu5WVnEkRKzw24hF9Eg
.bidswitch.net/ Name: tuuid
Value: e667c904-970d-4995-ae6c-1aff4c5e170e
.bidswitch.net/ Name: c
Value: 1689446536
.bidswitch.net/ Name: tuuid_lu
Value: 1689446536
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmFpYmJmamxmaGkMACIamgMQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjcxNLcwNzE1NxfiM9T1CMj19IgoC9I1S_MBAClGt_olAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjcxNLcwNzE1NxfiM9T1CMj19IgoC9I1S_MBAClGt_olAAAA

1 Console Messages

Source Level URL
Text
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230711/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=293675613&client=ca-pub-8917830189100721&fa=3&ifi=11&uci=a!b&btvi=4&xpc=CLvHN77Uog&p=https%3A//goo.by
Message:
The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
adservice.google.com
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
goo.by
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
match.adsrvr.org
mc.yandex.by
mc.yandex.com
mc.yandex.ru
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
s.tribalfusion.com
s0.2mdn.net
static.adsafeprotected.com
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.184.226
142.250.186.34
178.250.7.11
185.29.132.241
185.80.39.216
193.0.160.130
213.155.156.185
23.218.209.56
2600:1f18:1aca:4281:3ef3:8a09:2e9e:80a7
2600:9000:223f:3c00:8:48e:53c0:93a1
2606:4700:3030::6815:56e9
2606:4700:3037::ac43:899a
2606:4700::6811:190e
2606:4700::6812:18ad
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2003
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
2a02:6b8::1:119
2a02:fa8:8806:13::1400
2a05:d018:d29:3601:ec8d:4a3a:2499:c89d
3.33.220.150
34.91.62.186
34.96.105.8
37.157.6.243
37.252.171.85
46.228.164.11
52.213.129.153
52.57.153.48
52.58.92.189
85.114.159.118
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f
08ec63812b5c543fbc24b98cf05328d849347f0dc0b2cbdf9bc463435b5ad1f6
0a636e71512d2338cbab37feffec2af1d52668daf9080ef90e30e0740145822d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cfff2204e53adccd5795e056e75218f5309b0ef684e34451f14c1fd6594bda6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
171ca22825d9d3284a7e20e85120854bc2bf6fb15b821ce6bed382f14ff51c29
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1912ec9329c898b56073a8120eb94e72e0bb858b390443cbc65d18a494572215
195ffe64f7501043f3700fdf9fbf2012d0b66fa26dcad328db4d5e8430fb520b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1dd63824a6304e84f5ac8549da2750d150a0eb24c50960dd83e08a63d5a97f21
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2ab6793dc8e7ecc84e623176376fac17df0d4513fc68ab392d3850200da5f13b
2bedcc84c0a3c97983f3e0d59d9f56a64765d6db95927abb689067f2fbe49a99
2c782f8a457b45118f83937420917ed26b369552f04e470d618f37477734421d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33fff5e71230b233c586df2513ccfc7fb79983af64a59022d1359e262b8c689a
35888c1ba052fc59f7c75a8f8b003812083eef76af30fa450f59608dfb7f12f2
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
43df0eac8cd04fe4184d857d79cb2b72f9c636dfbc7d3bc6555ce0aacf2f2c47
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e51c17cfae37fecdfbbcdfaa4f2236d6c8d08106484ce227cf1a61f6086da5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc65e436756cddb5fdfe98535eb5c0dadda31f81801a21fa4c0839d45daebd9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5821f4e403aaeb62da748cb2a7063009beee58bc4015e83da29a72de886d1382
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c115d957ef05aed690ca2d26691aa3ee6da5f72dd9339f8b006529aaf99de3d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
60451fa6368369575afaf59a74eb3c3a1f1495b97691a14715ea0cf54709779f
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6461e3d621bb44222b85c04e787c3a1bc2c296316d77bc175e682c177557fa76
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
68decb9b04351770373306a7d4eef2a677b9f2541d790a42fc6f72e8cdcc7bd0
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6c785dee6ed2b248070e51f80868e1b938665681c17188c4e579c9c509ae05d8
6df3e08475f8803eb60c7d347181915f5f81b6011c234008da831ac99dc5d3e2
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
877de2ffab95719d6ff1f1048fa912e70ee31879a2a31f868eb5b1770252d8fb
88fb056853e8acb305d341c4a3eec102a7f434e1db2e56d30601ece2d19a3264
89369469e406287df00fb9bcdb9dedde63561c7a60c83b3da63df11a6c7ab3f7
89607b7831b876448bb4accffa32bcf7bf4256581da324fb82a34ddafe7f13c8
89c6a67fb45c024ee1195323e541fe75c52f5774d535911cde5689df09e383ec
8d6d8aa9116c8538da4416d44de1532dcf9f5ec4ddc85f4d524714e8ed918ee2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7cf4443c1edd4cdb6f1fba38d5e0951c45f41e584f5827420cc8e4f144c209
8f85cdf3499d284b8a072fdf645d8314e4ff7e444856f0c43d9ca27bfb007b0a
908ebdf78c476f4a88612b40be7c1043786c4f66a2dd7c6ac1211ac4c8da462a
93467545529fed7d0edebb9441a127d9a0dddcd13a36fef21fc377b1910257c1
9363425eaeddea02ca3eabf13e1e7888150ed776dbe1fbd2c93bd6c6e31114df
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
97f4cb1cd8fad2e1abc701f6574be3e331c429c0ed982bff9413e1547878912c
9958e01353d3e13e2d50c49439ad21e6ee08029f9af83f2598368659178ce548
9a3329ff5055e90e2f0849d6c36c7cd3b2c0830d11b2a1c226d9a3adb4fa287a
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c3d6eab4b31312e60add24fbf7ea775ecec85628cc08798dd966605e9a3833c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a64f9f125cbb4d62162fe77c142dd51264563a33c9dd9e8da61a784641fc7f63
a7c3e55eaa9ecaa4ca4a2ebffc199b1d3b5c4c568e832a107811ca61db66bcbb
a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72
a8cb35e6295b2fb5380e957dd0f63ee72fb005270c536e34be4007e1785590f7
aa7074f9a3c53a17de894245299386751108ee411500d2548aaf09c30fc1e555
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac9c288761ebc7cfd5f241861b1e14d8f57ff6e9c5fbfb297202989f2625d950
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b345d441f8263951c97304e6a36b9a85d846103028477b313efb40b2d6b5ec54
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
bcef99774a5a5293efaa18178d619d904232083dc8faaa9bcb5436e845f7043a
c44313430f757e3a44c796394ad431ad413d363d4467dfbc6cf1867e560969c3
c69976cd568b69a76e60900676f5e45c901c66b2cd4b0181e1ac468bc28c986c
c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
ce39ed1aa89634077f4128d101729d2bd5b820d3f807538c10f35c7da41708b1
d1689295a1398f86baf78136db1b68b176f64ec6d3b2093220e295db50c1630e
d3921684c87c0101c80824f586a9c9f5497e34c48d32fc743a6f8bf757ca2127
d69ba2a3cb603ff3aba5f081ad98b683d0b0788524d62f5b4df4f240658b4c90
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e337c98d5ed7ed7e852c87ee65bf108bd1cf6377d585c9f7b595a9e54ad41fa5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
edaf330afe022ec612c4d0517d27a2d7aa97a928079a67f7e2874cc4c3e0bddb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27a0a9f152cb4f848809bc66b44a4869691f1011ca0083103791f884fd92ace
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffed7a2c4fa2dd61fb875c8b95a443b330911678d410487fb426c0599d103a66
fffeca646555545c8fb0fb9fc1d08b6e9481509b0f0fb78b4243807ca076410c