vsevjednom.cz Open in urlscan Pro
89.221.218.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://flash.megaupload.cz/
Effective URL:
https://vsevjednom.cz/?404
Submission: On October 28 via automatic, source rescanner (October 28th 2021, 9:29:12 pm UTC) — Scanned from DE

Summary HTTP 86 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 12 domains to perform 86 HTTP transactions. The main IP is 89.221.218.10, located in Czech Republic and belongs to WEDOS, CZ. The main domain is vsevjednom.cz.
TLS certificate: Issued by R3 on August 28th 2021. Valid for: 3 months.

This is the only time vsevjednom.cz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 10	89.221.218.10 89.221.218.10	197019 (WEDOS) (WEDOS)
14	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 13	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
10	216.58.212.161 216.58.212.161	15169 (GOOGLE) (GOOGLE)
2	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
2	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
5	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
5	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	142.251.5.154 142.251.5.154	15169 (GOOGLE) (GOOGLE)
3	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
15	74.125.104.103 74.125.104.103	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
86	18

10 89.221.218.10 (Czech Republic) 2 redirects

ASN197019 (WEDOS, CZ)
PTR: vsevjednom.cz

flash.megaupload.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
megaupload.vsevjednom.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsevjednom.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.vsevjednom.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.vsevjednom.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.181.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.212.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.239.32.3 (Los Gatos, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.5.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.174 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 74.125.104.103 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s07-in-f7.1e100.net

r1---sn-2gb7sn7k.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.164 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	261 KB
16	2mdn.net 1 redirects gcdn.2mdn.net r1---sn-2gb7sn7k.c.2mdn.net	5 MB
15	doubleclick.net 2 redirects googleads.g.doubleclick.net bid.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	68 KB
13	gstatic.com csi.gstatic.com fonts.gstatic.com www.gstatic.com	104 KB
9	vsevjednom.cz 1 redirects megaupload.vsevjednom.cz vsevjednom.cz static.vsevjednom.cz images.vsevjednom.cz	93 KB
4	googleapis.com fonts.googleapis.com imasdk.googleapis.com	128 KB
3	google.com 1 redirects adservice.google.com www.google.com	1 KB
2	openx.net 1 redirects us-u.openx.net	489 B
1	googletagservices.com www.googletagservices.com	37 KB
1	google.de adservice.google.de	792 B
1	googleadservices.com partner.googleadservices.com	638 B
1	megaupload.cz 1 redirects flash.megaupload.cz	223 B
86	12

	Domain	Requested by
15	r1---sn-2gb7sn7k.c.2mdn.net	vsevjednom.cz imasdk.googleapis.com
14	pagead2.googlesyndication.com	vsevjednom.cz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
10	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	csi.gstatic.com	imasdk.googleapis.com
4	static.vsevjednom.cz	vsevjednom.cz
3	ade.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	vsevjednom.cz	vsevjednom.cz
2	us-u.openx.net	1 redirects
2	www.google.com	1 redirects tpc.googlesyndication.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
1	cm.g.doubleclick.net	1 redirects
1	googleads4.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	images.vsevjednom.cz	static.vsevjednom.cz
1	megaupload.vsevjednom.cz	1 redirects
1	flash.megaupload.cz	1 redirects
86	25

This site contains links to these domains. Also see Links.

Domain
tv.vsevjednom.cz
megaupload.cz
streamuj.cz
rychlostnetu.cz
katalog.vsevjednom.cz
mujblog.info
bazar.vsevjednom.cz
svatky.vsevjednom.cz
xn--pesmyky-n6a39d.vsevjednom.cz
video.vsevjednom.cz
slova.vsevjednom.cz
jedu.vsevjednom.cz
adblock.vsevjednom.cz
zkracovac.vsevjednom.cz
unixtimestamp.vsevjednom.cz
pdf.vsevjednom.cz
jigsaw.w3.org
validator.w3.org

Subject Issuer	Validity	Valid
vsevjednom.cz R3	`2021-08-28` - `2021-11-26`	3 months	crt.sh
static.vsevjednom.cz R3	`2021-08-28` - `2021-11-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
images.vsevjednom.cz R3	`2021-08-28` - `2021-11-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-10-19` - `2021-12-28`	2 months	crt.sh

This page contains 11 frames:

Primary Page: https://vsevjednom.cz/?404
Frame ID: FEC2FD035BF35D3EEFF46D133C27E621
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/zrt_lookup.html
Frame ID: 31423483F7315E564E045E93081D5E25
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&h=280&slotname=9612843281&adk=1134898519&adf=131095644&pi=t.ma~as.9612843281&w=955&fwrn=4&fwrnh=100&lmt=1635456547&rafmt=1&psa=0&format=955x280&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547578&bpp=3&bdt=217&idt=87&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&correlator=2842171348007&frm=20&pv=2&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=323&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PALMBRVAHu&p=https%3A//vsevjednom.cz&dtd=99
Frame ID: 11A1AE38D9C6ED482D1D489FB1695697
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&h=280&slotname=2614976358&adk=341805304&adf=2785741434&pi=t.ma~as.2614976358&w=1175&fwrn=4&fwrnh=100&lmt=1635456547&rafmt=1&psa=0&format=1175x280&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547581&bpp=1&bdt=220&idt=101&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&prev_fmts=955x280&correlator=2842171348007&frm=20&pv=1&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=212&ady=601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GwJjCqCJo6&p=https%3A//vsevjednom.cz&dtd=103
Frame ID: 245FA2DD796D8C04E28235E972492471
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&h=0&slotname=9769466399&adk=268562460&adf=3599215093&pi=t.ma~as.9769466399&w=0&lmt=1635456547&rafmt=12&psa=0&format=0x0&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547582&bpp=1&bdt=221&idt=104&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&prev_fmts=955x280%2C1175x280&correlator=2842171348007&frm=20&pv=1&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1517&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEr%7C&abl=CF&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TMlvEf00W2&p=https%3A//vsevjednom.cz&dtd=105
Frame ID: 634CE1490EB923D6F0F1FDBC99B2F1FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&adk=1812271804&adf=3025194257&lmt=1635456547&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547591&bpp=1&bdt=231&idt=97&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&prev_fmts=955x280%2C1175x280%2C0x0&nras=1&correlator=2842171348007&frm=20&pv=1&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=102
Frame ID: E4C2D37285734B51DF4C7FF17E616A25
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 585345C79DE0C73C1277552349483507
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: E2EA876E7EF5B14D0128ABD028B389BB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Frame ID: BF7087859AD04552CD5AAA62BEDAA872
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E549D017B5B2E8AB623AFAAFD42D3923
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A4A5E824365686D5B8578D7E33A08B8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vše V Jednom.cz - nejen služby na web zdarma

Page URL History Show full URLs

https://flash.megaupload.cz/ HTTP 301
https://megaupload.vsevjednom.cz/flash/ HTTP 302
https://vsevjednom.cz/?404 Page URL

Page Statistics

86
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

25
Subdomains

18
IPs

2
Countries

5479 kB
Transfer

6381 kB
Size

5
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://tv.vsevjednom.cz/
Title: TV program

Search URL Search Domain Scan URL

URL: https://megaupload.cz/?akce=myfiles
Title: Úschovna souborů

Search URL Search Domain Scan URL

URL: https://streamuj.cz/?page=myfiles
Title: Nahrávání videí

Search URL Search Domain Scan URL

URL: https://rychlostnetu.cz/
Title: Měření rychlosti internetu

Search URL Search Domain Scan URL

URL: https://katalog.vsevjednom.cz/
Title: Katalog odkazů

Search URL Search Domain Scan URL

URL: https://mujblog.info/
Title: Blogy/fotoblogy

Search URL Search Domain Scan URL

URL: https://bazar.vsevjednom.cz/
Title: B A Z A R

Search URL Search Domain Scan URL

URL: https://svatky.vsevjednom.cz/
Title: Svátky

Search URL Search Domain Scan URL

URL: https://xn--pesmyky-n6a39d.vsevjednom.cz/
Title: Lamač přesmyček

Search URL Search Domain Scan URL

URL: https://video.vsevjednom.cz/
Title: Stahovač videí

Search URL Search Domain Scan URL

URL: https://slova.vsevjednom.cz/
Title: Generátor vět

Search URL Search Domain Scan URL

URL: https://jedu.vsevjednom.cz/
Title: J Ɇ D U

Search URL Search Domain Scan URL

URL: https://adblock.vsevjednom.cz/
Title: Blokace reklam

Search URL Search Domain Scan URL

URL: https://zkracovac.vsevjednom.cz/
Title: Zkracovač URL

Search URL Search Domain Scan URL

URL: https://unixtimestamp.vsevjednom.cz/
Title: Výpočet data

Search URL Search Domain Scan URL

URL: https://pdf.vsevjednom.cz/
Title: Sloučit PDF

Search URL Search Domain Scan URL

URL: https://jigsaw.w3.org/css-validator/validator?uri=https://static.vsevjednom.cz/styl.css
Title: CSS

Search URL Search Domain Scan URL

URL: https://validator.w3.org/check?uri=https://vsevjednom.cz
Title: XHTML

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://flash.megaupload.cz/ HTTP 301
https://megaupload.vsevjednom.cz/flash/ HTTP 302
https://vsevjednom.cz/?404 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://gcdn.2mdn.net/videoplayback/id/9c96380fa9be255b/itag/44/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666992548/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/0460BF10BBC0805AA74102C8BA288892A266F1C3.9BC930BF8BF3D87F38AE138B33825BE150E27801/key/ck2/file/file.webm HTTP 302
https://r1---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/9c96380fa9be255b/itag/44/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666992548/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0B3305C10291DE68E64002390376AAC7359875F3.48FEBAC5CC6260A0E006B68F05F54686B302DB68/key/cms1/cms_redirect/yes/mh/jC/mip/216.131.111.33/mm/42/mn/sn-2gb7sn7k/ms/onc/mt/1635455559/mv/m/mvi/1/pl/24/file/file.webm

Request Chain 47

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 61

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CEMiD-q8CGJvTk7gBIAEwAQ&v=APEucNWZMz2i0_aGCF98e8X5r7RMZtzo3FE-YF6X-nJwaUJE1UT2937cyiupkex_YUqXwIPPklE2r-yzzAWy54V09DEVqVD5wQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ3vAwSpULifFDq-e4p-7jY&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJ3vAwSpULifFDq-e4p-7jY&google_cver=1

86 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
vsevjednom.cz/
Redirect Chain

https://flash.megaupload.cz/
https://megaupload.vsevjednom.cz/flash/
https://vsevjednom.cz/?404

11 KB
12 KB

74ms
25ms

Document
text/html

89.221.218.10
WEDOS

General

Check archive.org

Show headers Download Go to

Full URL

https://vsevjednom.cz/?404

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.221.218.10 , Czech Republic, ASN197019 (WEDOS, CZ),

Reverse DNS

vsevjednom.cz

Software

Apache /

Resource Hash

fd6e6ef41d1013ce6189d631d491ca5c67b868da6b761d5f67e4b02f2b331c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 28 Oct 2021 21:29:07 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-UA-Compatible: IE=edge
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-XSS-Protection: 1; mode=block
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 28 Oct 2021 21:29:07 GMT
Server: Apache
Location: https://vsevjednom.cz/?404
Content-Length: 210
Connection: close
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK vsevjednom.cz.css
static.vsevjednom.cz/ 394 B
846 B 70ms
20ms Stylesheet
text/css 89.221.218.10
WEDOS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vsevjednom.cz/vsevjednom.cz.css

Requested by

Host: vsevjednom.cz
URL: https://vsevjednom.cz/?404

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.221.218.10 , Czech Republic, ASN197019 (WEDOS, CZ),

Reverse DNS

vsevjednom.cz

Software

Apache /

Resource Hash

eb6593e76caaf2520ec13ab7ab164a4f18d0b6c29c4d06c83386e3e5e57ae45b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 21:29:07 GMT
Last-Modified: Sun, 08 Nov 2020 09:18:42 GMT
Server: Apache
ETag: "18a-5b394ee886080"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Language: cs,en-us
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Type: text/css; charset=utf-8
Content-Length: 394
X-XSS-Protection: 1; mode=block
Expires: Sat, 27 Nov 2021 21:29:07 GMT

GET
H/1.1 200
OK styl.css
static.vsevjednom.cz/ 48 KB
48 KB 72ms
21ms Stylesheet
text/css 89.221.218.10
WEDOS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vsevjednom.cz/styl.css

Requested by

Host: vsevjednom.cz
URL: https://vsevjednom.cz/?404

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.221.218.10 , Czech Republic, ASN197019 (WEDOS, CZ),

Reverse DNS

vsevjednom.cz

Software

Apache /

Resource Hash

d4d0501a1e86ec6899e6c4310178a741bcb62dff52158961aaa8742d6017063b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 21:29:07 GMT
Last-Modified: Wed, 13 Oct 2021 19:24:30 GMT
Server: Apache
ETag: "bf93-5ce40e93ef780"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Language: en-us
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Type: text/css; charset=utf-8
Content-Length: 49043
X-XSS-Protection: 1; mode=block
Expires: Sat, 27 Nov 2021 21:29:07 GMT

GET
H/1.1 200
OK favorites.js Show response
static.vsevjednom.cz/ 976 B
1 KB 76ms
22ms Script
application/javascript 89.221.218.10
WEDOS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vsevjednom.cz/favorites.js

Requested by

Host: vsevjednom.cz
URL: https://vsevjednom.cz/?404

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.221.218.10 , Czech Republic, ASN197019 (WEDOS, CZ),

Reverse DNS

vsevjednom.cz

Software

Apache /

Resource Hash

16971d78d0ae2280dbd1425d95c974032fb1bbf3d179b07cf7b7cdb7005392c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 21:29:07 GMT
Last-Modified: Sat, 21 Aug 2021 08:09:10 GMT
Server: Apache
ETag: "3d0-5ca0d4c79f580"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Language: en-us
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 976
X-XSS-Protection: 1; mode=block
Expires: Sat, 27 Nov 2021 21:29:07 GMT

GET
H/1.1 200
OK js.js Show response
static.vsevjednom.cz/ 2 KB
2 KB 76ms
22ms Script
application/javascript 89.221.218.10
WEDOS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vsevjednom.cz/js.js

Requested by

Host: vsevjednom.cz
URL: https://vsevjednom.cz/?404

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.221.218.10 , Czech Republic, ASN197019 (WEDOS, CZ),

Reverse DNS

vsevjednom.cz

Software

Apache /

Resource Hash

8490dd52e8349a7c583d0867629fbbcf5a380d85aa4dbcf57fdbb68fb89db656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 21:29:07 GMT
Last-Modified: Sat, 22 May 2021 09:31:02 GMT
Server: Apache
ETag: "6d9-5c2e7d5b20180"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Language: en-us
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 1753
X-XSS-Protection: 1; mode=block
Expires: Sat, 27 Nov 2021 21:29:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 75ms
39ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vsevjednom.cz
URL: https://vsevjednom.cz/?404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7bd1b2f40f13df25d7288eaef788f25c51e9a64ecd1e6beaf316d81fa2848e53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51585
x-xss-protection: 0
server: cafe
etag: 5321465333721648362
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 21:29:07 GMT

GET
H/1.1 200
OK poc_count.php Show response
vsevjednom.cz/ 2 KB
2 KB 52ms
19ms Script
application/x-javascript 89.221.218.10
WEDOS

General

Check archive.org

Show headers Download Go to

Full URL

https://vsevjednom.cz/poc_count.php?poc=1&typ=2&js=1&bots=0

Requested by

Host: vsevjednom.cz
URL: https://vsevjednom.cz/?404

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.221.218.10 , Czech Republic, ASN197019 (WEDOS, CZ),

Reverse DNS

vsevjednom.cz

Software

Apache /

Resource Hash

e67fe98db490caa3c2eddad19fdc04aae8567139708f26a3ba15388ab01f0df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/?404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: cache
Date: Thu, 28 Oct 2021 21:29:07 GMT
Last-Modified: Thu, 28 Oct 2021 21:28:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: store, cache
X-UA-Compatible: IE=edge
Connection: close
Content-Length: 2001
X-XSS-Protection: 1; mode=block
Expires: Mon, 27 Dec 2021 21:29:07 GMT

GET
H/1.1 200
OK top-panel_orig_1000.png
images.vsevjednom.cz/ 25 KB
26 KB 63ms
18ms Image
image/png 89.221.218.10
WEDOS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.vsevjednom.cz/top-panel_orig_1000.png

Requested by

Host: static.vsevjednom.cz
URL: https://static.vsevjednom.cz/vsevjednom.cz.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.221.218.10 , Czech Republic, ASN197019 (WEDOS, CZ),

Reverse DNS

vsevjednom.cz

Software

Apache /

Resource Hash

ed66ff76707e38ba7f19590c44a6938ba81fdb28f39cc5e37be881e790b8e10b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.vsevjednom.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 21:29:07 GMT
Last-Modified: Sun, 08 Nov 2020 15:46:08 GMT
Server: Apache
ETag: "64b9-5b39a581a3000"
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 25785
X-XSS-Protection: 1; mode=block
Expires: Sat, 27 Nov 2021 21:29:07 GMT

GET
H/1.1 200
OK pocitadlo.php
vsevjednom.cz/ 93 B
492 B 207ms
165ms Image
image/jpeg 89.221.218.10
WEDOS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vsevjednom.cz/pocitadlo.php?poc=1&typ=2&ref=&width=1600&height=1200&hloubka=24&java=0&flash=0&cookie=1&lan=cs&js=1&bots=0

Requested by

Host: vsevjednom.cz
URL: https://vsevjednom.cz/?404

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

89.221.218.10 , Czech Republic, ASN197019 (WEDOS, CZ),

Reverse DNS

vsevjednom.cz

Software

Apache /

Resource Hash

54d469d6403279e118c2ec06096bd153a01124deb1408c66ea764406479bda54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/?404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: cache
Date: Thu, 28 Oct 2021 21:29:07 GMT
Last-Modified: Thu, 28 Oct 2021 21:28:07 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Type: image/jpeg
Cache-Control: store, cache
X-UA-Compatible: IE=edge
Connection: close
Content-Length: 93
X-XSS-Protection: 1; mode=block
Expires: Thu, 28 Oct 2021 21:30:07 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/ 269 KB
97 KB 50ms
50ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3373624781547630&plah=vsevjednom.cz&bust=31063316

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ed20f860c7487e455c5f062562e3f9809f37a921a483f43a8297f02601ad4149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98670
x-xss-protection: 0
server: cafe
etag: 3085467189109875038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 21:29:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/ Frame 3142 10 KB
5 KB 49ms
13ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 28 Oct 2021 16:23:50 GMT
expires: Thu, 11 Nov 2021 16:23:50 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 18317
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
638 B 59ms
23ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vsevjednom.cz&callback=_gfp_s_&client=ca-pub-3373624781547630

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3373624781547630&plah=vsevjednom.cz&bust=31063316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

5ba7fc5b2073c314e1f4ca0b0d59f6835e2ececa3e10caa1425dac1df4db95fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 60ms
23ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vsevjednom.cz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Oct 2021 21:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 65ms
22ms Script
application/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsevjednom.cz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Oct 2021 21:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 11A1 62 KB
18 KB 424ms
402ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&h=280&slotname=9612843281&adk=1134898519&adf=131095644&pi=t.ma~as.9612843281&w=955&fwrn=4&fwrnh=100&lmt=1635456547&rafmt=1&psa=0&format=955x280&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547578&bpp=3&bdt=217&idt=87&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&correlator=2842171348007&frm=20&pv=2&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=323&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PALMBRVAHu&p=https%3A//vsevjednom.cz&dtd=99

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a9ceea26094797742f82f197b73fa15cb8853762bf015a6bf271cdda4537d540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 28 Oct 2021 21:29:08 GMT
server: cafe
content-length: 18779
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 28 Oct 2021 21:29:08 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 245F 88 KB
29 KB 528ms
513ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&h=280&slotname=2614976358&adk=341805304&adf=2785741434&pi=t.ma~as.2614976358&w=1175&fwrn=4&fwrnh=100&lmt=1635456547&rafmt=1&psa=0&format=1175x280&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547581&bpp=1&bdt=220&idt=101&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&prev_fmts=955x280&correlator=2842171348007&frm=20&pv=1&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=212&ady=601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GwJjCqCJo6&p=https%3A//vsevjednom.cz&dtd=103

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

060b7ed953ed3b3a7f575eda525dd9e0403fd81481b42677ec7e0a8c6aa123e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 28 Oct 2021 21:29:08 GMT
server: cafe
content-length: 30039
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 28 Oct 2021 21:29:08 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 634C 436 B
234 B 131ms
119ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&h=0&slotname=9769466399&adk=268562460&adf=3599215093&pi=t.ma~as.9769466399&w=0&lmt=1635456547&rafmt=12&psa=0&format=0x0&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547582&bpp=1&bdt=221&idt=104&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&prev_fmts=955x280%2C1175x280&correlator=2842171348007&frm=20&pv=1&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1517&ady=267&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEr%7C&abl=CF&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TMlvEf00W2&p=https%3A//vsevjednom.cz&dtd=105

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

982b5886bdc1e0486afe4f251d7afcfc3e427f0d9bfc08cdc01f478a12da4a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 28 Oct 2021 21:29:07 GMT
server: cafe
content-length: 211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 28 Oct 2021 21:29:07 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E4C2 3 KB
548 B 86ms
80ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&adk=1812271804&adf=3025194257&lmt=1635456547&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547591&bpp=1&bdt=231&idt=97&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&prev_fmts=955x280%2C1175x280%2C0x0&nras=1&correlator=2842171348007&frm=20&pv=1&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=102

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5a609b289b9b3d95d2f1d5efa3c2bff969aaec2396b6765223b7197ea1ac6d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 28 Oct 2021 21:29:07 GMT
server: cafe
content-length: 525
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 28 Oct 2021 21:29:07 GMT
cache-control: private

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211026/r20110914/ Frame 11A1 18 KB
8 KB 58ms
14ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211026/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&h=280&slotname=9612843281&adk=1134898519&adf=131095644&pi=t.ma~as.9612843281&w=955&fwrn=4&fwrnh=100&lmt=1635456547&rafmt=1&psa=0&format=955x280&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547578&bpp=3&bdt=217&idt=87&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&correlator=2842171348007&frm=20&pv=2&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=323&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PALMBRVAHu&p=https%3A//vsevjednom.cz&dtd=99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 993
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Nov 2021 21:12:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 11A1 8 KB
1 KB 68ms
25ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 19:44:33 GMT
server: ESF
date: Thu, 28 Oct 2021 21:29:08 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 28 Oct 2021 21:29:08 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame 11A1 14 KB
3 KB 55ms
13ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 04:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 10:37:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Fri, 28 Oct 2022 04:46:03 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame 11A1 353 KB
122 KB 56ms
14ms Script
text/javascript 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

sffe /

Resource Hash

c39f8588079e72fbf6af0e9c8f25cfe8367a233950984638ff6f8f8c5416ac21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 12:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118708
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125199
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 10:37:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Thu, 27 Oct 2022 12:30:40 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211026/r20110914/client/ Frame 11A1 14 KB
6 KB 58ms
15ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211026/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Nov 2021 21:25:04 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 11A1 0
327 B 71ms
22ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kvbgloxu&c=1016410647714&slotId=508205323857&qqid=CIP8ybSG7vMCFWXsEQgdaUIFmg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 11A1 15 KB
16 KB 77ms
35ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 01:55:14 GMT
x-content-type-options: nosniff
age: 588834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 01:55:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 11A1 12 KB
12 KB 56ms
17ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 11:28:39 GMT
x-content-type-options: nosniff
age: 36029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11836
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 11:28:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 11A1 15 KB
15 KB 58ms
21ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 104247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Oct 2022 16:31:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11A1 0
20 B 50ms
50ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CEgPfIxZ7YcPeK-XYx_AP6YSV0AmMlcH0Zae_m83eDt_kor3AARABIMDU7gZgleKQgqAHyAEFqAMByAObBKoE6AFP0PKSKfse2tvAF_bpbGn5IUOYFhOf98DTnECGPlRXOJGfV5oGGI3pM8Gd9V-w9iV9v8QTrwnFW714Wyytcoj0vWPSqSJeOfN6wmrHQInFxK6lE4KRbGKNPTzUNlA6zKvT-p_HFOdX9tXDHoxzqsPAScwr28Rm9clxzfHVJP7I26S2hYdeBRMuqiz-fjsqfTjEpVpWRXwMUAhyRCZTLjJB2iXhSBC1IB_nTkGWeMyWeRS0NCWLRWAkdapWNjxkbc5v60zv2M5UAUagcCArWhXfcIkiiDOJZTYdd3EmKn-xN7k-LHc-nFPFwAS_24Ld4APgBAOQBgGgBnaAB4mR068CqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYX4AKAcgLAeALAYAMAbAT6cf6DMgTkJvO3gPQEwDYEwqIFEjYFAHQFQGAFwE&eventType=clickstring&clientTime=1635456548231&ai=CEgPfIxZ7YcPeK-XYx_AP6YSV0AmMlcH0Zae_m83eDt_kor3AARABIMDU7gZgleKQgqAHyAEFqAMByAObBKoE6AFP0PKSKfse2tvAF_bpbGn5IUOYFhOf98DTnECGPlRXOJGfV5oGGI3pM8Gd9V-w9iV9v8QTrwnFW714Wyytcoj0vWPSqSJeOfN6wmrHQInFxK6lE4KRbGKNPTzUNlA6zKvT-p_HFOdX9tXDHoxzqsPAScwr28Rm9clxzfHVJP7I26S2hYdeBRMuqiz-fjsqfTjEpVpWRXwMUAhyRCZTLjJB2iXhSBC1IB_nTkGWeMyWeRS0NCWLRWAkdapWNjxkbc5v60zv2M5UAUagcCArWhXfcIkiiDOJZTYdd3EmKn-xN7k-LHc-nFPFwAS_24Ld4APgBAOQBgGgBnaAB4mR068CqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYX4AKAcgLAeALAYAMAbAT6cf6DMgTkJvO3gPQEwDYEwqIFEjYFAHQFQGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 11A1 25 KB
14 KB 121ms
59ms XHR
text/xml 142.251.5.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AL2HLhwhDZ8uPo571LBu9zHXf5Ck7b_0U_qH6fCnTrMMSMJyEWqgF4c9yZSDjjjXRydemCQjKUlFidraHt77onjGZsqg&cry=1&dbm_d=AKAmf-B8k34r5JpYCLB6y_1k_Jm3-s6yk5lKi9-2tRbdovzF4ZIY1SArJrdxfB9mgYTk719ciuH9IQMz_ZA6xGMdaIrchPEZrY9KnGBpjUut-xV8AhXuHwoUjedQPJ_3_RH5cSZpFu--egrIBwsqTq8hYVnfTf_4Jgb_kpjKZMNEvNynvfG2qeck3Qr2o_p1Bwv4C9Gd4TjGSVbPUOuFx_lKFHbG32WDeoq71P_jgUffQX31oQo2Dy6Qi83OrkxMXDuiwb24UKZ3Y3030Cg5-kZAaXDskgQALCJjXBNxb5lJSH6HOz-JvsFQj8zzLRihDTOR3TJLp08tQDAHfhKaiFeUUKf7RQZsavu_vK_Zk0Zcl2YvJEsCPpbLpn0J6Nh3syWitxVAn1wTJGuhO1rIs6xhRPc974kkBkwhvGREhlnrA5PW_Fc0inu9J2o7uJbfpZKY2aDIiInUsCe6DtQV8AZgnmXQ9vC-ZQWGHL6p0HIvM5Indx3SoPvViFibn-3JlBKKY2aT6Zi6ZrNcj3oSgzxZqibog7WsYoTxHiQdHrn5T_1DUzuX_7Ga3GajHIzaN5amQrvDVtD36OO5Q_LO75szdVFIOuWW3eoD8ui2RokpppJdIi3-bPIU0VY2ePODr93PlU6wNg2LULNp0-aqYhTlRza84C4a87x3WJB1O35u3vGqNbF89mNTUk37LFzOqdHMuIdlhKldcbc_4E2QSCapil4xnQodLFxcl_JuvN6NXnn_X0i9ZqfEdfzpt0nSqGN0xuwsoL6q_SYuVLTaO1IgeevMIO1ACw_LFyCk1OJG3QN-Zx7Pd-ZrHin5pajguN9Yc1DIu60aRSYcHGBcyUmL3he_9NaBw_g3PGokekF8tMHcvJNHcHRm6Ntw9AXCg3JrqC-slOjT6KLWCc4pjadAuf5lAw1dZrZI2B-f-MW1Ddkp2tpo831IjSn51SSULfYwssEy5Zhofe2PxZIEUj9pa3b6IY3gbx84mlLlKjqr_44Wgro14ypcTjQQzL6xD2BRIMDODvIGYzH4NdD2uzF9JwEyezLD6JihbmjAtgFBAwR-afT1K3ujKEtCso-pU3sLbbvTpPHh3TaZnBPI3bZ25LJJpBZAHNx642SjmvIv6XOai4d9eRbgdyu_UpuZQNaQfmzzi9ta-xwMX-kiCT2JvlUME0F-ueK6T4NjyiH_OWuBESm1n03Boz8xTO5WpXgA6s5ohTajaIPsBubR_Rl-TJ-3T2gN2dGPyhxV3Dy9t6Gt_oTNUCz25NbAGUq65Mw00nNwY6qLgsAM-iwE0XU-uCjD7f3_W9YTO3S0GzjPDB6fx0CVZnuYH0gH5alkVql4ksZEDoYGnzDyI3hBba6aV-Jk0dYzz2egVpaLA7i2Pfoj2JMiZWvztBRT78G3Qu7IhuGZw-HKsr-_Yiu2sjhqJ0pG16sQi3CkgEpaDpVuVd3ZyI-vFsCDdBAqN8fZlaUicl28g-mK-s5fpcxdHg6hc-C79minDhJa_FUhg0g-k80SahK3JGPW-VSjms2LIXNBr1IrIV-w0VRET1iLXhU4kvvi78vRYdkXzYKJmOGZxVcaPu5TDRy_q00Xz9bUBmUA9hujgzRzihecDaHcXukWTWVIUkrkSIw_0uE-LxfMnmE6VFI41ROgtJdnP3D4QGMTvbx3Yk3QiJe8RoNkcD99R3SSTBf_Eb1NskTK3tcgcXWFZ5fXWcz2LpTw6AmAjnimBovJezsDnSTz2OMBTt9u_pdOEvS6vy_tJOHrnmKX7IMJOsQ6wKioq8MNR4D_ponGlSPpanf4ppYS6XHmzYgzYcMCvLTFaaCIFV-6ZIJOpw1hpnVDbGuceBRZ7E9txln9YoYRTdu05_qS3xzKH5AsCtetwXZCDFrl080_tOoBJh8x2dwPiXCabxHzAGs4eL4GsZeCbI8c_Eii1VqmRci9s7516qBdeIbi02Ty5WBl3a4PMsLT8jeGahNVljTj8lfCKeAjxslxldO4MHOhlAuFUPrAxL0eaJfAVDYUdmdfGci46N0_KDoCXRNIh4afK5tKE8rQAbKLluv99-svNRgy4p9zEWkOPFwGhoGrof1vGZGjlfpXRPxsdtj5fUIGVnuyryIsDGbIHmUKoSZYVoI6goRe9vToaHkUMMeUJZmZVZaQ2rox0EB0YlZgjTFTTGLuue8PU4JXfc0KR-A5GX7Apao86cF4gOZNgA9mVmyaiRbuchACag-eBbEM81T5GXuzdJhhu4GKSKL31uCBmuvdOav9iB1coN7roVOJaCQY36WMcucpd2d8-7Fkb9c2fWsAaaRCuFW1oxwlMeJb6ji_PqcQFcJKgG6uwikZes6RuE71Z3gB8tTvTo6IcLVxoGe2nH-9SMv5MD0n2TanWPWB35-XzfQjYQacLbwjUqOWZQr6kZf8SclLEdPlCEGnoWAKSfpxu7N-bxsHcVu_v1FD1ejPKZpd-i-RMG2pgzYptov4gkx3FsHj5lBBO4grfHebdG8CL-_MqW7LdGQ5iurElwP1MVWVVn6caeknx4ZIxcCT6P_X9jO3knO0YUvnym70Lcl8FijREXfTkghCjaVsF-LFyX6tY5fF5cACdXtt8eGqr9y2Lx16t6uvQ_eIxscwRxChTAXv9k2aQDmGq4-cgJ3pXOg5Av6PoFPVsGEeoOFopfWZwJTeWrjkokufZK3D995OuLkl-KRz-Sb-_DstY7P0LSvjMy1e32RdMPyrG8lGKshWk_fvSFiFlh1TEzXgbxhMps-X1ApJaoQw6yRcd0XlulrI9LvO-tYFoNxxidHoJjXCWvmb74sPRnC-fDEFcWyHT6KsxbMCV3883-6ATSeXK0yTKiD2E8Y4uJoPjm87KjCoVLe_yG3vCRfu9Tm-6-ZcrRJnS1fvwAiU3BcLxFfRBnN8qTbeYQPKvBsBWhySDEzMC5qocwULKXMxIsCfBtuxm8afTR_YUa7IK52FC_2a5Zzb5Evh0D4h9MjOrQLlA5Vaqo0NaQONUqrzqKq4KQ4z1RV4bJj9_BkcSSqHUbSAk3pR5P5MDbLdm1MRkEri4luAHrOB83L7cVP89ldr28DIKH_c_35fQxXefBsTqqmGEiihb1KpyihXldlWmfKxQ0jv0lbR1zVPtvkkicAHQY94Yx-TS31FZRoTAWNAtCaqKysd-5mskfgBF2nVYujvk7YWsGXo1ENWQ67NsX1b6uQIy-0nJ9QZ0QgnWMj7GrFOBuP5Ov6Wi8sNel3YoPzlmhr_EfrRyUgmEfrtal5KUGpwrKiTg1llNOL60rlfHRF-jXoOIHUoJHDW26rsfBX_ZCE59Ko&cid=CAASBORoNyA&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f154.1e100.net

Software

cafe /

Resource Hash

1dd961d90cee9a2af4eb9badf498187c8fc8cf22eb3a0874cf58ad1b392034d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13389
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 11A1 0
0 52ms
52ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkIqPIxZ7YcPeK-XYx_AP6YSV0AmMlcH0Zae_m83eDt_kor3AARABIMDU7gZgleKQgqAHyAEFqAMBqgTlAU_Q8pIp-x7a28AX9ulsafkhQ5gWE5_3wNOcQIY-VFc4kZ9XmgYYjekzwZ31X7D2JX2_xBOvCcVbvXhbLK1yiPS9Y9KpIl4583rCasdAicXErqUTgpFsYo09PNQ2UDrMq9P6n8cU51f21cMejHOqw8BJzCvbxGb1yXHN8dUk_sjbpLaFh14FEy6qLP5-Oyp9OMSlWlZFfAxQCHJEJlMuMkHaJeFIELUgH-dOGZeqzJoznoKmk1_2f9rG4vXGS8Kd0vxCUXxZ0EoLzapZOMjj_ajWW7acHZHtvaxq4q2_a50vDd-HaMDABL_bgt3gA-AEA4gFodK58jeSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB4mR068CqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEP_iSRib05O4AdIICQiA4YAQEAEYX4AKAcgLAbAT6cf6DMgTkJvO3gPQEwDYEwqIFEjYFAHQFQGAFwGyFxwKGggAEhRwdWItMzM3MzYyNDc4MTU0NzYzMBgA&sigh=e5s3ytyJE6g&uach_m=[UACH]&cid=CAQSGwCNIrLMGEak3n823R_jpuEWlFRGuuB3oTdF8g&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&h=280&slotname=9612843281&adk=1134898519&adf=131095644&pi=t.ma~as.9612843281&w=955&fwrn=4&fwrnh=100&lmt=1635456547&rafmt=1&psa=0&format=955x280&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547578&bpp=3&bdt=217&idt=87&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&correlator=2842171348007&frm=20&pv=2&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=323&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PALMBRVAHu&p=https%3A//vsevjednom.cz&dtd=99
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 28 Oct 2021 21:29:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Oct 2021 21:29:08 GMT

GET
DATA 200
OK truncated
/ Frame 11A1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 437198548a01e31f16ee78d6109ba61c00952e0bde6d92666595e67e5ffaebdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fc1a83b05116a3404e5ea11a6cf94b59.js Show response
www.gstatic.com/mysidia/ Frame 245F 7 KB
4 KB 59ms
15ms Script
text/javascript 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc1a83b05116a3404e5ea11a6cf94b59.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&h=280&slotname=2614976358&adk=341805304&adf=2785741434&pi=t.ma~as.2614976358&w=1175&fwrn=4&fwrnh=100&lmt=1635456547&rafmt=1&psa=0&format=1175x280&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547581&bpp=1&bdt=220&idt=101&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&prev_fmts=955x280&correlator=2842171348007&frm=20&pv=1&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=212&ady=601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GwJjCqCJo6&p=https%3A//vsevjednom.cz&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

056220caa42baa199898a53a29b2ae6ac682c388dc2b9d6c5d6837dac2a9492c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 22:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3265
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 08:51:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 22:55:05 GMT

GET
H2 200 b2db7898b7f1b584d1a212b8dce47919.js Show response
www.gstatic.com/mysidia/ Frame 245F 8 KB
3 KB 59ms
15ms Script
text/javascript 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2db7898b7f1b584d1a212b8dce47919.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

9ec480bd89e160fa31d6851ad01df733db86eaa51a1e90e25a5870823709a7fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 09:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3408
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 10:17:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 26 Jan 2022 09:57:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 245F 3 KB
580 B 48ms
26ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 20:49:11 GMT
server: ESF
date: Thu, 28 Oct 2021 21:29:08 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 28 Oct 2021 21:29:08 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211026/r20110914/client/ Frame 245F 2 KB
912 B 14ms
14ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211026/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:23:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Nov 2021 21:23:37 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211026/r20110914/ Frame 245F 18 KB
8 KB 40ms
17ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211026/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 993
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Nov 2021 21:12:35 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211026/r20110914/client/ Frame 245F 3 KB
1 KB 14ms
13ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211026/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Nov 2021 21:22:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 245F 120 KB
37 KB 67ms
27ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Oct 2021 21:29:08 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211026/r20110914/client/ Frame 245F 14 KB
6 KB 37ms
15ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211026/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Nov 2021 21:25:04 GMT

GET
H3 200 9a3fbb06dccc6bd708ce8a7c18eecc3a.js Show response
www.gstatic.com/mysidia/ Frame 245F 27 KB
11 KB 38ms
14ms Script
text/javascript 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 15:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11281
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 10:17:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Tue, 25 Jan 2022 15:17:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 245F 0
0 55ms
55ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ctul_IxZ7YdffK4n_gQfQ44WYD5T96oJk2O39ypcO9MipvaYiEAEgwNTuBmCV4pCCoAegAZ3F4O8CyAEBqQJ-rDaciZuzPqgDAcgDywSqBNwBT9DaPkWDaHbykIs9yAeHM3cF6N9ekzvhk2V-glpKd5aC-dEYdIZLTOBRv5sUKzNrA8HsNK4ahgPKMfuRCZmVMPk-Btia3KLcQlAgLcYeN2nli5VNVp77revsExJ0I9NYMd3e2EBe501Ovc6eSvKLgLdG5zMUF10wC2079kRSJxWRyTfkW9B-9JHvCSuqc-gaXKqnHS3eQM9-sfyWXldoJCeg1iXzt-3jEPqinDQGtLawetdFrAhpyl9pJK7CYzpNQxtj6glJWUl4eS9VFApM_hospBHsEfKfimgDuMAEzvHI8bEDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB5OdoZABqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMXdT9IICQiA4YAQEAEYX4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0zMzczNjI0NzgxNTQ3NjMwGAA&sigh=xMm2U6YlGOE&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&h=280&slotname=2614976358&adk=341805304&adf=2785741434&pi=t.ma~as.2614976358&w=1175&fwrn=4&fwrnh=100&lmt=1635456547&rafmt=1&psa=0&format=1175x280&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547581&bpp=1&bdt=220&idt=101&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&prev_fmts=955x280&correlator=2842171348007&frm=20&pv=1&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=212&ady=601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GwJjCqCJo6&p=https%3A//vsevjednom.cz&dtd=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 28 Oct 2021 21:29:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5853 143 B
163 B 13ms
13ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&h=280&slotname=2614976358&adk=341805304&adf=2785741434&pi=t.ma~as.2614976358&w=1175&fwrn=4&fwrnh=100&lmt=1635456547&rafmt=1&psa=0&format=1175x280&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547581&bpp=1&bdt=220&idt=101&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&prev_fmts=955x280&correlator=2842171348007&frm=20&pv=1&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=212&ady=601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GwJjCqCJo6&p=https%3A//vsevjednom.cz&dtd=103

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 28 Oct 2021 20:37:38 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 245F 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 907c3432b80ecf5eb9630e6be712343d0d1b3d90714805e18d146a09242f4e41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 11A1 41 KB
15 KB 14ms
14ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 05:36:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 28 Oct 2022 05:36:45 GMT

HEAD
H/1.1

200
OK

file.webm
r1---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/9c96380fa9be255b/itag/44/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666992548/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 11A1
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/9c96380fa9be255b/itag/44/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666992548/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r1---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/9c96380fa9be255b/itag/44/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666992548/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

178ms
14ms

Fetch
video/webm

74.125.104.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/9c96380fa9be255b/itag/44/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666992548/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0B3305C10291DE68E64002390376AAC7359875F3.48FEBAC5CC6260A0E006B68F05F54686B302DB68/key/cms1/cms_redirect/yes/mh/jC/mip/216.131.111.33/mm/42/mn/sn-2gb7sn7k/ms/onc/mt/1635455559/mv/m/mvi/1/pl/24/file/file.webm

Requested by

Host: vsevjednom.cz
URL: https://vsevjednom.cz/?404

Protocol

HTTP/1.1

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 21:29:08 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 9344925
Last-Modified: Wed, 20 Oct 2021 01:35:16 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 28 Oct 2021 21:29:08 GMT

Redirect headers

date: Thu, 28 Oct 2021 21:29:08 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 644
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r1---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/9c96380fa9be255b/itag/44/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666992548/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0B3305C10291DE68E64002390376AAC7359875F3.48FEBAC5CC6260A0E006B68F05F54686B302DB68/key/cms1/cms_redirect/yes/mh/jC/mip/216.131.111.33/mm/42/mn/sn-2gb7sn7k/ms/onc/mt/1635455559/mv/m/mvi/1/pl/24/file/file.webm
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 11A1 0
17 B 45ms
21ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kvbgloy0&c=1016410647714&slotId=508205323857&qqid=CIP8ybSG7vMCFWXsEQgdaUIFmg&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=7&smb=1000&br=725&mt=video%2Fwebm&vs=854x480&ulv=1&cll=0&vmfc=10&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C43%2C44%2C59%2C342%2C345%2C346&webm=2&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=44&vsrc=web_video_ads&ple=1&ape=1&met.4=videopreviewvisible.kg
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.3 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 245F 21 KB
21 KB 36ms
15ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 02:15:39 GMT
x-content-type-options: nosniff
age: 69209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 02:15:39 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 245F 21 KB
21 KB 37ms
16ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 270462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 25 Oct 2022 18:21:26 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5853
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

55ms
55ms

Document
text/html

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 28 Oct 2021 21:29:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 28 Oct 2021 21:29:08 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 28 Oct 2021 21:29:08 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame E2EA 23 KB
9 KB 15ms
14ms Document
text/html 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Sun, 24 Oct 2021 10:51:41 GMT
expires: Mon, 24 Oct 2022 10:51:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 383847
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame E2EA 35 KB
13 KB 17ms
17ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 06:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 26 Oct 2022 06:11:18 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 11A1 0
17 B 24ms
24ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~kvbglp31&c=1016410647714&slotId=508205323857&qqid=CIP8ybSG7vMCFWXsEQgdaUIFmg&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=7&smb=1000&br=725&mt=video%2Fwebm&vs=854x480&umsem=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F9c96380fa9be255b%252Fitag%252F44%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1666992548%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F0460BF10BBC0805AA74102C8BA288892A266F1C3.9BC930BF8BF3D87F38AE138B33825BE150E27801%252Fkey%252Fck2%252Ffile%252Ffile.webm&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.3 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 file.webm Show response
r1---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/9c96380fa9be255b/itag/44/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666992548/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 11A1 342 KB
342 KB 85ms
66ms XHR
video/webm 74.125.104.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

eb44aea52d105914a4b1338cb06ba54f4bf3a1595798f5a5f75886199829af80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:08 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E2EA 0
20 B 52ms
51ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bde4_JBZ7Ye3kE4mRmLAPnNaouAEAAAAAOAHgBAI&bg=!a2ilaCzNAAbUs_yW1LM7ACkAdvg8Wg4igu3U9eINp7aF8Gnn1nkqI0uL5ppGn1qCFOYAh-9ORj4DlQIAAACTUgAAAA5oAQeZAuBtG5qcnSRK57OsU8wJynjJiOzudO6EXSQnQlt-pbPzsor_AeGk1o55jn1IpTmN6qqZbJTsizax9V6D1B_s_I31QiuYLOh_50LSuHNRswjfNrE-FmXiR86REBGcrybn0tnnnTiQrDouOJMc_nzFqXKuz-DY8EePW0jgRgg1ZuuZQwvsD5RlBd2EUP4cqwQdwNGxi7UN9AQIxPTOOXoEkiNBhvro8MMBXuJG1t0ZQs3FW-hk3CBqP_U-ugLqOvsdSs7vJedSbPQ8wXDxOsoudkf7oTKZW6DGNpW7Rh7NJjoYJmiSHa0YZWWk7zUpmiJz0b8GgR74AWb7D-FqgI1N0ul-LQaix-8R7cxQjkooARw2fCoYHPeyRCjRULtPKPY3-uPEo7AOTchz6w-dScBTFQHqiX2J6QyQ_-Cew8HBA9gDIOQEWaM00Nig3a4kLR3UH6Y65yPbPRMz2TSJEvD2N9KSNEMiVxycp0PeLFFql9M0mwB5MqJrpW-XOTpvRJvr50tZGjWP0SSfP6U9tN9H7cR3_zbpc9HJK-9sb7bYOgTLoZi6zDmxo43JTsRmCUIPcmuCPifML9sLxOHacFI2LO4Kvcjw5Il2w8pP0CyA93sJzS9pPfIqscsuvBwKpxxU6Gl0oCifwd1_xhi1ziLjKeP54oMZFIzsOVQOagWz1ktEkUpVvHOizbKZcVa9-culKkHcHrCp3R4cp4yP9aTvcn2jNN5M6MRlxZ6RHQTQJzB-yAkdymJUEuW2IBKsXf4-NtF0QtUPxLr3B9J5RAF3MLSVY6hTZSLuWp0xt66X9BgBXcoZzdC9WXhy5xQKJELG9FMgC0qhW-F-1u7p9FqXh6nHa_Df7qbap6yzvAUTbMZK0W7ZT3oRW9IKCAxW9-QDreCT9-X1EEqSKwjP9c49SuqRZfZ9H0BDufQeY7jl7p_KQ4sobg7sM5fpPIPD2DxRm8BKERv0yBNs_tkJ9p1ELV9i

Requested by

Host: vsevjednom.cz
URL: https://vsevjednom.cz/?404

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 60ms
36ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211026&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

af284481dac6e5d757a8f761fc602f6d10256046d1932ffab533b129ca9c23d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Oct 2021 21:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8672
x-xss-protection: 0

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame BF70 35 KB
13 KB 16ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 06:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 26 Oct 2022 06:11:18 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
22ms Script
text/javascript 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 28 Oct 2021 21:29:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E549 12 KB
5 KB 14ms
13ms Document
text/html 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 28 Oct 2021 18:26:39 GMT
expires: Fri, 28 Oct 2022 18:26:39 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9A4A 783 B
532 B 56ms
24ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

2479992c239c7a6add58a533e191926bd0b70d49934ca83a79bc7d880031dd4c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ifQajidvpg8y3ecL9PlLdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 28 Oct 2021 21:29:08 GMT
date: Thu, 28 Oct 2021 21:29:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ifQajidvpg8y3ecL9PlLdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 dc_oe=ChMI7YbvtIbu8wIViQgGAB0cKwoXEAAYACDNwa5MOhoIyIP6rwIQv9uC3eADGJCbzt4DIKe_m83eDkITCIP8ybSG7vMCFWXsEQgdaUIFmg;dc_rmcid=CAASBORoNyA;eps=CIDhgBAQARhf;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D0%26...
ade.googlesyndication.com/ddm/activity/ Frame 11A1 42 B
465 B 103ms
50ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7YbvtIbu8wIViQgGAB0cKwoXEAAYACDNwa5MOhoIyIP6rwIQv9uC3eADGJCbzt4DIKe_m83eDkITCIP8ybSG7vMCFWXsEQgdaUIFmg;dc_rmcid=CAASBORoNyA;eps=CIDhgBAQARhf;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D82604%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D373492387%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635456548858;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 11A1 42 B
64 B 26ms
26ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEgPfIxZ7YcPeK-XYx_AP6YSV0AmMlcH0Zae_m83eDt_kor3AARABIMDU7gZgleKQgqAHyAEFqAMByAObBKoE6AFP0PKSKfse2tvAF_bpbGn5IUOYFhOf98DTnECGPlRXOJGfV5oGGI3pM8Gd9V-w9iV9v8QTrwnFW714Wyytcoj0vWPSqSJeOfN6wmrHQInFxK6lE4KRbGKNPTzUNlA6zKvT-p_HFOdX9tXDHoxzqsPAScwr28Rm9clxzfHVJP7I26S2hYdeBRMuqiz-fjsqfTjEpVpWRXwMUAhyRCZTLjJB2iXhSBC1IB_nTkGWeMyWeRS0NCWLRWAkdapWNjxkbc5v60zv2M5UAUagcCArWhXfcIkiiDOJZTYdd3EmKn-xN7k-LHc-nFPFwAS_24Ld4APgBAOQBgGgBnaAB4mR068CqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYX4AKAcgLAeALAYAMAbAT6cf6DMgTkJvO3gPQEwDYEwqIFEjYFAHQFQGAFwE&sigh=NHInLh9QDWE&label=part2viewed&ad_mt=6&acvw=sv%3D20211013%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D82604%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D373492387%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635456548858

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&h=280&slotname=9612843281&adk=1134898519&adf=131095644&pi=t.ma~as.9612843281&w=955&fwrn=4&fwrnh=100&lmt=1635456547&rafmt=1&psa=0&format=955x280&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547578&bpp=3&bdt=217&idt=87&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&correlator=2842171348007&frm=20&pv=2&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=323&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PALMBRVAHu&p=https%3A//vsevjednom.cz&dtd=99
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 11A1 0
211 B 65ms
58ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssUYXyPZN_IAHe0ZjrIBp7fLZ8L6KsGxAFh8VkOOHzFHdAzUQlxttRAduW_Z2K0XmDgTx0GzNwRyTDrgxTDxo2dxoew7Q9nPUckTm30zVts38OfMPqoP8IOTj9pXrysHwSycNx0iC39GpatzszDXq84Hz15Ia-vlMGjbIZBN6VWHKUyzrpq8pYoyBAmxXZ_7Zp4F96dQQUbk9bwF4059ksi1d4v0zNVpt5Uujhn5_LU_QcsnBWM1YkIENqd2JZDmRE5agIk0BEmL8UTJpmlpF4GivgRdKcabdvSdwT3bK1eCQcufo0vxYELx6KQf4a6ZxjUT-QBp29l0_9iLscMAbrwGG3qbFmR4FzuabIMpFD5TAHJ8bFotzhvMpFHtLYEfX-F0JELub4uWgBEYnjuZUR7UYI5DdCFzTklCzU4C84fHyMRrTx_J08VTh-HlALeBFSeLp01bPWronoGctc_sqMyy9KLCxDBKiSCzLwPfXyS1HH-4MwbsdUT61EhFUA_tnjJktSCyNCrZ9uWdA2_O9ADHI2NiMlBVHIszxcAB9mcY-1rr31zoKJMml2TDivSJvDWiYSDE1PBIV12hI8THXmYace4C9ZS0xdJH3UjxrJ7WleEYEikgvf42P5Ikf28m2adb2doRMaQqoWwuxU7m-jd3gaICmtH2H-57yO61ZAXjZjUNjzSL4MzoDEz69CRK-jaRD-ibziNbarxvMAShmxhLDi0PSUJMcheLEaqyPzEI-KszWtkKOxChIoSyzAU-kWUOSMt-eyU2w0jlw34ftJ2cy5PZmF9w6wEjQ-3G-wXkXXB1G98DlQkllCx4CSmJ-ZaOMIeyEHhYDRMIVXWGwpwJQ6WsYEPFpiWjuM2h-XbyGd1gdCzw-VOewZdfXxSH8nIq3_2YEDmeAv0aimXhcjNm93lMcQmRoqQ_rLrmymOHvCyxuhT9jYue6qAkbUfCa-oH1R8WAIMq_q3TGvV052YlcCVqOoWkETaoRbgLTBWTW4Q36UJC0baAjjgWoZnnefRSuWP7e0XU3QUkthj2r9Vbz917nwwQsqBUB8M0RV0r9FAxgOIq4BlcJRc5M8TQsgmbDAogXjcJHYCdV90&sai=AMfl-YReP9cJIwX9RnN8ZOR1MtmIIfIb8XYm4kUCHjxBgiTsWI80CGwIIZPlIz2kmfmMaw7OebdBuSeZjNqDvKHtC5arRkrvaUywTpF5j6tmq8eGX-xnsB3PyFpHofE7BRA8dm8Z&sig=Cg0ArKJSzDk3TiyxiT8CEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 28 Oct 2021 21:29:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 11A1
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CEMiD-q8CGJvTk7gBIAEwAQ&v=APEucNWZMz2i0_aGCF98e8X5r7RMZtzo3FE-YF6X-nJwaUJE1UT2937cyiupkex_YUqXwIPPklE2r-yzzAWy54V09DEVqVD5wQ
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJ3vAwSpULifFDq-e4p-7jY&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJ3vAwSpULifFDq-e4p-7jY&google_cver=1

43 B
180 B

26ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJ3vAwSpULifFDq-e4p-7jY&google_cver=1
Protocol: H2
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:09 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEJ3vAwSpULifFDq-e4p-7jY&google_cver=1
date: Thu, 28 Oct 2021 21:29:09 GMT
via: 1.1 google
server: OXGW/16.217.1
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11A1 0
20 B 52ms
50ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI7YbvtIbu8wIViQgGAB0cKwoXEAAYACDNwa5MOhoIyIP6rwIQv9uC3eADGJCbzt4DIKe_m83eDkITCIP8ybSG7vMCFWXsEQgdaUIFmg;dc_rmcid=CAASBORoNyA;eps=CIDhgBAQARhf;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D15%2...
ade.googlesyndication.com/ddm/activity/ Frame 11A1 42 B
107 B 102ms
50ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7YbvtIbu8wIViQgGAB0cKwoXEAAYACDNwa5MOhoIyIP6rwIQv9uC3eADGJCbzt4DIKe_m83eDkITCIP8ybSG7vMCFWXsEQgdaUIFmg;dc_rmcid=CAASBORoNyA;eps=CIDhgBAQARhf;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D82604%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D373492387%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635456548858;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 11A1 42 B
64 B 53ms
52ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth3IO89l7o8nHn8P4C90xARcyPAcuQpZmCYbjrv7LOs5IZ2dF9UBF9jrGcLMYlz4WC_Sct9AsG1c0hpduxEfJdmH96PHO_1kNPVczs&sai=AMfl-YSjUPCbJb5mTYYChQqctyKj6npdWjkx0kD1aObwZhAgxwfDuuaH83rXkIQNN3ohFAU-j8IXNCvUxabq&sig=Cg0ArKJSzPXtKk_-RQ0-EAE&cid=CAASBORoNyA&id=lidarv&acvw=sv%3D20211013%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D82604%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D373492387%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635456548858&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 11A1 42 B
64 B 27ms
26ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEgPfIxZ7YcPeK-XYx_AP6YSV0AmMlcH0Zae_m83eDt_kor3AARABIMDU7gZgleKQgqAHyAEFqAMByAObBKoE6AFP0PKSKfse2tvAF_bpbGn5IUOYFhOf98DTnECGPlRXOJGfV5oGGI3pM8Gd9V-w9iV9v8QTrwnFW714Wyytcoj0vWPSqSJeOfN6wmrHQInFxK6lE4KRbGKNPTzUNlA6zKvT-p_HFOdX9tXDHoxzqsPAScwr28Rm9clxzfHVJP7I26S2hYdeBRMuqiz-fjsqfTjEpVpWRXwMUAhyRCZTLjJB2iXhSBC1IB_nTkGWeMyWeRS0NCWLRWAkdapWNjxkbc5v60zv2M5UAUagcCArWhXfcIkiiDOJZTYdd3EmKn-xN7k-LHc-nFPFwAS_24Ld4APgBAOQBgGgBnaAB4mR068CqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYX4AKAcgLAeALAYAMAbAT6cf6DMgTkJvO3gPQEwDYEwqIFEjYFAHQFQGAFwE&sigh=NHInLh9QDWE&label=vast_creativeview&ad_mt=6&acvw=sv%3D20211013%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D82604%26vmtime%3D6%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D373492387%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1635456548858

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3373624781547630&output=html&h=280&slotname=9612843281&adk=1134898519&adf=131095644&pi=t.ma~as.9612843281&w=955&fwrn=4&fwrnh=100&lmt=1635456547&rafmt=1&psa=0&format=955x280&url=https%3A%2F%2Fvsevjednom.cz%2F%3F404&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635456547578&bpp=3&bdt=217&idt=87&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&correlator=2842171348007&frm=20&pv=2&ga_vid=380339287.1635456548&ga_sid=1635456548&ga_hid=1846946734&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=323&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316&oid=2&pvsid=3478029146340043&pem=491&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PALMBRVAHu&p=https%3A//vsevjednom.cz&dtd=99
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 11A1 0
17 B 21ms
20ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~kvbglpao&c=1016410647714&slotId=508205323857&qqid=CIP8ybSG7vMCFWXsEQgdaUIFmg&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=7&smb=1000&br=725&mt=video%2Fwebm&vs=854x480&dm=82000&event_name=first_play&asset_bytes=226844&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=12&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=msms_oso.s5~lvlcl.w9~ff.xe~videopreviewstarted.xf&msms_mime0=video%2Fwebm%3B%20codecs%3D%22vp8%2C%20vorbis%22&msms_cs0=350000&msms_ns=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.3 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame E549 35 KB
13 KB 16ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 06:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 26 Oct 2022 06:11:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9A4A 0
0 65ms
65ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211026&jk=3478029146340043&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
53ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211026&jk=3478029146340043&bg=!mZqlmt7NAAbUs_yW1LM7ACkAdvg8WvuEdkUhWix1iB0XymnmVNxAFWrLP0CGdSvjy6GBx7JON1ibFwIAAABeUgAAAAtoAQcKAC_0R9LJ9oBm_VEPmGWwAVGQv-8Tihb7932L3araPtoaeY7LrHgDrUSI01NYkgHiWpkCoDmh8Z2r31VlM_XXhMoDy5L-dPIP5TkNvsrfRWsq5sx1e210gWmdr8zkzJEM9Izc0MgbIAo015WJKXlqroB6CFxYwMO18DuUL_PSiOwHCO0dSzNF4qx9vKCz-_B4iQFG1RD7zJoyKT_3QEyfiHCx4GsL4qDFs0thIUIsa96p97Sb7OsYNBxwnwlFHzIL5Xj3Ka4Obbm_CqSlOvhOVS2DqiA-YIhyC5rdvde3N8KkYRwAkaAPiu8RcWc_rffTmeR6HpLxMAOgWRpF0J_Tm9L4K3DOXPIqK0xVASm4NvGghyFkeq6AUX5BOmqyEvvxHMTrCbxaptXtp54DvI34O0UAiK9YG_GQ16sF8fDcNkB9-FBeBZ2Tdq8eG8i27VFk_iZP3Nw9D_nAvd1TAnJjeUEZsO0q7fqoyCSSnN1SCUCfGssXOQFhksf5GXA5iptJq9-2V3ggbj1Zm0TYFPVjHzXLsbGBVX87sDxpbJUOb-NFPLNHp9aWQmxX_ln--zc_lLpbmIz4rY20AKR0jKUMgY95lS2egJGrd0N62bXz4LOaNw1UM0D4hLbQOXYUzJuzAnjhOm4RGdD2zEMrotXp0Nwf6U5qqEVPulUL-sAJyYDOgZ3i7Zo0w0GlZ2T1pWot5H6cvs6DOBPPM9pKq_7EXMpaKdVJOm72Z76ir-qGa_VQpDrhFzGguOuw2iNH-CG4km7t2Ip7uglMTGaUyro86LkohmaqwrS7j64kc4_3cncpOcwqc8OgBfUWik5ixGZuSsUeZbepRaBHt5UbfYCiyDGgS8MRyhY3t03m2Qjd-Cz0giHiKBx329zf_DBfi_qJpBg4GybQgORuk2iJnYOHGFJoUGUd5xS2-p3vBKYWvjKloFVmtvlBPDb6FXnyEg0Epj-02A

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vsevjednom.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

09d8d6451f5afeb3e4f097904180668200ade78628cbfe31b51e9d6c9c650fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:09 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:09 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

c6ca3c0fe09ea63fda422b9b326029d264c8da514f1c6c568e86345d7a32f2a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:09 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:09 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 11A1 0
17 B 21ms
20ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~kvbglpg2&c=1016410647714&slotId=508205323857&qqid=CIP8ybSG7vMCFWXsEQgdaUIFmg&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=7&smb=1000&br=725&mt=video%2Fwebm&vs=854x480&dm=82000&met.4=lvlcl.14e~lvlcl.1az
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.3 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

9967ce58c8178ce4cc33413dc3c55f9c512631236960a597364ebc86fdc941de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:09 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:09 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 245F 42 B
64 B 49ms
48ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0ZOkxp4pKLOOUCAqIsk8W73gCzdrjS8WaodxzkezRCxrlqQhwqWRAtG4oHL6McOSqOA12HKl3stBzQQDCfM2gxDwhzx3hyJKDwULRIfMI0ehvdDH-_w&sai=AMfl-YR4zAvAhbT5JKWYosBgbc8GVd7H0X6bVm1BxYojo4D_18iRxMb6U6bXJTtGEP1wj7nQlzHzCTufnqBa&sig=Cg0ArKJSzBWKz20FOIS9EAE&id=lidar2&mcvt=1000&p=0,0,280,1175&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=341805304&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635456547684&rpt=1056&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

477b2d1e90dc2fe8d82aedee8ef753a4ad42951d9494e3e8c633c363868d314b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:09 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:09 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

25b846e6d8dccb366778335831f5624539eb83215257be5f73bab0e2d15f33fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:10 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

11f81d2f82d9b6972965b9af3949d370de5923aa8dae4f1839057f0023195a3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:10 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

d6069e9075c1b8fcb723a593dbdae4b5657aca7c84d0d503bac133a949d0c397

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:10 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

46cf84fcfc6b491952851b534e1242987f1def5041d00b5f331fd78932570325

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:10 GMT

GET
H3 200 dc_oe=ChMI7YbvtIbu8wIViQgGAB0cKwoXEAAYACDNwa5MOhoIyIP6rwIQv9uC3eADGJCbzt4DIKe_m83eDkITCIP8ybSG7vMCFWXsEQgdaUIFmg;dc_rmcid=CAASBORoNyA;eps=CIDhgBAQARhf;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D9%26...
ade.googlesyndication.com/ddm/activity/ Frame 11A1 42 B
63 B 72ms
50ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7YbvtIbu8wIViQgGAB0cKwoXEAAYACDNwa5MOhoIyIP6rwIQv9uC3eADGJCbzt4DIKe_m83eDkITCIP8ybSG7vMCFWXsEQgdaUIFmg;dc_rmcid=CAASBORoNyA;eps=CIDhgBAQARhf;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,241,273,714%26tos%3D2005,0,0,0,0%26mtos%3D2005,2005,2005,2005,2005%26amtos%3D0,0,0,0,0%26mcvt%3D2005%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2166%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D0%26dur%3D82604%26vmtime%3D2176%26dtos%3D2005%26dtoss%3D1%26dvs%3D2005%26dfvs%3D2005%26dvpt%3D2166%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D373492387%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2005;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1635456548858;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 11A1 42 B
64 B 52ms
52ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth3IO89l7o8nHn8P4C90xARcyPAcuQpZmCYbjrv7LOs5IZ2dF9UBF9jrGcLMYlz4WC_Sct9AsG1c0hpduxEfJdmH96PHO_1kNPVczs&sai=AMfl-YSjUPCbJb5mTYYChQqctyKj6npdWjkx0kD1aObwZhAgxwfDuuaH83rXkIQNN3ohFAU-j8IXNCvUxabq&sig=Cg0ArKJSzPXtKk_-RQ0-EAE&cid=CAASBORoNyA&id=lidarv&acvw=sv%3D20211013%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,241,273,714%26tos%3D2005,0,0,0,0%26mtos%3D2005,2005,2005,2005,2005%26amtos%3D0,0,0,0,0%26mcvt%3D2005%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2166%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D0%26dur%3D82604%26vmtime%3D2176%26dtos%3D2005%26dtoss%3D1%26dvs%3D2005%26dfvs%3D2005%26dvpt%3D2166%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D373492387%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2005&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1635456548858

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 21:29:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

521958ed8edf70ab7af2a6e44232a8118f29167968fad92eba20d493deba5e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:11 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

457296b1b506bcf8f6cd160973b5a008c46e4d34d69010e589dd5f807790822f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:11 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

fd1de520bdc993110735abbec9a66b6baefa462e5d6d12a448685dd6c1e2a1d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:11 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

94015d39ac6a3aed568d7ba246207cb20138ffe0e46af904e3a2c13940d2abf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:11 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

6f3db683216535584b45b21a54cf370ee4c1d9d8265849f4e1390ba9ff0d24e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 21:29:12 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Wed, 20 Oct 2021 01:35:16 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Thu, 28 Oct 2021 21:29:12 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vsevjednom.cz/	1970-01-19 22:17:40	Name: PHPSESSID Value: u68nph5nvcd537gjq51s0agk0q
.vsevjednom.cz/	1970-01-20 07:39:12	Name: __gads Value: ID=c8838b55e1f34cae-2244293b03cb0032:T=1635456547:RT=1635456547:S=ALNI_Mb7imEt7UZfwA2pOtsLlkog14_KqQ
.doubleclick.net/	1970-01-20 07:39:12	Name: IDE Value: AHWqTUko9KZ9_jsM4DMeaipW7drevYoM-eat1xBnCNdBO5dgsmJpr2TDA9QfUBTGftE
.doubleclick.net/	1970-01-19 22:17:40	Name: DSID Value: NO_DATA
.openx.net/	1970-01-20 07:03:12	Name: i Value: 7c91972f-961c-4587-96f1-2567374fc525\|1635456549

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js(Line 345) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cm.g.doubleclick.net
csi.gstatic.com
flash.megaupload.cz
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
images.vsevjednom.cz
imasdk.googleapis.com
megaupload.vsevjednom.cz
pagead2.googlesyndication.com
partner.googleadservices.com
r1---sn-2gb7sn7k.c.2mdn.net
static.vsevjednom.cz
tpc.googlesyndication.com
us-u.openx.net
vsevjednom.cz
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.181.226
142.250.181.234
142.250.184.226
142.250.185.106
142.250.185.130
142.250.185.162
142.250.185.66
142.250.185.99
142.250.186.130
142.250.186.164
142.250.186.174
142.250.186.98
142.250.186.99
142.251.5.154
216.239.32.3
216.58.212.161
34.98.64.218
74.125.104.103
89.221.218.10
056220caa42baa199898a53a29b2ae6ac682c388dc2b9d6c5d6837dac2a9492c
060b7ed953ed3b3a7f575eda525dd9e0403fd81481b42677ec7e0a8c6aa123e5
09d8d6451f5afeb3e4f097904180668200ade78628cbfe31b51e9d6c9c650fcb
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
11f81d2f82d9b6972965b9af3949d370de5923aa8dae4f1839057f0023195a3e
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
16971d78d0ae2280dbd1425d95c974032fb1bbf3d179b07cf7b7cdb7005392c5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1dd961d90cee9a2af4eb9badf498187c8fc8cf22eb3a0874cf58ad1b392034d8
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2479992c239c7a6add58a533e191926bd0b70d49934ca83a79bc7d880031dd4c
25b846e6d8dccb366778335831f5624539eb83215257be5f73bab0e2d15f33fd
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
437198548a01e31f16ee78d6109ba61c00952e0bde6d92666595e67e5ffaebdf
457296b1b506bcf8f6cd160973b5a008c46e4d34d69010e589dd5f807790822f
46cf84fcfc6b491952851b534e1242987f1def5041d00b5f331fd78932570325
477b2d1e90dc2fe8d82aedee8ef753a4ad42951d9494e3e8c633c363868d314b
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
521958ed8edf70ab7af2a6e44232a8118f29167968fad92eba20d493deba5e9d
54d469d6403279e118c2ec06096bd153a01124deb1408c66ea764406479bda54
5a609b289b9b3d95d2f1d5efa3c2bff969aaec2396b6765223b7197ea1ac6d60
5ba7fc5b2073c314e1f4ca0b0d59f6835e2ececa3e10caa1425dac1df4db95fa
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
6f3db683216535584b45b21a54cf370ee4c1d9d8265849f4e1390ba9ff0d24e7
7bd1b2f40f13df25d7288eaef788f25c51e9a64ecd1e6beaf316d81fa2848e53
8490dd52e8349a7c583d0867629fbbcf5a380d85aa4dbcf57fdbb68fb89db656
907c3432b80ecf5eb9630e6be712343d0d1b3d90714805e18d146a09242f4e41
94015d39ac6a3aed568d7ba246207cb20138ffe0e46af904e3a2c13940d2abf9
982b5886bdc1e0486afe4f251d7afcfc3e427f0d9bfc08cdc01f478a12da4a02
9967ce58c8178ce4cc33413dc3c55f9c512631236960a597364ebc86fdc941de
9ec480bd89e160fa31d6851ad01df733db86eaa51a1e90e25a5870823709a7fd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9ceea26094797742f82f197b73fa15cb8853762bf015a6bf271cdda4537d540
af284481dac6e5d757a8f761fc602f6d10256046d1932ffab533b129ca9c23d9
c39f8588079e72fbf6af0e9c8f25cfe8367a233950984638ff6f8f8c5416ac21
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c6ca3c0fe09ea63fda422b9b326029d264c8da514f1c6c568e86345d7a32f2a6
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d4d0501a1e86ec6899e6c4310178a741bcb62dff52158961aaa8742d6017063b
d6069e9075c1b8fcb723a593dbdae4b5657aca7c84d0d503bac133a949d0c397
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67fe98db490caa3c2eddad19fdc04aae8567139708f26a3ba15388ab01f0df3
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
eb44aea52d105914a4b1338cb06ba54f4bf3a1595798f5a5f75886199829af80
eb6593e76caaf2520ec13ab7ab164a4f18d0b6c29c4d06c83386e3e5e57ae45b
ed20f860c7487e455c5f062562e3f9809f37a921a483f43a8297f02601ad4149
ed66ff76707e38ba7f19590c44a6938ba81fdb28f39cc5e37be881e790b8e10b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd1de520bdc993110735abbec9a66b6baefa462e5d6d12a448685dd6c1e2a1d0
fd6e6ef41d1013ce6189d631d491ca5c67b868da6b761d5f67e4b02f2b331c71

vsevjednom.cz Open in urlscan Pro 89.221.218.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

86 Requests

98 %HTTPS

0 %IPv6

12 Domains

25 Subdomains

18 IPs

2 Countries

5479 kBTransfer

6381 kBSize

5 Cookies

18 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vsevjednom.cz Open in urlscan Pro
89.221.218.10 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

25
Subdomains

18
IPs

2
Countries

5479 kB
Transfer

6381 kB
Size

5
Cookies

86 HTTP transactions
2 data transactions