vremea.tv Open in urlscan Pro
54.171.137.99 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://vremea.tv/
Submission: On April 12 via api (April 12th 2023, 7:50:11 pm UTC) from US — Scanned from DE

Summary HTTP 166 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 25 domains to perform 166 HTTP transactions. The main IP is 54.171.137.99, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is vremea.tv.

This is the only time vremea.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	54.171.137.99 54.171.137.99	16509 (AMAZON-02) (AMAZON-02)
22	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	52.218.104.194 52.218.104.194	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2 34	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3 11	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.187.66.243 54.187.66.243	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
5 5	18.156.85.82 18.156.85.82	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.114.61 52.17.114.61	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:5a00:a9cf:83b3:fc4	16509 (AMAZON-02) (AMAZON-02)
2 2	192.82.242.209 192.82.242.209	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223f:400:8:48e:53c0:93a1	() ()
166	29

19 54.171.137.99 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com

vremea.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.104.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.66.243 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-66-243.us-west-2.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.85.82 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-85-82.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.114.61 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-114-61.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:5a00:a9cf:83b3:fc4 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.82.242.209 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:400:8:48e:53c0:93a1 (None, )

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	633 KB
30	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 228 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 335	235 KB
19	vremea.tv 1 redirects vremea.tv	179 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com	244 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 299	117 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	341 KB
6	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 803 static.adsafeprotected.com dt.adsafeprotected.com Failed	114 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 323	3 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 569	4 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	4 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	999 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7832	818 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2284	20 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 779	1 KB
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 4388	1 KB
2	youtube.com img.youtube.com — Cisco Umbrella Rank: 3122	21 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 828	338 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	711 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 5457	613 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 368	265 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	600 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	71 KB
1	facebook.com graph.facebook.com — Cisco Umbrella Rank: 117
1	amazonaws.com s3-eu-west-1.amazonaws.com	383 KB
166	25

	Domain	Requested by
34	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
22	pagead2.googlesyndication.com	vremea.tv pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
19	vremea.tv	1 redirects vremea.tv
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net vremea.tv
11	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
9	s0.2mdn.net	vremea.tv s0.2mdn.net googleads.g.doubleclick.net
8	www.gstatic.com	googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
5	x.bidswitch.net	5 redirects
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	static.adsafeprotected.com	googleads.g.doubleclick.net srcdoc
4	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	googleads4.g.doubleclick.net	vremea.tv
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	ads.avct.cloud	2 redirects
2	fw.adsafeprotected.com	1 redirects vremea.tv
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	www.google-analytics.com	vremea.tv www.google-analytics.com
2	img.youtube.com	vremea.tv
1	onetag-sys.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	ipac.ctnsnet.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.google-analytics.com
1	graph.facebook.com	vremea.tv
1	s3-eu-west-1.amazonaws.com	vremea.tv
0	dt.adsafeprotected.com Failed	googleads.g.doubleclick.net
166	35

This site contains links to these domains. Also see Links.

Domain
play.google.com
www.facebook.com
www.youtube.com
twitter.com
plus.google.com
www.instagram.com
www.meteoromania.ro
www.yr.no

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh

This page contains 25 frames:

Primary Page: http://vremea.tv/
Frame ID: 0624F7DE0DC62895006E2AB5AC595E19
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20190131/zrt_lookup.html
Frame ID: E705B594793DEFFE612A5639CE50BC7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&adk=1812271804&adf=3025194257&lmt=1681329006&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=http%3A%2F%2Fvremea.tv%2F&ea=0&pra=5&wgl=1&dt=1681329005979&bpp=7&bdt=465&idt=209&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4923295086925&frm=20&pv=2&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=234
Frame ID: 939865CE6699526FC34616C06DA0E401
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=280&slotname=6289960770&adk=12552846&adf=2091889906&pi=t.ma~as.6289960770&w=336&lmt=1681329006&format=336x280&url=http%3A%2F%2Fvremea.tv%2F&wgl=1&dt=1681329005986&bpp=2&bdt=472&idt=233&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1011&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=URp3mTfKIH&p=http%3A//vremea.tv&dtd=238
Frame ID: A591221CD4FCAD80E23B6B77D7A17EA4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=280&adk=3088186576&adf=3215562993&pi=t.aa~a.2830177412~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1681329006&rafmt=1&to=qs&pwprc=4515581995&format=1200x280&url=http%3A%2F%2Fvremea.tv%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1681329005988&bpp=1&bdt=474&idt=239&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=2&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=A7oOEpd4t7&p=http%3A//vremea.tv&dtd=241
Frame ID: E9858A40CAF9B129359C28C83D03EF67
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: DB4C8106DAAB0DFBB2ED635FC2DE45A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=250&adk=3895562249&adf=1613454706&pi=t.aa~a.3790863795~rp.3&w=360&fwrn=4&fwrnh=100&lmt=1681329007&rafmt=1&to=qs&pwprc=4515581995&format=360x250&url=http%3A%2F%2Fvremea.tv%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1681329007932&bpp=1&bdt=2418&idt=0&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba6d86a9ddcf780d-229c6b858edd0017%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MaDaLipldrAWSwt5ooVxZ9Ff2g5Mw&gpic=UID%3D00000be0f73b4670%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MY7JNlDi7wRKq1kMDB5oUKR72ivtg&prev_fmts=0x0%2C336x280%2C1200x280&nras=3&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=2066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&psts=AHQMDFdcFJw1VH8BXixBFWtddNCasYDuJpF8i4SYQNQNVxe0qnaYWRIMACuz2x1k_seSE-_5Rr_kLXB3U72W3PxBcVKFXw&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AQwv7VSOoJ&p=http%3A//vremea.tv&dtd=4
Frame ID: 94910378C0EC3A8FBC5BCB06FD076C81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1F1B137A72A0F239CDB40E86EC005720
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1
Frame ID: A4E14BDB825A8590E192729375E80075
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1
Frame ID: D1B5BD8852DCFCF9A8EF67D98F592AB4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1
Frame ID: 69F58CB4B4CB296560777CAA8967F61E
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 76397B5522D610FAD78FA2C2BB72F45A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4A843655CBAD7D729D86D0799B4873DD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: B4E64F77B4BDB223ADB6B03BDE343CE5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: C91ABD5EC06E1E838DED4C8A9557A84A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: 1579F2465868D85C364C1AE621380085
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: A740EFB1E8D9EDB99EC9104A7F3FCA05
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: CD4C1D62172713A5656E2C4D7D6E2C26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVztp4nLyBZEMJfPKN82hf_GULcRTqjzvIpgRP16RhS2lWq5nAd16uxXn1ubcrYWjOthuEHQDFyv_kKoaKzzE9TZd8ANzyU5P8hged7U1N3fGvB2JEV0zYqDiYquQGa4oyfq8Q5cycvQzUDAeRZlV953_TPoxIbdhvHdp95SnZ44jwrtvg
Frame ID: 3CA84077DC2BD7FF8EB8EEF906E94C8C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 6A6E973ADD63850CA1E2453774ADD7F5
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C6BBD80678C411D873B3DB65D2B49806
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 23EECCD46C932CBB1746DB2FFAA557AC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
Frame ID: A179E049FCB9BAC92FA967314A1920C2
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C1F95A1B46B46105FFA156841CF669B7
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_300x250.js
Frame ID: 79D40BDE277627F40B00A122093858B1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vremea acum, azi şi mâine, starea vremii şi prognoza meteo pe ore

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

166
Requests

76 %
HTTPS

62 %
IPv6

25
Domains

35
Subdomains

29
IPs

5
Countries

2366 kB
Transfer

5641 kB
Size

21
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.meteoware.alertemeteo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vremea.tv

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCGK3Vcg6rJE3stBHlz-hLZA?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://twitter.com/vremeaTV

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/b/108300773656486913454/108300773656486913454

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vremea.tv/

Search URL Search Domain Scan URL

URL: http://www.meteoromania.ro/
Title: ANM

Search URL Search Domain Scan URL

URL: http://www.yr.no/
Title: YR.no

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://vremea.tv/harta-meteo/vremea-astazi.png HTTP 301
https://s3-eu-west-1.amazonaws.com/vremea/dynamic/map-current-weather-today.png

Request Chain 14

http://img.youtube.com/vi/4TOLHFhs2p8/mqdefault.jpg HTTP 307
https://img.youtube.com/vi/4TOLHFhs2p8/mqdefault.jpg

Request Chain 15

http://img.youtube.com/vi/N6OMVtEzhtk/mqdefault.jpg HTTP 307
https://img.youtube.com/vi/N6OMVtEzhtk/mqdefault.jpg

Request Chain 21

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 67

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODc3uLeQBCrBxjsATIIdK-thvyL5fY HTTP 301
https://tpc.googlesyndication.com/simgad/2178660640738150884

Request Chain 100

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKY4-8Y4-7_prTCiw8hBsw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKY4-8Y4-7_prTCiw8hBsw&google_cver=1&C=1

Request Chain 126

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZDcLcU2MGCDFSbeN7Jm1fAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKY4-8Y4-7_prTCiw8hBsw&google_cver=1

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF6dn6G68ukWG2eaW53LOvY&google_cver=1

Request Chain 128

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI1ODE4OTA5MzU0NDkzMDc4Mw%3D%3D

Request Chain 140

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEOBs3cGj5Nl03Hip1FtAOZc&google_cver=1&google_push=Aer7DvLFV89POUBp796TMixXTu-YB9HjZJmqdWQxKOJx72xEa9KXQljrVb2wwu8swukRmaAfxfxSVb_LSA1xMIt94KcjaRC5I67wzA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aer7DvLFV89POUBp796TMixXTu-YB9HjZJmqdWQxKOJx72xEa9KXQljrVb2wwu8swukRmaAfxfxSVb_LSA1xMIt94KcjaRC5I67wzA&google_hm=b4eVhAxITgi5yaGUgLJtvmo

Request Chain 141

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOMeu7s6949gvwkqSdEKxyE&google_cver=1&google_push=Aer7DvJiujgMgkPpgb8lL39rUf9ueRmv-gU1RaVFyXhGKtkmaEB4j0_FC4zLJ1yQ8nNfFAaeALt6jHtnVZnXZrQH0tG0-s9FddYeDg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOMeu7s6949gvwkqSdEKxyE&google_cver=1&google_push=Aer7DvJiujgMgkPpgb8lL39rUf9ueRmv-gU1RaVFyXhGKtkmaEB4j0_FC4zLJ1yQ8nNfFAaeALt6jHtnVZnXZrQH0tG0-s9FddYeDg HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=93316797-a670-406c-8dbf-2e6b326cf7ed&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJiujgMgkPpgb8lL39rUf9ueRmv-gU1RaVFyXhGKtkmaEB4j0_FC4zLJ1yQ8nNfFAaeALt6jHtnVZnXZrQH0tG0-s9FddYeDg&google_hm=7EaAR2fBTlS86UGN3Vv4Ig==

Request Chain 142

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMbCPlSfmyK4SHYTwn4pL1k&google_cver=1&google_push=Aer7DvLxtQ2-ZEhENHCd5of_w1epr4w6ytEp6Uw5yGQe-lxnkjjZRs4McTlw1XzobfabO-0b0Mq_cfv_gp0NQJu-uNRAVjIVDSrXdQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLxtQ2-ZEhENHCd5of_w1epr4w6ytEp6Uw5yGQe-lxnkjjZRs4McTlw1XzobfabO-0b0Mq_cfv_gp0NQJu-uNRAVjIVDSrXdQ&google_hm=eS1CTm1ZNWo1RTJwR2psQmU1d0JfdEdEcVNWbVV0Q2VIa35B

Request Chain 143

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEOMeu7s6949gvwkqSdEKxyE&google_cver=1&google_push=Aer7DvKt6VQMJ0516Tee_GFkQaKXWkDTZPxFLX-DvX9PZTu-iOwEzuZGxR2Sl9b31qpRzVnbp_phsPFJezZLw-3_63u2iH6DpVN9uw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEOMeu7s6949gvwkqSdEKxyE&google_cver=1&google_push=Aer7DvKt6VQMJ0516Tee_GFkQaKXWkDTZPxFLX-DvX9PZTu-iOwEzuZGxR2Sl9b31qpRzVnbp_phsPFJezZLw-3_63u2iH6DpVN9uw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=Aer7DvKt6VQMJ0516Tee_GFkQaKXWkDTZPxFLX-DvX9PZTu-iOwEzuZGxR2Sl9b31qpRzVnbp_phsPFJezZLw-3_63u2iH6DpVN9uw&google_hm=7EaAR2fBTlS86UGN3Vv4Ig==

Request Chain 144

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELUDGQWUR2dVwChVV7wQDk4&google_cver=1&google_push=Aer7DvKmRWondKEAR0w7EqRDQTsdHJPGtAwkXU5J9AJ2AK3mpVeYVLw3o0gu5kUEFzbidi_XGRvFDvuwWJwsK0jbWOJN7DLXPyUrlw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELUDGQWUR2dVwChVV7wQDk4&google_cver=1&google_push=Aer7DvKmRWondKEAR0w7EqRDQTsdHJPGtAwkXU5J9AJ2AK3mpVeYVLw3o0gu5kUEFzbidi_XGRvFDvuwWJwsK0jbWOJN7DLXPyUrlw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=s8Oj3iIaS32AJ42j9bbeRA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKmRWondKEAR0w7EqRDQTsdHJPGtAwkXU5J9AJ2AK3mpVeYVLw3o0gu5kUEFzbidi_XGRvFDvuwWJwsK0jbWOJN7DLXPyUrlw

Request Chain 145

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF6sXlAy0AUCJS_eIPlO2DQ&google_cver=1&google_push=Aer7DvLsCihQPrhLMfijA_7FksrwRHv-qzMvkj21MIbC5U8sWGVoNz4mer_Z8cCSB4Ix2UKO006z2d_9GPqts-eBz4pCtQtb1u8IhQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLsCihQPrhLMfijA_7FksrwRHv-qzMvkj21MIbC5U8sWGVoNz4mer_Z8cCSB4Ix2UKO006z2d_9GPqts-eBz4pCtQtb1u8IhQ

Request Chain 162

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3238758507066341&ias_chanId=1&ias_placementId=19429846202&bidurl=http://vremea.tv/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i-3K3wHj3tefyvzUDK4mgC&adContainerId=brand_safety_cQs3ZOGEB-fUx_APwbqtyAc&cbFunctionName=goog_wrapCb_cQs3ZOGEB-fUx_APwbqtyAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fvremea.tv&adsafe_type=g&adsafe_url=http%3A%2F%2Fvremea.tv%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3238758507066341%26output%3Dhtml%26h%3D250%26adk%3D3895562249%26adf%3D1613454706%26pi%3Dt.aa~a.3790863795~rp.3%26w%3D360%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1681329007%26rafmt%3D1%26to%3Dqs%26pwprc%3D4515581995%26format%3D360x250%26url%3Dhttp%253A%252F%252Fvremea.tv%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1681329007932%26bpp%3D1%26bdt%3D2418%26idt%3D0%26shv%3Dr20230411%26mjsv%3Dm202304060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dba6d86a9ddcf780d-229c6b858edd0017%253AT%253D1681329006%253ART%253D1681329006%253AS%253DALNI_MaDaLipldrAWSwt5ooVxZ9Ff2g5Mw%26gpic%3DUID%253D00000be0f73b4670%253AT%253D1681329006%253ART%253D1681329006%253AS%253DALNI_MY7JNlDi7wRKq1kMDB5oUKR72ivtg%26prev_fmts%3D0x0%252C336x280%252C1200x280%26nras%3D3%26correlator%3D4923295086925%26frm%3D20%26pv%3D1%26ga_vid%3D95655730.1681329006%26ga_sid%3D1681329006%26ga_hid%3D45544892%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1010%26ady%3D2066%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759927%252C44759837%252C44759876%26oid%3D2%26psts%3DAHQMDFdcFJw1VH8BXixBFWtddNCasYDuJpF8i4SYQNQNVxe0qnaYWRIMACuz2x1k_seSE-_5Rr_kLXB3U72W3PxBcVKFXw%26pvsid%3D3419308478080113%26tmod%3D2081266803%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26xpc%3DAQwv7VSOoJ%26p%3Dhttp%253A%2F%2Fvremea.tv%26dtd%3D4&adsafe_type=bed&adsafe_jsinfo=,id:b9b63d27-f4ab-5191-2b86-ca8c346955d1,c:9BoImo,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-c988c4bf5-v2vfh,rg:or,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tBffblt+11%7C12%7C131%7C141%7C151*.990511-61634100%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C171%7C181%7C191,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:22,oid:3b4a33ca-d96b-11ed-b7be-66fd863e39aa,v:19.8.400,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

166 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
vremea.tv/ 28 KB
7 KB 1006ms
931ms Document
text/html 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 313390efb2ef7507bb13a59937b62210695b1d0e624cb74ce063d4110c68f542

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 7116
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 Apr 2023 19:50:04 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK flaticon.css
vremea.tv/res/icon/ 954 B
691 B 54ms
54ms Stylesheet
text/css 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://vremea.tv/res/icon/flaticon.css
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: d1c63fee5d64b0f41e08d3a8b82fd2d239bb805c67945b32e090312669cdc0d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Nov 2017 11:22:51 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3ba-55d3a8ef95828-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 356

GET
H/1.1 200
OK bootstrap.css
vremea.tv/css/ 16 KB
4 KB 123ms
57ms Stylesheet
text/css 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://vremea.tv/css/bootstrap.css
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5a3854344ba3a992b968b9f208e97a8b70ce4d52921d37cee163e9ee35efcb00

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Nov 2017 11:22:51 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4032-55d3a8ef82f46-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3349

GET
H/1.1 200
OK vtv-default.css
vremea.tv/css/ 9 KB
3 KB 123ms
57ms Stylesheet
text/css 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://vremea.tv/css/vtv-default.css
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: ce384d6541fb26871908cec97ea6862d2bd176a60617591fc7db2a179dd5208e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Nov 2017 11:22:51 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "225a-55d3a8ef83ee6-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2380

GET
H/1.1 200
OK ui.css
vremea.tv/css/ 7 KB
2 KB 119ms
53ms Stylesheet
text/css 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://vremea.tv/css/ui.css
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4cdea6114a57afc5479b6618d9e5d61d165c27a1cd9e935f97eb6e51ed11345e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Feb 2018 09:15:33 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1c95-56619f3c70168-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1861

GET
H/1.1 200
OK page.css
vremea.tv/css/ 2 KB
1 KB 122ms
56ms Stylesheet
text/css 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://vremea.tv/css/page.css
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 3cc5ff3310398e45d6145ecac8bd447ea437936aa44d9b625878aa0a292aa226

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Nov 2017 11:22:51 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "89f-55d3a8ef83ee6-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 809

GET
H/1.1 200
OK cookieconsent-3.0.3.min.css
vremea.tv/css/ 4 KB
1 KB 123ms
57ms Stylesheet
text/css 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://vremea.tv/css/cookieconsent-3.0.3.min.css
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Nov 2017 11:22:51 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "f62-55d3a8ef82f46-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1182

GET
H/1.1 200
OK cookieconsent-3.0.3.min.js Show response
vremea.tv/js/vendor/ 19 KB
7 KB 123ms
58ms Script
application/javascript 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://vremea.tv/js/vendor/cookieconsent-3.0.3.min.js
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Nov 2017 11:22:51 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4d5a-55d3a8ef84e86-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6510

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 263ms
126ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc50641c2fb0d2529d0c9093b1d4907564ba87dba818c6f240cfe5d2d4b020d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47934
x-xss-protection: 0
server: cafe
etag: 2564342563488220934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:50:05 GMT

GET
H/1.1 200
OK vremeatv_46x46_a.png
vremea.tv/img/ 3 KB
3 KB 56ms
54ms Image
image/png 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vremea.tv/img/vremeatv_46x46_a.png
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b8bc0c6575e3f3ef0c7f6f58ca67b95bf5f2de21b2c9e5a5d968741291dc15c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Last-Modified: Sun, 05 Nov 2017 11:22:51 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "ab6-55d3a8ef83ee6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2742

GET
H/1.1

200
OK

map-current-weather-today.png
s3-eu-west-1.amazonaws.com/vremea/dynamic/
Redirect Chain

http://vremea.tv/harta-meteo/vremea-astazi.png
https://s3-eu-west-1.amazonaws.com/vremea/dynamic/map-current-weather-today.png

382 KB
383 KB

260ms
135ms

Image
image/png

52.218.104.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/vremea/dynamic/map-current-weather-today.png
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 52.218.104.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e79b6b0f3db469b2cf611023ef64e2ca041c69424f4b159c8fd53137d7a15b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:06 GMT
Content-Encoding: base64
Last-Modified: Wed, 12 Apr 2023 04:00:07 GMT
Server: AmazonS3
x-amz-request-id: 2WYXG717D2DNB259
ETag: "57efbfad8f7be68b9518c85f9cec98fd"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 391474
x-amz-id-2: Bp/YGe9EXtLvDKn3JJoYR6wFHgYek/ql8m+z8pFGjfKFXnODFpa70GV1H7YKO8MK9Z3lFNwyt1M=

Redirect headers

Location: https://s3-eu-west-1.amazonaws.com/vremea/dynamic/map-current-weather-today.png
Date: Wed, 12 Apr 2023 19:50:05 GMT
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 362
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
vremea.tv/js/vendor/ 91 KB
32 KB 61ms
61ms Script
application/javascript 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://vremea.tv/js/vendor/jquery-1.10.2.min.js
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Nov 2017 11:22:51 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "16bb9-55d3a8ef84e86-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 32812

GET
H/1.1 200
OK jquery.li-scroller.1.0.js Show response
vremea.tv/js/vendor/ 2 KB
1 KB 54ms
54ms Script
application/javascript 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://vremea.tv/js/vendor/jquery.li-scroller.1.0.js
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e5437b986a98d4f035858502dc2027b1ed9e81c6cbe626662af97e82e922e448

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Mar 2018 10:19:49 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6b6-566a7aa7c7f32-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 780

GET
H/1.1 200
OK app-alertemeteo-screenshot.png
vremea.tv/img/ 54 KB
54 KB 56ms
55ms Image
image/png 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vremea.tv/img/app-alertemeteo-screenshot.png
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 317dd17ec383067d5aa635f481a189cd1dfa265f4d658dcc06d2a94d6665464c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Last-Modified: Sun, 05 Nov 2017 11:22:51 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "d8d1-55d3a8ef83ee6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 55505

GET
H/1.1 200
OK google-play-badge.png
vremea.tv/img/ 14 KB
14 KB 54ms
53ms Image
image/png 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vremea.tv/img/google-play-badge.png
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 82c846c07d28766314f5cc0e8fe3821795348c1bec92b6ceb58c88a68e0882f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Last-Modified: Sun, 05 Nov 2017 11:22:51 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "37ea-55d3a8ef83ee6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 14314

GET
H2

200

mqdefault.jpg
img.youtube.com/vi/4TOLHFhs2p8/
Redirect Chain

http://img.youtube.com/vi/4TOLHFhs2p8/mqdefault.jpg
https://img.youtube.com/vi/4TOLHFhs2p8/mqdefault.jpg

8 KB
9 KB

179ms
49ms

Image
image/jpeg

2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/4TOLHFhs2p8/mqdefault.jpg

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dbcfcd48707ef2883452073311c37075a18a293c6716c3be0aa91ab3bd36b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:05 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 12 Apr 2023 21:50:05 GMT

Redirect headers

Location: https://img.youtube.com/vi/4TOLHFhs2p8/mqdefault.jpg
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

mqdefault.jpg
img.youtube.com/vi/N6OMVtEzhtk/
Redirect Chain

http://img.youtube.com/vi/N6OMVtEzhtk/mqdefault.jpg
https://img.youtube.com/vi/N6OMVtEzhtk/mqdefault.jpg

12 KB
13 KB

186ms
56ms

Image
image/jpeg

2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/N6OMVtEzhtk/mqdefault.jpg

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce5b8e14337dd1dfd4e89440d971fccdeb71aef1292fdcfc282dcf935958feca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:05 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12750
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 12 Apr 2023 21:50:05 GMT

Redirect headers

Location: https://img.youtube.com/vi/N6OMVtEzhtk/mqdefault.jpg
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 400 picture
graph.facebook.com/2010383092616632/ 0
0 275ms
141ms Image
application/json 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://graph.facebook.com/2010383092616632/picture
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H/1.1 200
OK meteogram.png
vremea.tv/img/teaser/ 19 KB
19 KB 54ms
54ms Image
image/png 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vremea.tv/img/teaser/meteogram.png
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 2089b8870812fe00520822b003e514a9a904b2f6a4b0dc15c6618046444e82da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Last-Modified: Fri, 23 Feb 2018 20:32:27 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4c93-565e70f0973f3"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 19603

GET
H/1.1 200
OK maps.png
vremea.tv/img/teaser/ 24 KB
24 KB 54ms
53ms Image
image/png 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vremea.tv/img/teaser/maps.png
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 44bc9a63017fca8c0b703ff18b42914c8b45450b1bbc3e38115198f99efb2afe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Last-Modified: Sun, 05 Nov 2017 11:22:51 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5f99-55d3a8ef83ee6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 24473

GET
H/1.1 404
Not Found icons-wx-.png
vremea.tv/img/ 271 B
271 B 53ms
53ms Image
text/html 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vremea.tv/img/icons-wx-.png
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 499f3f556fa82e2aaeba97713f700c5cf5ce7f87c9c81abc9054185c9ca8897b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 271
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
50 KB 177ms
138ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0ec55590b4975f100400af0eac637989df72263315ad2bd36fc934c628994de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50797
X-XSS-Protection: 0
Server: cafe
ETag: 10513040916926298842
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Wed, 12 Apr 2023 19:50:05 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

130ms
39ms

Script
text/javascript

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 18:05:09 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6296
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 12 Apr 2023 20:05:09 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK flaticon.woff
vremea.tv/res/icon/ 2 KB
2 KB 57ms
56ms Font
application/font-woff 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://vremea.tv/res/icon/flaticon.woff
Requested by: Host: vremea.tv
URL: http://vremea.tv/res/icon/flaticon.css
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 2a271877bd7e13e7f46859858f7a8dd9456713c148707f83b4ef74f8987a1d60

Request headers

Referer: http://vremea.tv/res/icon/flaticon.css
Origin: http://vremea.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Last-Modified: Sun, 05 Nov 2017 11:22:51 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "8ac-55d3a8ef95828"
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2220

GET
H/1.1 200
OK ticker-data.html Show response
vremea.tv/ 12 KB
2 KB 120ms
119ms XHR
text/html 54.171.137.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://vremea.tv/ticker-data.html
Requested by: Host: vremea.tv
URL: http://vremea.tv/js/vendor/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Server: 54.171.137.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-99.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 148dd805c0cca6f54f717d87b0056c2dc0317c7dbe15bee7838f26fdcad64fa9

Request headers

Accept: */*
Referer: http://vremea.tv/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 19:50:05 GMT
Content-Encoding: gzip
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 1807

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
216 B 47ms
46ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=45544892&t=pageview&_s=1&dl=http%3A%2F%2Fvremea.tv%2F&ul=en-us&de=UTF-8&dt=Vremea%20acum%2C%20azi%20%C5%9Fi%20m%C3%A2ine%2C%20starea%20vremii%20%C5%9Fi%20prognoza%20meteo%20pe%20ore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1283408952&gjid=1998080883&cid=95655730.1681329006&tid=UA-35089983-2&_gid=1525273517.1681329006&_r=1&_slc=1&z=706987548

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

941b53f2219d9886aeaf98846918ce12748d5239bf8ffebc1216efca419de12a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://vremea.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://vremea.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 105ms
103ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3238758507066341&plah=vremea.tv

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1197d95bbd94c2fb4f9f747ea93352188a59edd4644b494dfd8b32c6893f6649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118943
x-xss-protection: 0
server: cafe
etag: 17567006833676206929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:50:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230411/r20190131/ Frame E705 10 KB
5 KB 243ms
40ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230411/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vremea.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:59:50 GMT
etag: 2378337311435320485
expires: Wed, 26 Apr 2023 15:59:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
71 KB 147ms
59ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QYJ6V2JD3J&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45fea11e259cb9648a0a336e4a144a514f33a527ea978af733a4639ec6fa67cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72716
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 19:50:06 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
600 B 164ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vremea.tv&callback=_gfp_s_&client=ca-pub-3238758507066341

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3238758507066341&plah=vremea.tv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d4ac0890a6b5e48a77388289e1eb109077a39e5c71c556dc993a157eb566a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 148ms
55ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vremea.tv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 151ms
49ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vremea.tv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9398 535 KB
100 KB 1547ms
1543ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&adk=1812271804&adf=3025194257&lmt=1681329006&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=http%3A%2F%2Fvremea.tv%2F&ea=0&pra=5&wgl=1&dt=1681329005979&bpp=7&bdt=465&idt=209&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4923295086925&frm=20&pv=2&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=234

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99f4c3c808122fd74495858d6de9689c802e5636b03ee81398a3b8706ce70b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vremea.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 101780
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 19:50:07 GMT
expires: Wed, 12 Apr 2023 19:50:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A591 82 KB
30 KB 1096ms
1093ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=280&slotname=6289960770&adk=12552846&adf=2091889906&pi=t.ma~as.6289960770&w=336&lmt=1681329006&format=336x280&url=http%3A%2F%2Fvremea.tv%2F&wgl=1&dt=1681329005986&bpp=2&bdt=472&idt=233&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1011&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=URp3mTfKIH&p=http%3A//vremea.tv&dtd=238

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0368f5e99f73c43a418b2c3f60a86c04bee2dc620b87f95b0b05091e7bd2f975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vremea.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30797
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 19:50:07 GMT
expires: Wed, 12 Apr 2023 19:50:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E985 112 KB
34 KB 1774ms
1772ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=280&adk=3088186576&adf=3215562993&pi=t.aa~a.2830177412~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1681329006&rafmt=1&to=qs&pwprc=4515581995&format=1200x280&url=http%3A%2F%2Fvremea.tv%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1681329005988&bpp=1&bdt=474&idt=239&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=2&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=A7oOEpd4t7&p=http%3A//vremea.tv&dtd=241

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4957a7f933f96010b047a01b880c578634675d0958104a6abbc15eb9bbbbaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vremea.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34790
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 19:50:08 GMT
expires: Wed, 12 Apr 2023 19:50:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
240 B 135ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QYJ6V2JD3J&gtm=45je34a0&_p=45544892&cid=95655730.1681329006&ul=en-us&sr=1600x1200&ir=1&_eu=EBA&_s=1&sid=1681329006&sct=1&seg=0&dl=http%3A%2F%2Fvremea.tv%2F&dt=Vremea%20acum%2C%20azi%20%C5%9Fi%20m%C3%A2ine%2C%20starea%20vremii%20%C5%9Fi%20prognoza%20meteo%20pe%20ore&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QYJ6V2JD3J&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://vremea.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A591 6 KB
1 KB 138ms
49ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=280&slotname=6289960770&adk=12552846&adf=2091889906&pi=t.ma~as.6289960770&w=336&lmt=1681329006&format=336x280&url=http%3A%2F%2Fvremea.tv%2F&wgl=1&dt=1681329005986&bpp=2&bdt=472&idt=233&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1011&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=URp3mTfKIH&p=http%3A//vremea.tv&dtd=238

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 19:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 19:08:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 19:50:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame A591 2 KB
818 B 141ms
52ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame A591 0
0 87ms
86ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvyZWbgs3ZN6NFLiV7APvpryICcWTq9huqoud38MR57rz_QgQASD2spMnYJWK_IGUB6AB--TfmAPIAQmpAq8GUozJabI-qAMByAPLBKoEwQFP0JlmZQroVYU_gxzvguSvphZTqe2Wvl8LjUjV8-_QPuTrlRYm7dN5M35MMEo4zeQvVKoubRlzrOktnTwvW2_f7HHi7t0sbbfEZNEqVkgK-UHPXi2SvSpb2yEVrVXnCIPmBEzZVX4OO_TX0bBlHQbO-wRwT09lCLA6AOTcpNGn_HQ_xkdLXfbGLBDGonBMaBdOq0wcxpdjIk4yTCl6jYfK2vKRqnNS9ZFk2jS-_gHeG4l9GmoGEWYUbgna8hWPzsolwASaoczlhQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH7ZqgZ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJmTHdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMjM4NzU4NTA3MDY2MzQxGAA&sigh=_rXgQdSUtg4&uach_m=[UACH]&cid=CAQSGwBygQiD3M4vnpFBHYE3ZIRCas3oepow5gJpDxgB&template_id=484

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=280&slotname=6289960770&adk=12552846&adf=2091889906&pi=t.ma~as.6289960770&w=336&lmt=1681329006&format=336x280&url=http%3A%2F%2Fvremea.tv%2F&wgl=1&dt=1681329005986&bpp=2&bdt=472&idt=233&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1011&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=URp3mTfKIH&p=http%3A//vremea.tv&dtd=238
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 19:50:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Apr 2023 19:50:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/ Frame A591 22 KB
9 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame A591 3 KB
1 KB 134ms
50ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame A591 20 KB
8 KB 128ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A591 159 KB
49 KB 176ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:50:07 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame A591 33 KB
14 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 05:00:58 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/220290450621526364/ Frame A591 44 KB
44 KB 154ms
76ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/220290450621526364/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4c4de212da23851d048773fafcea78fa9f4e33b98cf5b15852eddc348eb30fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 16:45:51 GMT
x-content-type-options: nosniff
age: 183856
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44549
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 15:57:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Apr 2024 16:45:51 GMT

GET
DATA 200
OK truncated
/ Frame A591 217 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9f365b538215baaa59f350e7bdbbef5c604ec2b7fd6638eff47bdf64c1d666f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A591 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8016ad4ab0c235de5f088713fbcf0e3f43c0732f4d346bf073a61a1146126166

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A591 15 KB
16 KB 168ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 119936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A591 15 KB
16 KB 176ms
50ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:10 GMT
x-content-type-options: nosniff
age: 119937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A591 15 KB
15 KB 209ms
84ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:08 GMT
x-content-type-options: nosniff
age: 119939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:08 GMT

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame DB4C 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 05:59:57 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 150 KB
51 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00070fee7703f74a8f3fb549172e55075aec3b16950270497490dc4031426858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52059
x-xss-protection: 0
server: cafe
etag: 16290540245894206970
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:50:07 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 49ms
48ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vremea.tv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 48ms
47ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vremea.tv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9491 21 KB
9 KB 829ms
829ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=250&adk=3895562249&adf=1613454706&pi=t.aa~a.3790863795~rp.3&w=360&fwrn=4&fwrnh=100&lmt=1681329007&rafmt=1&to=qs&pwprc=4515581995&format=360x250&url=http%3A%2F%2Fvremea.tv%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1681329007932&bpp=1&bdt=2418&idt=0&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba6d86a9ddcf780d-229c6b858edd0017%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MaDaLipldrAWSwt5ooVxZ9Ff2g5Mw&gpic=UID%3D00000be0f73b4670%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MY7JNlDi7wRKq1kMDB5oUKR72ivtg&prev_fmts=0x0%2C336x280%2C1200x280&nras=3&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=2066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&psts=AHQMDFdcFJw1VH8BXixBFWtddNCasYDuJpF8i4SYQNQNVxe0qnaYWRIMACuz2x1k_seSE-_5Rr_kLXB3U72W3PxBcVKFXw&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AQwv7VSOoJ&p=http%3A//vremea.tv&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

394d8aef152e2761682bb1279091cfce7828660ece0b701a4fbdc4cebe4f1ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vremea.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 8911
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 19:50:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame E985 2 KB
627 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=280&adk=3088186576&adf=3215562993&pi=t.aa~a.2830177412~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1681329006&rafmt=1&to=qs&pwprc=4515581995&format=1200x280&url=http%3A%2F%2Fvremea.tv%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1681329005988&bpp=1&bdt=474&idt=239&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=2&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=A7oOEpd4t7&p=http%3A//vremea.tv&dtd=241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 19:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 19:10:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 19:50:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame E985 2 KB
804 B 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E985 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Co5O3bgs3ZJ72HMHo2gSX2pewD6-ts8JvoOadp84R2dCsxaA5EAEg9rKTJ2CVivyBlAegAeyxs4MpyAEJqQKvBlKMyWmyPqgDAcgDywSqBL0BT9Culx53ag_Z-7ASox1UhD9kg6jw-hCN-6wb-fbYX6hFuHK7j4ZaRx0C2F_Wx5Vld2yqdA1PnoNyd8d0T5rQaNh5m9GR4AAFSw1dMT7NKFrfNoT-gb49nX6OH6PA8w1pL0Wkw_syLx4XVU5RZSmA1Nb6LPpOrrGYoEQQgBTIbqigYf8j91DXe-exTgoA2gYZWPQE2GK0Bgc6BWWFIT0K5pQS77FPkvVjvTwtvmH2zUuu1S8140Sv4IpUEjuwwATov7DApQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH7OmD4wOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQlsBX0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMzIzODc1ODUwNzA2NjM0MRgA&sigh=dcJXHanIsZo&uach_m=[UACH]&cid=CAQSGwBygQiDGTyfrYz7WxLzvbxPqYJkldlbFckYmBgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=280&adk=3088186576&adf=3215562993&pi=t.aa~a.2830177412~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1681329006&rafmt=1&to=qs&pwprc=4515581995&format=1200x280&url=http%3A%2F%2Fvremea.tv%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1681329005988&bpp=1&bdt=474&idt=239&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=2&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=103&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=A7oOEpd4t7&p=http%3A//vremea.tv&dtd=241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 19:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/ Frame E985 22 KB
9 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame E985 3 KB
1 KB 48ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame E985 20 KB
8 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E985 159 KB
49 KB 59ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:50:08 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame E985 33 KB
14 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 05:00:58 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E985 18 KB
19 KB 221ms
102ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTJXaBSIB822-8PxyDqHHg5ZjDtZo9eNHd7-CEy1FjouThjqJo8PQcH7NbNeA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

077d26b1a58dd6c282fa6e15c00699a6c303a65f40e32c13da3755c53330e6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:21:48 GMT
x-content-type-options: nosniff
age: 116900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18831
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 14:17:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 10 Apr 2024 11:21:48 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E985 25 KB
25 KB 160ms
41ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRiSoDQB68N7DWPuoiEW7hlln-G0_JYpfgpGPsNgFSTCjrlXKdoC8ycWx8Gvxk&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b79921f081e88341401040c57d00d856fdd5637ab57afbd102e367a0702fe35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:15:47 GMT
x-content-type-options: nosniff
age: 437661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25286
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 06:21:04 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 18:15:47 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E985 14 KB
15 KB 199ms
80ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSkKRTUjE40vr3y5wTUDbwBLPfsxsh89sfsVu8-6lCq34ugFah2H8wnVTCNu7I&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06e7cfc33099ad5ee212809eba92a05111f953f6da171cca9b1c07a5dec736bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:52:42 GMT
x-content-type-options: nosniff
age: 435446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14753
x-xss-protection: 0
last-modified: Mon, 23 May 2022 09:08:46 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 18:52:42 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E985 12 KB
12 KB 211ms
92ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTTB2kYMOMGN9-K6kzim-DdL2vKRvYnxPkPWlFkpLA_uG4Fmqc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a6bb174d735a599e2a6d6cb4baa300ba715a4a1f7b4dee2f95bca71d7c8518a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 09:22:02 GMT
x-content-type-options: nosniff
age: 383286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12444
x-xss-protection: 0
last-modified: Wed, 04 Aug 2021 01:31:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 07 Apr 2024 09:22:02 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E985 21 KB
21 KB 144ms
40ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRp8sf-ZZSXEdH0sLinAlWGq5BdqG3L4TSgpVsyAjZ56LemXQ7EGJiCSIbhKSE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a02c28dee2269f9fae99418dfc505fc4d9900160821ef1385e55b245b24713e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 19:01:08 GMT
x-content-type-options: nosniff
age: 434940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21229
x-xss-protection: 0
last-modified: Sat, 21 May 2022 19:54:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 06 Apr 2024 19:01:08 GMT

GET
H2

200

2178660640738150884
tpc.googlesyndication.com/simgad/ Frame E985
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODc3uLeQBCrBxjsATIIdK-thvyL5fY
https://tpc.googlesyndication.com/simgad/2178660640738150884

21 KB
21 KB

43ms
43ms

Image
image/png

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2178660640738150884

Requested by

Protocol

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d408b3407069eccc933306dcd72b68ff95b8455af8645256ef2049c605f4d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:44:29 GMT
x-content-type-options: nosniff
age: 435939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21212
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 05:11:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 18:44:29 GMT

Redirect headers

date: Wed, 12 Apr 2023 09:24:49 GMT
x-content-type-options: nosniff
server: cafe
age: 37519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/2178660640738150884
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 09:24:49 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vremea.tv

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vremea.tv

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://vremea.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/ Frame 1F1B 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vremea.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:59:30 GMT
etag: 2378337311435320485
expires: Wed, 26 Apr 2023 15:59:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/ Frame A4E1 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vremea.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:59:30 GMT
etag: 2378337311435320485
expires: Wed, 26 Apr 2023 15:59:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/ Frame D1B5 10 KB
4 KB 41ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vremea.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:59:30 GMT
etag: 2378337311435320485
expires: Wed, 26 Apr 2023 15:59:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/ Frame 69F5 10 KB
4 KB 43ms
43ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vremea.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 15:59:30 GMT
etag: 2378337311435320485
expires: Wed, 26 Apr 2023 15:59:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E985 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4832b2d3bd0b6d899c05c82c212cacde11140f6f7c8a9208974a9bf475597c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame 1F1B 4 KB
705 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 19:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 19:15:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 19:50:08 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1F1B 205 B
519 B 40ms
40ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 01:42:34 GMT
x-content-type-options: nosniff
age: 65254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 11 Apr 2024 01:42:34 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1F1B 604 B
695 B 41ms
40ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:03:57 GMT
x-content-type-options: nosniff
age: 17171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 11 Apr 2024 15:03:57 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/elements/html/ Frame 1F1B 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:54:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame A4E1 2 KB
765 B 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/ Frame A4E1 22 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame A4E1 3 KB
1 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame A4E1 20 KB
8 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4E1 159 KB
49 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:50:08 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame A4E1 33 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 05:00:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame D1B5 2 KB
765 B 77ms
77ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/ Frame D1B5 22 KB
9 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame D1B5 3 KB
1 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame D1B5 20 KB
8 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D1B5 159 KB
49 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:50:08 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame D1B5 33 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 05:00:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 69F5 4 KB
618 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 19:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 19:42:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 19:50:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame 69F5 2 KB
765 B 69ms
69ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 69F5 0
0 86ms
84ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxYHSbgs3ZP6OHdfl2gSSsLm4D72Npq9vn8yvrL8O6p_coNQBEAEg9rKTJ2CVivyBlAegAbC6odcDyAEJqQLQvqB80mqyPqgDAcgDywSqBLkBT9CcQ2aboYnGfsVgMO6m4Gc1KfIC37CSM7iV28Gf2H4p5EP7mGAPadnUQSxy46wLJQnaTByT19Glx-U3iyQ34J6M1AUqY4WpIypLiMxnXuDEjvascph1KLLoSb1-3NKQXvxcejTHUZ6P8lysQo5RlBPn7zs2-l3-JDU7FrNwHLjs1plsupihxZGWrq8EvK3h5bc3dDln3EPHLsDm0qMoUGoVZEAbjZzK_WpRcDaUIcHJJdaS9KaiogPABKmcqargA5IFBAgEGAGSBQQIBRgEoAYugAfF960-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEMecJ9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQC0BUBgBcBshccChoIABIUcHViLTMyMzg3NTg1MDcwNjYzNDEYAA&sigh=EZkVQcO-1wo&uach_m=[UACH]&cid=CAQSGwBygQiD74Pe2VoWqObh_qqPuWPzAYcoaDyIjRgB&template_id=494

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 19:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/ Frame 69F5 22 KB
9 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame 69F5 3 KB
1 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame 69F5 20 KB
8 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69F5 159 KB
49 KB 87ms
85ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:50:08 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 69F5 33 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 05:00:58 GMT

GET
DATA 200
OK truncated
/ Frame 69F5 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 69F5
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

40ms
39ms

Image
image/png

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 438296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 18:05:12 GMT

Redirect headers

date: Wed, 12 Apr 2023 09:29:28 GMT
x-content-type-options: nosniff
server: cafe
age: 37240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 May 2023 09:29:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7639 8 KB
893 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 19:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 19:18:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 19:50:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame 7639 2 KB
765 B 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/ Frame 7639 22 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame 7639 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame 7639 20 KB
8 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7639 159 KB
49 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:50:08 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 7639 33 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 05:00:58 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame E985 20 KB
20 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 119944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A84 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 19:33:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 69F5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a50f09da043009c3e1d009aa9293c71c3e18aae8d484d142f1702633676a9bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame B4E6 36 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 05:59:57 GMT

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame C91A 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 05:59:57 GMT

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 1579 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 05:59:57 GMT

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame A740 36 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 05:59:57 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A84
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
52ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230411/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 19:50:08 GMT
expires: Wed, 12 Apr 2023 19:50:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 19:50:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame CD4C 36 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 05:59:57 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3CA8 624 B
245 B 82ms
81ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVztp4nLyBZEMJfPKN82hf_GULcRTqjzvIpgRP16RhS2lWq5nAd16uxXn1ubcrYWjOthuEHQDFyv_kKoaKzzE9TZd8ANzyU5P8hged7U1N3fGvB2JEV0zYqDiYquQGa4oyfq8Q5cycvQzUDAeRZlV953_TPoxIbdhvHdp95SnZ44jwrtvg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=250&adk=3895562249&adf=1613454706&pi=t.aa~a.3790863795~rp.3&w=360&fwrn=4&fwrnh=100&lmt=1681329007&rafmt=1&to=qs&pwprc=4515581995&format=360x250&url=http%3A%2F%2Fvremea.tv%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1681329007932&bpp=1&bdt=2418&idt=0&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba6d86a9ddcf780d-229c6b858edd0017%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MaDaLipldrAWSwt5ooVxZ9Ff2g5Mw&gpic=UID%3D00000be0f73b4670%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MY7JNlDi7wRKq1kMDB5oUKR72ivtg&prev_fmts=0x0%2C336x280%2C1200x280&nras=3&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=2066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&psts=AHQMDFdcFJw1VH8BXixBFWtddNCasYDuJpF8i4SYQNQNVxe0qnaYWRIMACuz2x1k_seSE-_5Rr_kLXB3U72W3PxBcVKFXw&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AQwv7VSOoJ&p=http%3A//vremea.tv&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=250&adk=3895562249&adf=1613454706&pi=t.aa~a.3790863795~rp.3&w=360&fwrn=4&fwrnh=100&lmt=1681329007&rafmt=1&to=qs&pwprc=4515581995&format=360x250&url=http%3A%2F%2Fvremea.tv%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1681329007932&bpp=1&bdt=2418&idt=0&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba6d86a9ddcf780d-229c6b858edd0017%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MaDaLipldrAWSwt5ooVxZ9Ff2g5Mw&gpic=UID%3D00000be0f73b4670%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MY7JNlDi7wRKq1kMDB5oUKR72ivtg&prev_fmts=0x0%2C336x280%2C1200x280&nras=3&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=2066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&psts=AHQMDFdcFJw1VH8BXixBFWtddNCasYDuJpF8i4SYQNQNVxe0qnaYWRIMACuz2x1k_seSE-_5Rr_kLXB3U72W3PxBcVKFXw&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AQwv7VSOoJ&p=http%3A//vremea.tv&dtd=4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 19:50:08 GMT
expires: Wed, 12 Apr 2023 19:50:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6A6E 78 KB
27 KB 149ms
148ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:50:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame 6A6E 3 KB
1 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/ Frame 6A6E 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230411/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:45:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6A6E 0
0 48ms
46ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpXBquvFSlHaxCbOjO1THS2cso08aJnTXxttknr2Gjp5jygQklNsDEK7MK9urFUD9mBOVZJmVd5fR5Ar_zna-jOCXXGA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=250&adk=3895562249&adf=1613454706&pi=t.aa~a.3790863795~rp.3&w=360&fwrn=4&fwrnh=100&lmt=1681329007&rafmt=1&to=qs&pwprc=4515581995&format=360x250&url=http%3A%2F%2Fvremea.tv%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1681329007932&bpp=1&bdt=2418&idt=0&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba6d86a9ddcf780d-229c6b858edd0017%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MaDaLipldrAWSwt5ooVxZ9Ff2g5Mw&gpic=UID%3D00000be0f73b4670%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MY7JNlDi7wRKq1kMDB5oUKR72ivtg&prev_fmts=0x0%2C336x280%2C1200x280&nras=3&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=2066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&psts=AHQMDFdcFJw1VH8BXixBFWtddNCasYDuJpF8i4SYQNQNVxe0qnaYWRIMACuz2x1k_seSE-_5Rr_kLXB3U72W3PxBcVKFXw&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AQwv7VSOoJ&p=http%3A//vremea.tv&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A6E 159 KB
49 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:50:08 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A6E 42 B
63 B 141ms
140ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLzb-8vn1TjiT4b57nPsn6B9ZaFSjopTGiFy3jZ0icEmWUOSS5WAxjaogCpxQeF_5hQL94ueAyZ6Bxox7PKhWxUAwm14micB4I-6-KmvOTuNS-StM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A6E 0
20 B 141ms
141ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12052730481997019151&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3CA8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKY4-8Y4-7_prTCiw8hBsw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKY4-8Y4-7_prTCiw8hBsw&google_cver=1&C=1

43 B
632 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKY4-8Y4-7_prTCiw8hBsw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVztp4nLyBZEMJfPKN82hf_GULcRTqjzvIpgRP16RhS2lWq5nAd16uxXn1ubcrYWjOthuEHQDFyv_kKoaKzzE9TZd8ANzyU5P8hged7U1N3fGvB2JEV0zYqDiYquQGa4oyfq8Q5cycvQzUDAeRZlV953_TPoxIbdhvHdp95SnZ44jwrtvg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 19:50:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 19:50:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESELKY4-8Y4-7_prTCiw8hBsw&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3CA8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZDcLcU2MGCDFSbeN7Jm1fAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKY4-8Y4-7_prTCiw8hBsw&google_cver=1

43 B
632 B

41ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKY4-8Y4-7_prTCiw8hBsw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVztp4nLyBZEMJfPKN82hf_GULcRTqjzvIpgRP16RhS2lWq5nAd16uxXn1ubcrYWjOthuEHQDFyv_kKoaKzzE9TZd8ANzyU5P8hged7U1N3fGvB2JEV0zYqDiYquQGa4oyfq8Q5cycvQzUDAeRZlV953_TPoxIbdhvHdp95SnZ44jwrtvg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 19:50:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKY4-8Y4-7_prTCiw8hBsw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3CA8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF6dn6G68ukWG2eaW53LOvY&google_cver=1

43 B
1 KB

83ms
73ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF6dn6G68ukWG2eaW53LOvY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVztp4nLyBZEMJfPKN82hf_GULcRTqjzvIpgRP16RhS2lWq5nAd16uxXn1ubcrYWjOthuEHQDFyv_kKoaKzzE9TZd8ANzyU5P8hged7U1N3fGvB2JEV0zYqDiYquQGa4oyfq8Q5cycvQzUDAeRZlV953_TPoxIbdhvHdp95SnZ44jwrtvg

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Apr 2023 19:50:09 GMT
AN-X-Request-Uuid: 9a7a4840-7467-4251-91f6-598865f75899
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF6dn6G68ukWG2eaW53LOvY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3CA8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI1ODE4OTA5MzU0NDkzMDc4Mw%3D%3D

170 B
243 B

50ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI1ODE4OTA5MzU0NDkzMDc4Mw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 12 Apr 2023 19:50:09 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fd1eab34-e074-4b41-941e-403b389bf620
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI1ODE4OTA5MzU0NDkzMDc4Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A6E 0
20 B 141ms
141ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6452315585047&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A6E 0
20 B 140ms
140ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6452315585047&version=m202301230201&ct=76&x=1&cor=12052730481997020000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6A6E 95 KB
37 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgO7kZIPzZ8tNslBfSPvGTiHoYOr3pAu-tY04xUshcAdQeqyWUMk5hAULdsUcBbLq4HtTCFR0cHjSwHHut6a50j21fN0bLej2PxKSFl6VWCTWROx7w2vENcP-cIJAcNa7kJc-RCx03JuQYRZTBITZFgSZp5SDpLdM_JaiIu7l1x5b2f_I&dbm_d=AKAmf-AuzPnzjBIO6-WowFS2Foo8_HSALZwv6VKjuo1RVX7ssivOVVxdQGEBukpvw7S9S-pT5ON71TUohO0aEWipRUC7WO6thoctqW5Iz7T692JNSWKm9TIwENl44LyA8jg8W92RE2mzcW0_ReDxTurOzZdT7IUdDKq65tuXyAh3jAINcX2iIQ7GwbEAYSn5vAMlNH9Z_y-fIzEtKO_kq1VR3Dwae2CLtweNkGbFmRlgTG4ewlKV1BwcBw9zgC1O2qkqD4Sm-XNv4Nm6jMRFbC3TA2NlsTZB366f5gbaPFIgjsoRayxqJbd3oaMWq3A62vwR7vL3SwkGz0g6vlPz4qZ9NLSKjJAq0Aidl7N8QaJdv1uhOWCvmBlrjN1W46_LClr6xN8peV2MWqD5H4Mu9ly3qXlF6Gd3Bz9AMoMSFniL4HLxlNmJqRv3CoXn7xlKOuI4vEhbtphmEEJI5MK9Esu3dNgbNxgy2hBax1Kecdkl6n8don6LWb0M_VMSGF_U95Ew1qrZQBRe26zsop5lDTY2D8030TbwEhAoDcjnACRANPeOGKHuWvarFGD1vPvEAcKj4XGFCH9tLbAR-BMejK3e20xfrUhiXJAXoZar2hfCmkqcTWYSRo3M2VN52T9XuZKBz0uMoSczCzTXq1xWH5CqMPT1adLM6iAOaYwDwZIfnAgLKhPSRt72Xfs8UBROK2Xi_qMpdP8Ihusi_jjyL9zTCNFU5G2LjDSon3o5XJfgE1dbxrWptFQl0_DW2l3hfVqmojgTqKjhje8saREt1a3aLrV2UkBVKA-OJ7OZlteitaqeS_Tzb86tLQFGuphhLEiwngjSG764SnYUTVeSL6-_GmF8tGsyDfFXHx-4D9f2TTpJbhD9n10qIqP46ZDtbFC4yp6R9cBOimzHZNTl0aNRVHbx8pO06h1syPqEzOXi8bvXgdKUjPp9iX6gyHboupdDbjVoR6rUL_2ljYnhXbA_dIYym3LhqOm9SGVHMV0asNOaM8AO4mPS4XaBNmvwWGt-Oog16nHYM4qy85v0PbZOTIT99nPAMNShNGF5lbFpd-HYmTFoY51NXZmdKaI2wlxYs6seE9bhySQrPl92UeDKRsCKR9S81ynqyROIjGJcmuo59gpo8h842tUEBM1W_XhA_ZWDj_wtnzN6IJ89LLsxSHi52gDJB8M61xmy-xY-LPka3QWvlt1MA-uI4g3vkmw0QSwL_58PYx-EQulhVkH_AKhASPJEixMje2tcAW_-ESfjiI7uWegHE8ce5lIs1rV1H41MDL4XNOoX3rYkpa6gKdvs-gK0qYoEDVs0LPAHzg1pizbECVXWA1VF_lc-XyESEFkyS3zkafFPJR_rnBG34GTAQpRQI-8fHHhtrk4TIsO7Jr-aj5roo83-OiboQgissT91OZWQBfvy8aimiUuQAcf7H_Q05sjIBY7aASzxDKW2kupK9657ilXY6m-HJbNxfIoi1hun2K-Q3uQGcKnAeTC-o9LEPsjUyu_rP2mEJi1av7AkoWE2y6ghL1kOKCcH0NQwef5v8DzfE_XlHWLScb_JZ9hnyDgzjeeqGKH6F0xrIlZlrSzquEuxRj9cx63iDaebsXqMkWejzFyoKHxttHUhmV7idHv36SfDFWGzVsnCazCpW_FTHtL5rSnEjHeuoZ2PE55LOjz6rOHcli0bipELkkw5cktrqzPxrp4tScCd0HLpoBjqPshHwJX4jLnpkXvdNPh5txLJAsK4P22d5zoSDJFOTE0jRb_vOs_UCWR28DcxJ7uV_bnCTVlV4f-qsVEbTps0yzK7C8K9N5EgXhMpjK2ces6D17ySF7zU51HImEguXAjJZJpkF23q7JtjhVRK2XyU3cKmZOjqQLO5t6oTxTAUwDomfqnozC18BB5ZdG8p3Ec395UKVqPHe0Nt1v_WVi7dH17NxetfwDmrHyNB8RMQuEVr647TKii-phGjaPIZqlpu2n1i1F_mnKBUwnq_hYF2M-bvpCuNQWtOP5eMg1PN4TovQ7Y2EdO3GOiPGbKljgIq6CczmiTT6f2LxmiT1cy0EgrIlO2tRyeizrnsZ_qihF7-5jzqNYs_Go4_YCsw7HEeB_rYhX2UpOt-kxZtD0QUx0rHRcpT28N32mPqeQeb9tlQ3dKACMsSAA1LxP4j1oeyV0QpFtpzQNdwoEdCJ0kgwylt2goh9chhuMh9pTnNLgsPDXs0u4hF3LeiCa07w3oABwHEDdhYTKZDOOMa-FyGWpYv1jCfRhHhKI9gkWMudlgtOxLJqIex_6QOaz6VnRM_r-XpJmK1cTNwdRqkKcMymB_To0Ln0Q1InvnLX9wYaDWu06Ke25D5BBACyJBv7wvTWz0eO_bvhw0YlWPQGEVXonH-nCs9s35TUBE0TD35l09_JS_39_TzNUGo-1ZL3ihFCAspaAig0mzaU6FJ9mxTRW0EhuzfVgp4PWkD7FlABWVm5D3s9HXFHJTdMmzgb5TIeLk_FmEFkgNo-tIBorZZHVp76hQ1Fj-Rz21lZBUEA_X2Ha0gmvNztsA_EVx9zdAMi1D5gfXeIteEk1clrvFAB4xeu53MI73qtehSe6Rwx8_AoTOoGXlwZ9RkkHPDMaD1zwsUOsdZd9UMW65sZwUYWl5vy9w39-G2iDpFMxl37YNw0gcQexbXBWcjilmVV1YoUzDqdVS3Kgl31ef_FJBI-gGGS1Mj3kHS2pQWktXKPLTUL5C7Pni5Pxaso8ZfKBMdIbMEe_9j1SMuN6_ew0Z0jS2HbeGlWY13P4nyct1aelh31Gz3jJhWA4nr0pzObh1vZx9epP7ZaLiPFcpIdEmF0ZnIWq6ULjFclkaSDBVbQ30hUDazXYKzvsWqIBgzXnQs1Wi-4LP22xRX-6bFHbCw00XkZFcS1gOpWwOavxx5nDvXQcZqthYO1VKKP5aQRymzrZjuwODr-Q_wB-Pndr0t1gmOIk9BDi42Z9q5dJRTnY2UmRwDy39ZNorfAQnZSDlRjEzCJ6pl-PysigVGxjmQ3JBkkwahVd2A2WQXTj8MPgAXwNTmaCP0RmulD0EJG1KZG3NjPT0mI2cN8DKXb_ZBLo_y9gBLd_n-mrCQv25ey6KqSZEdUWq2IjSV4boGV4X7okXMAIkJMamB9dZqu3OEzNVKTbwI3x0aaRQtcPDMiLRS6RBNow9UCivHHPRt0OZJiFQoNw908bJiLgWam73i0dF8aXruO0ktcTOtAJ1NdiaMk7EFDbSF-EpWwcMcdVgUkrvo3OAa2XdRswBSQ2NtmSOeIJaw_Ai4pn4xVwdqnGuYMkgrjMgx4iOQGkVh0TiZSxYPtfj95xIgBkLcXarPDjUGs5FPClKg18bN18gV3CEZ3wfpIJQTkhMretUSgCH6yt55zgZbR3UrSp4OTMYXbe3WsxlmNf0X3zS15m_n_sMu6yeU8rfngYN23JjGhEbbvV5z8z94_XwfpGEcISknSpfyGPN4KXX0jwZZ7-0TBw&cid=CAQSPABygQiDx2kK1v6L-j46kWASsKfZ9DzS1reh2kccbpnpvoTpLiIXJjguqkQDvRRpX8qfhdXsCBEZxBZZ_hgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fvremea.tv%2F&ds=l&xdt=1&iif=1&cor=12052730481997020000&adk=1761367587&idt=157&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a6c20fb8aa10acb53017591f884561f69b5529866a5e108ebd4ef58a53c1c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=250&adk=3895562249&adf=1613454706&pi=t.aa~a.3790863795~rp.3&w=360&fwrn=4&fwrnh=100&lmt=1681329007&rafmt=1&to=qs&pwprc=4515581995&format=360x250&url=http%3A%2F%2Fvremea.tv%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1681329007932&bpp=1&bdt=2418&idt=0&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba6d86a9ddcf780d-229c6b858edd0017%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MaDaLipldrAWSwt5ooVxZ9Ff2g5Mw&gpic=UID%3D00000be0f73b4670%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MY7JNlDi7wRKq1kMDB5oUKR72ivtg&prev_fmts=0x0%2C336x280%2C1200x280&nras=3&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=2066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&psts=AHQMDFdcFJw1VH8BXixBFWtddNCasYDuJpF8i4SYQNQNVxe0qnaYWRIMACuz2x1k_seSE-_5Rr_kLXB3U72W3PxBcVKFXw&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AQwv7VSOoJ&p=http%3A//vremea.tv&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38355
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame 6A6E 243 KB
73 KB 681ms
217ms Script
application/javascript 54.187.66.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3238758507066341&ias_chanId=1&ias_placementId=19429846202&bidurl=http://vremea.tv/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i-3K3wHj3tefyvzUDK4mgC
Requested by: Host: vremea.tv
URL: http://vremea.tv/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.66.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-66-243.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5553c5554babe6295721a6a9476b9ee7a39243e70d6e511c72db8fc4d31de0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6A6E 106 KB
37 KB 142ms
40ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 07:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Apr 2023 07:04:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230411/r20110914/elements/html/ Frame 6A6E 11 KB
4 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230411/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgO7kZIPzZ8tNslBfSPvGTiHoYOr3pAu-tY04xUshcAdQeqyWUMk5hAULdsUcBbLq4HtTCFR0cHjSwHHut6a50j21fN0bLej2PxKSFl6VWCTWROx7w2vENcP-cIJAcNa7kJc-RCx03JuQYRZTBITZFgSZp5SDpLdM_JaiIu7l1x5b2f_I&dbm_d=AKAmf-AuzPnzjBIO6-WowFS2Foo8_HSALZwv6VKjuo1RVX7ssivOVVxdQGEBukpvw7S9S-pT5ON71TUohO0aEWipRUC7WO6thoctqW5Iz7T692JNSWKm9TIwENl44LyA8jg8W92RE2mzcW0_ReDxTurOzZdT7IUdDKq65tuXyAh3jAINcX2iIQ7GwbEAYSn5vAMlNH9Z_y-fIzEtKO_kq1VR3Dwae2CLtweNkGbFmRlgTG4ewlKV1BwcBw9zgC1O2qkqD4Sm-XNv4Nm6jMRFbC3TA2NlsTZB366f5gbaPFIgjsoRayxqJbd3oaMWq3A62vwR7vL3SwkGz0g6vlPz4qZ9NLSKjJAq0Aidl7N8QaJdv1uhOWCvmBlrjN1W46_LClr6xN8peV2MWqD5H4Mu9ly3qXlF6Gd3Bz9AMoMSFniL4HLxlNmJqRv3CoXn7xlKOuI4vEhbtphmEEJI5MK9Esu3dNgbNxgy2hBax1Kecdkl6n8don6LWb0M_VMSGF_U95Ew1qrZQBRe26zsop5lDTY2D8030TbwEhAoDcjnACRANPeOGKHuWvarFGD1vPvEAcKj4XGFCH9tLbAR-BMejK3e20xfrUhiXJAXoZar2hfCmkqcTWYSRo3M2VN52T9XuZKBz0uMoSczCzTXq1xWH5CqMPT1adLM6iAOaYwDwZIfnAgLKhPSRt72Xfs8UBROK2Xi_qMpdP8Ihusi_jjyL9zTCNFU5G2LjDSon3o5XJfgE1dbxrWptFQl0_DW2l3hfVqmojgTqKjhje8saREt1a3aLrV2UkBVKA-OJ7OZlteitaqeS_Tzb86tLQFGuphhLEiwngjSG764SnYUTVeSL6-_GmF8tGsyDfFXHx-4D9f2TTpJbhD9n10qIqP46ZDtbFC4yp6R9cBOimzHZNTl0aNRVHbx8pO06h1syPqEzOXi8bvXgdKUjPp9iX6gyHboupdDbjVoR6rUL_2ljYnhXbA_dIYym3LhqOm9SGVHMV0asNOaM8AO4mPS4XaBNmvwWGt-Oog16nHYM4qy85v0PbZOTIT99nPAMNShNGF5lbFpd-HYmTFoY51NXZmdKaI2wlxYs6seE9bhySQrPl92UeDKRsCKR9S81ynqyROIjGJcmuo59gpo8h842tUEBM1W_XhA_ZWDj_wtnzN6IJ89LLsxSHi52gDJB8M61xmy-xY-LPka3QWvlt1MA-uI4g3vkmw0QSwL_58PYx-EQulhVkH_AKhASPJEixMje2tcAW_-ESfjiI7uWegHE8ce5lIs1rV1H41MDL4XNOoX3rYkpa6gKdvs-gK0qYoEDVs0LPAHzg1pizbECVXWA1VF_lc-XyESEFkyS3zkafFPJR_rnBG34GTAQpRQI-8fHHhtrk4TIsO7Jr-aj5roo83-OiboQgissT91OZWQBfvy8aimiUuQAcf7H_Q05sjIBY7aASzxDKW2kupK9657ilXY6m-HJbNxfIoi1hun2K-Q3uQGcKnAeTC-o9LEPsjUyu_rP2mEJi1av7AkoWE2y6ghL1kOKCcH0NQwef5v8DzfE_XlHWLScb_JZ9hnyDgzjeeqGKH6F0xrIlZlrSzquEuxRj9cx63iDaebsXqMkWejzFyoKHxttHUhmV7idHv36SfDFWGzVsnCazCpW_FTHtL5rSnEjHeuoZ2PE55LOjz6rOHcli0bipELkkw5cktrqzPxrp4tScCd0HLpoBjqPshHwJX4jLnpkXvdNPh5txLJAsK4P22d5zoSDJFOTE0jRb_vOs_UCWR28DcxJ7uV_bnCTVlV4f-qsVEbTps0yzK7C8K9N5EgXhMpjK2ces6D17ySF7zU51HImEguXAjJZJpkF23q7JtjhVRK2XyU3cKmZOjqQLO5t6oTxTAUwDomfqnozC18BB5ZdG8p3Ec395UKVqPHe0Nt1v_WVi7dH17NxetfwDmrHyNB8RMQuEVr647TKii-phGjaPIZqlpu2n1i1F_mnKBUwnq_hYF2M-bvpCuNQWtOP5eMg1PN4TovQ7Y2EdO3GOiPGbKljgIq6CczmiTT6f2LxmiT1cy0EgrIlO2tRyeizrnsZ_qihF7-5jzqNYs_Go4_YCsw7HEeB_rYhX2UpOt-kxZtD0QUx0rHRcpT28N32mPqeQeb9tlQ3dKACMsSAA1LxP4j1oeyV0QpFtpzQNdwoEdCJ0kgwylt2goh9chhuMh9pTnNLgsPDXs0u4hF3LeiCa07w3oABwHEDdhYTKZDOOMa-FyGWpYv1jCfRhHhKI9gkWMudlgtOxLJqIex_6QOaz6VnRM_r-XpJmK1cTNwdRqkKcMymB_To0Ln0Q1InvnLX9wYaDWu06Ke25D5BBACyJBv7wvTWz0eO_bvhw0YlWPQGEVXonH-nCs9s35TUBE0TD35l09_JS_39_TzNUGo-1ZL3ihFCAspaAig0mzaU6FJ9mxTRW0EhuzfVgp4PWkD7FlABWVm5D3s9HXFHJTdMmzgb5TIeLk_FmEFkgNo-tIBorZZHVp76hQ1Fj-Rz21lZBUEA_X2Ha0gmvNztsA_EVx9zdAMi1D5gfXeIteEk1clrvFAB4xeu53MI73qtehSe6Rwx8_AoTOoGXlwZ9RkkHPDMaD1zwsUOsdZd9UMW65sZwUYWl5vy9w39-G2iDpFMxl37YNw0gcQexbXBWcjilmVV1YoUzDqdVS3Kgl31ef_FJBI-gGGS1Mj3kHS2pQWktXKPLTUL5C7Pni5Pxaso8ZfKBMdIbMEe_9j1SMuN6_ew0Z0jS2HbeGlWY13P4nyct1aelh31Gz3jJhWA4nr0pzObh1vZx9epP7ZaLiPFcpIdEmF0ZnIWq6ULjFclkaSDBVbQ30hUDazXYKzvsWqIBgzXnQs1Wi-4LP22xRX-6bFHbCw00XkZFcS1gOpWwOavxx5nDvXQcZqthYO1VKKP5aQRymzrZjuwODr-Q_wB-Pndr0t1gmOIk9BDi42Z9q5dJRTnY2UmRwDy39ZNorfAQnZSDlRjEzCJ6pl-PysigVGxjmQ3JBkkwahVd2A2WQXTj8MPgAXwNTmaCP0RmulD0EJG1KZG3NjPT0mI2cN8DKXb_ZBLo_y9gBLd_n-mrCQv25ey6KqSZEdUWq2IjSV4boGV4X7okXMAIkJMamB9dZqu3OEzNVKTbwI3x0aaRQtcPDMiLRS6RBNow9UCivHHPRt0OZJiFQoNw908bJiLgWam73i0dF8aXruO0ktcTOtAJ1NdiaMk7EFDbSF-EpWwcMcdVgUkrvo3OAa2XdRswBSQ2NtmSOeIJaw_Ai4pn4xVwdqnGuYMkgrjMgx4iOQGkVh0TiZSxYPtfj95xIgBkLcXarPDjUGs5FPClKg18bN18gV3CEZ3wfpIJQTkhMretUSgCH6yt55zgZbR3UrSp4OTMYXbe3WsxlmNf0X3zS15m_n_sMu6yeU8rfngYN23JjGhEbbvV5z8z94_XwfpGEcISknSpfyGPN4KXX0jwZZ7-0TBw&cid=CAQSPABygQiDx2kK1v6L-j46kWASsKfZ9DzS1reh2kccbpnpvoTpLiIXJjguqkQDvRRpX8qfhdXsCBEZxBZZ_hgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fvremea.tv%2F&ds=l&xdt=1&iif=1&cor=12052730481997020000&adk=1761367587&idt=157&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 15:53:31 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230411/r20110914/ Frame 6A6E 28 KB
11 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230411/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e6a2c48ddf656dd18431ca6f656e4d671a93141d2db4f304587d74280ecfbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 16:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11036
x-xss-protection: 0
server: cafe
etag: 7166013058933939784
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 16:00:42 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6A6E 41 KB
15 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 07:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45082
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Apr 2024 07:18:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C6BB 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 05:12:40 GMT
etag: 48472445140208031
expires: Thu, 13 Apr 2023 05:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6A6E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 126f4e887c5d5390e1a7eb8be29e24335b0a521ef12a6808d1637ea6d0e48f49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C6BB 70 B
265 B 172ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJwLT7HLes7RZZ8PVJ-i4cs&google_cver=1&google_push=Aer7DvKfKd9yadMxUJUw6nB8wg4RpYoJLg1Ozgf_IdoJZjThG_sgD2Ca3j7Xn-i7lMlTh8KbpHJpk-p2-AWJiTiPNsBJapT54ist7A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=250&adk=3895562249&adf=1613454706&pi=t.aa~a.3790863795~rp.3&w=360&fwrn=4&fwrnh=100&lmt=1681329007&rafmt=1&to=qs&pwprc=4515581995&format=360x250&url=http%3A%2F%2Fvremea.tv%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1681329007932&bpp=1&bdt=2418&idt=0&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba6d86a9ddcf780d-229c6b858edd0017%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MaDaLipldrAWSwt5ooVxZ9Ff2g5Mw&gpic=UID%3D00000be0f73b4670%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MY7JNlDi7wRKq1kMDB5oUKR72ivtg&prev_fmts=0x0%2C336x280%2C1200x280&nras=3&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=2066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&psts=AHQMDFdcFJw1VH8BXixBFWtddNCasYDuJpF8i4SYQNQNVxe0qnaYWRIMACuz2x1k_seSE-_5Rr_kLXB3U72W3PxBcVKFXw&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AQwv7VSOoJ&p=http%3A//vremea.tv&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6BB
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEOBs3cGj5Nl03Hip1FtAOZc&google_cver=1&google_push=Aer7DvLFV89POUBp796TMixXTu-YB9HjZJmqdWQxKOJx72xEa9KXQljrVb2wwu8swukRmaAfxfxSVb_...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aer7DvLFV89POUBp796TMixXTu-YB9HjZJmqdWQxKOJx72xEa9KXQljrVb2wwu8swukRmaAfxfxSVb_LSA1xMIt94KcjaRC5I67wzA&google_hm=b4eVhAxITgi5yaG...

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aer7DvLFV89POUBp796TMixXTu-YB9HjZJmqdWQxKOJx72xEa9KXQljrVb2wwu8swukRmaAfxfxSVb_LSA1xMIt94KcjaRC5I67wzA&google_hm=b4eVhAxITgi5yaGUgLJtvmo

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=Aer7DvLFV89POUBp796TMixXTu-YB9HjZJmqdWQxKOJx72xEa9KXQljrVb2wwu8swukRmaAfxfxSVb_LSA1xMIt94KcjaRC5I67wzA&google_hm=b4eVhAxITgi5yaGUgLJtvmo
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6BB
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOMeu7s6949gvwkqSdEKxyE&google_cver=1&google_push=Aer7DvJiujgMgkPpgb8lL39rUf9ueRmv-gU1RaVFyXhGKtkmaEB4j0_FC4zLJ1yQ8nNfFAaeALt6jHtnVZnXZrQH0tG0...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOMeu7s6949gvwkqSdEKxyE&google_cver=1&google_push=Aer7DvJiujgMgkPpgb8lL39rUf9ueRmv-gU1RaVFyXhGKtkmaEB4j0_FC4zLJ1yQ8nNfFAaeALt6jHtnVZnXZr...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=93316797-a670-406c-8dbf-2e6b326cf7ed&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJiujgMgkPpgb8lL39rUf9ueRmv-gU1RaVFyXhGKtkmaEB4j0_FC4zLJ1yQ8nNfFAaeALt6jHtnVZnXZrQH0tG0-s9FddYeDg&google_hm=7EaAR2fBTlS86UGN3Vv4Ig==

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJiujgMgkPpgb8lL39rUf9ueRmv-gU1RaVFyXhGKtkmaEB4j0_FC4zLJ1yQ8nNfFAaeALt6jHtnVZnXZrQH0tG0-s9FddYeDg&google_hm=7EaAR2fBTlS86UGN3Vv4Ig==

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJiujgMgkPpgb8lL39rUf9ueRmv-gU1RaVFyXhGKtkmaEB4j0_FC4zLJ1yQ8nNfFAaeALt6jHtnVZnXZrQH0tG0-s9FddYeDg&google_hm=7EaAR2fBTlS86UGN3Vv4Ig==
date: Wed, 12 Apr 2023 19:50:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6BB
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMbCPlSfmyK4SHYTwn4pL1k&google_cver=1&google_push=Aer7DvLxtQ2-ZEhENHCd5of_w1epr4w6ytEp6Uw5yGQe-lxnkjjZRs4McTlw1XzobfabO-0b0Mq_cfv_gp0NQJu-uNRAVjI...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLxtQ2-ZEhENHCd5of_w1epr4w6ytEp6Uw5yGQe-lxnkjjZRs4McTlw1XzobfabO-0b0Mq_cfv_gp0NQJu-uNRAVjIVDSrXdQ&google_hm=eS1CTm1ZNWo1RTJwR2ps...

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLxtQ2-ZEhENHCd5of_w1epr4w6ytEp6Uw5yGQe-lxnkjjZRs4McTlw1XzobfabO-0b0Mq_cfv_gp0NQJu-uNRAVjIVDSrXdQ&google_hm=eS1CTm1ZNWo1RTJwR2psQmU1d0JfdEdEcVNWbVV0Q2VIa35B

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 12 Apr 2023 19:50:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLxtQ2-ZEhENHCd5of_w1epr4w6ytEp6Uw5yGQe-lxnkjjZRs4McTlw1XzobfabO-0b0Mq_cfv_gp0NQJu-uNRAVjIVDSrXdQ&google_hm=eS1CTm1ZNWo1RTJwR2psQmU1d0JfdEdEcVNWbVV0Q2VIa35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6BB
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEOMeu7s6949gvwkqSdEKxyE&google_cver=1&google_push=Aer7DvKt6VQMJ0516Tee_GFkQaKXWkDTZPxFLX-DvX9PZTu-iOwEzuZGxR2Sl9b31qpRzVnbp_phsPFJezZLw-3_6...
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEOMeu7s6949gvwkqSdEKxyE&google_cver=1&google_push=Aer7DvKt6VQMJ0516Tee_GFkQaKXWkDTZPxFLX-DvX9PZTu-iOwEzuZGxR2Sl9b31qpRzVnbp_phsPFJezZ...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=Aer7DvKt6VQMJ0516Tee_GFkQaKXWkDTZPxFLX-DvX9PZTu-iOwEzuZGxR2Sl9b31qpRzVnbp_phsPFJezZLw-3_63u2iH6DpVN9uw&google_hm=7EaAR2fBTlS8...

170 B
188 B

50ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=Aer7DvKt6VQMJ0516Tee_GFkQaKXWkDTZPxFLX-DvX9PZTu-iOwEzuZGxR2Sl9b31qpRzVnbp_phsPFJezZLw-3_63u2iH6DpVN9uw&google_hm=7EaAR2fBTlS86UGN3Vv4Ig==

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=Aer7DvKt6VQMJ0516Tee_GFkQaKXWkDTZPxFLX-DvX9PZTu-iOwEzuZGxR2Sl9b31qpRzVnbp_phsPFJezZLw-3_63u2iH6DpVN9uw&google_hm=7EaAR2fBTlS86UGN3Vv4Ig==
date: Wed, 12 Apr 2023 19:50:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6BB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=s8Oj3iIaS32AJ42j9bbeRA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=s8Oj3iIaS32AJ42j9bbeRA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKmRWondKEAR0w7EqRDQTsdHJPGtAwkXU5J9AJ2AK3mpVeYVLw3o0gu5kUEFzbidi_XGRvFDvuwWJwsK0jbWOJN7DLXPyUrlw

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=s8Oj3iIaS32AJ42j9bbeRA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKmRWondKEAR0w7EqRDQTsdHJPGtAwkXU5J9AJ2AK3mpVeYVLw3o0gu5kUEFzbidi_XGRvFDvuwWJwsK0jbWOJN7DLXPyUrlw
date: Wed, 12 Apr 2023 19:50:08 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6BB
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEF6sXlAy0AUCJS_eIPlO2DQ&google_cver=1&google_push=Aer7DvLsCihQPrhLMfijA_7FksrwRHv-qzMvkj21MIbC5U8sWGVoNz4mer_Z8cCSB4Ix2UKO006z2d_9GPqt...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLsCihQPrhLMfijA_7FksrwRHv-qzMvkj21MIbC5U8sWGVoNz4mer_Z8cCSB4Ix2UKO006z2d_9GPqts-eBz4pCtQtb1u8IhQ

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLsCihQPrhLMfijA_7FksrwRHv-qzMvkj21MIbC5U8sWGVoNz4mer_Z8cCSB4Ix2UKO006z2d_9GPqts-eBz4pCtQtb1u8IhQ

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvLsCihQPrhLMfijA_7FksrwRHv-qzMvkj21MIbC5U8sWGVoNz4mer_Z8cCSB4Ix2UKO006z2d_9GPqts-eBz4pCtQtb1u8IhQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C6BB 0
12 B 48ms
47ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LlaXzwj3OLubtOuYl6UsI4eQqn07TKlLISGJzFebf_2fjU1EyOH9543dvhA5lxck1GC7lY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 23EE 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 111710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 12:48:19 GMT
expires: Wed, 10 Apr 2024 12:48:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E985 42 B
64 B 223ms
142ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-oUuKNJH8IXk-Jn9FofA1JPXttYxRu6QN8yIeNSXVjep_Y-owWP9e0T0ZlW4v_aANMBEi3_wEluMYJOd03ZFKTIT0lyowk-5rRTm_v_jxHewOuh1R81nMwECPRUNSS9BHhZrfnw&sai=AMfl-YS51HB_TF3D9_HFNc1qcLT2WS3SbZ4LjLmP4cpnLiyVB0ESAoydYSbmpY307qPaT6rYRCSANZbqk7CH&sig=Cg0ArKJSzIc4gc-1p9egEAE&cid=CAQSGwBygQiDGTyfrYz7WxLzvbxPqYJkldlbFckYmBgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3088186576&rs=2&la=1&cr=0&vs=4&r=v&rst=1681329006230&rpt=2094&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 23EE 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:59:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 05:59:57 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8545329873006492075/ Frame A179 142 KB
22 KB 121ms
40ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 83798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22810
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 20:33:31 GMT
expires: Wed, 10 Apr 2024 20:33:31 GMT
last-modified: Wed, 09 Feb 2022 10:36:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6A6E 0
0 196ms
85ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaWEmHBqbND1JlsiFa46r6QJ5WOrb9G6zhRL32X5L0qp6Dg0ydrNtDTvvUAj-7S6NA0493-x_wMHSht_31zGbN4H1WGvMByWGXGvbF7p1cYcSBvA4cmOyy9bYzHay5egPCW9YjMLhuUduQSn_jaoPzaf1FC-oOjh1-p0CtHORdWpKW91rF5Ko6mrfhq354JFf2g80tEloKVwRuYznp98IBK2zZNpGh62jeBuxDi55D8jdOkBwOlWJizQ-CiGNgCQmQl3Ejp1IGVXD108NN8Pb4M6BvuYeDYLzeJoTihGm0yZjHPYMs02zH-2U28C0ChN3QiFF4hJM17BWKNfL6clZQCIRf7fV93kfT8THSFPgYKhgXKTx1MJ-luNX9UTI7RwKQp4u4C56Xq0JsDRB1Z0gctau-u6RonnWR0bCuRyUJpytWW_jyUU57QW_MQgWNecr6hWL7oLn4ax9N5QAsb8WECqX_Rhd-HEWYGfQCCMN4yPP23yUtJ_B8AaCGieMu8JO3OVtjfDHK5GIf5BDMjQSNdkXeGze62OBSd7cVPZ31xpeQVe69BGcO9CU6kC3ksKvHGgsCJSTW_YrDra2seLiUUXUnutnjWCHXaIrq-8raZT1V4wVEL9TdXcqS-Qhtm70bXNJJ_ALUS3oRDRbjOya3B8nnMvpPJaM0VbGf5l8Xl1qVLZgfqw1IqL1T_E6Whiori3AvQCYB6kFrnJ53MnwkjQMInBjbZqRe2YmD0GUuPvahaAbGBjuaiodWqNRrcnxex9E9ocpkQyj2PVzY8Kf3V0eloJQFb0tgncYdUjuEhnM-UpBH7jY4p4oLiT3OofyPnJXDJEq9Fb2e4y_vPh2vY4D-v07qpGwp82NeeKXKSrjBb7vuqtm6bboEsN2yGUzX6Vq5iBjfZpS2GKl0y1xObjim0t_6qTUHorwlFZfmBwFwflz-Z-yEBQH6RjNYyfTTz0ral3WsoShokokhQ_0Dpj6mccLOgCJywYUyGh1SWG0yCHc2WcjlOhNI8YrNT_76SPWHw9773-tqqeto7Lu0ObDuKhXNg-rIsGWKTZgf_8YkIdbpkC31aGuJQfJkUvJsouR7b95RuZ8_-56990Olp3a59bDWL1Hncyr2s8pWNkan88i6TdugTg8A4APmw_5c3lCIy6VDj8KMTHJJ6ngzv5KZ6nllorpV-k210ElN9EMalOIRKqQePzlKfTtl2zFoHEQgIVSsLaM&sai=AMfl-YRmi1N288iAUO9YSTtzEqHm1CLpPXKuiJb4SLdCL60ehw_ruBq4tb0V9Fdh8Ab--EIpsPqnRp8nq3ivdLSJ9b5uKXry7cmoQClgKR_5dsfkTK4gq_mA8VjfGbui0C3SIdRnVIOEm_0PL4W00kQ8OkrbIhHaGvPyrp-ByisQp_JDwwcrABujvA6D4xJG-MXkx-gQyDtFJxqsrUbGkk3XCSV4EvwRolPvPpaMmorr2AsxOBLTKF0IIHbyc8FYkKrVupruXkI&sig=Cg0ArKJSzECIB4f6nzb8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&cbvp=1&cstd=197&cisv=r20230411.46978&arae=0&ftch=1&adurl=

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 19:50:09 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 12 Apr 2023 19:50:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23EE 0
20 B 146ms
146ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4BmycQs3ZOGEB-fUx_APwbqtyAcAAAAAOAHgBAI&bg=!tLelt-PNAAYIJb0jKCU7ADkAdvg8WlJ054hoJIK8vqozeRMXwm_SjDzXoiHVh25icOyJxgVsIU0BtwMGcizd7zrLW_UDKJ2Jfl4CAAAAR1IAAAADaAEHmQLq5lgKAMXaQ2kh9GhE9qm0S4Dobb548e9V8tBzzcvyFq-JhFxplM59ttgtoE61uVDuVEvjpbFZgaUuN194EAoCle7GdwBynfi6m62N8JrBi5_lB73X0ou90K2hQSKXTDg96XPvBDeo8w6cZ0V4uVo0cXFps7mKWMreDCumHVZLfSTfVPvHmjspq590NnGkpNXFCu9ydb2MNtSa1Cu2itbMNrLpTPFbTfJvggQanzccCrnsSR8aZhEbznsISo5V_ozU1tLxK_qFL--N4YEKjF0FMX1uptpIXGpLaVK46zB39XdzsocGZwJDcV9mmMNanjFB1EccUJr-2l-WlwtZh5FO_cfb-KMCOsnAm_daatBBSsXkYTFPuqw-PX3xi7BY9n459dyadgurA10A1NRHCMwqEh4LTRq0q19DlghC_BPnvFCaR9MIBlZ8xkx-_4y4ZqbR3kKVnCnuvWBDMt-55AkgATnJg7nRZ3rz5VOSTA8wnLhno7HOup0lD0b96Wy3aP6Hle-KRE6slvWi3zpu88Q1GHgJyASujpxpjX6rp6CF2tnJpxJk1t98paKlA2cf3Wn8unl1H-wdfb53si2tZFnafB81pitXjQKfqldDirCzotwUTMfRkXe2KR0Tsf04ojwgCdTfm6enx-iNHg3Zr6nEczMvxjxIwoxpbhGVzhYaKbVn42Ozt3QxoC7fhZlAPFRrBRldGJvwCbrrPWj3fetkASye-QWHaLfEiyNWKzV9if_22stwMZ_bGWJD4AqFlmW1rb7bYtv5oI6Q9YdUZNPX-jNP4rmlxvKZai7ErUY8MCP9slm1dWEsTKxqKD2YyWDq8D0AsNCMcQyJz7-71WdWVHNt4Qndy7Vs56NsRRdf9D9ZRQb4KsoTCQ6Jn8bEAsej9eX1N7VR3Ld_ZRGtvBaSlO3QDpbp-PU9Z-3Hs-A1y3JycZaBb-7cXG_84iPlegFLJga1VkBxZCQHBOv7Q-BL34YPgEfuEDFkSEc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 69F5 42 B
64 B 143ms
143ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBwI56IzWBvFszl45nPzYp4F2NTBGCZK8jS2yMlUAu_G8U_HUJzX02nTVrwHRLJM954EeTb1DpYvooLcE0L05l8YfsLskxAim88lkKNhYS4b7WLowOf3wGKIob-kNg0Dn3scGcpA&sai=AMfl-YQCZTTwLVANyYdvNtKaXJQfWcLw8qSK90YH-TnrMUV3ji4kcgc55917bXlRwxFGxrqSWUgqbLu5PVzp&sig=Cg0ArKJSzBITPnZ09j1uEAE&cid=CAQSGwBygQiD74Pe2VoWqObh_qqPuWPzAYcoaDyIjRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=106,792,1000,1081,1081&tos=106,686,208,81,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1681329008098&rpt=323&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A179 29 KB
10 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 18:05:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Apr 2023 18:05:12 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6A6E 0
0 77ms
77ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaWEmHBqbND1JlsiFa46r6QJ5WOrb9G6zhRL32X5L0qp6Dg0ydrNtDTvvUAj-7S6NA0493-x_wMHSht_31zGbN4H1WGvMByWGXGvbF7p1cYcSBvA4cmOyy9bYzHay5egPCW9YjMLhuUduQSn_jaoPzaf1FC-oOjh1-p0CtHORdWpKW91rF5Ko6mrfhq354JFf2g80tEloKVwRuYznp98IBK2zZNpGh62jeBuxDi55D8jdOkBwOlWJizQ-CiGNgCQmQl3Ejp1IGVXD108NN8Pb4M6BvuYeDYLzeJoTihGm0yZjHPYMs02zH-2U28C0ChN3QiFF4hJM17BWKNfL6clZQCIRf7fV93kfT8THSFPgYKhgXKTx1MJ-luNX9UTI7RwKQp4u4C56Xq0JsDRB1Z0gctau-u6RonnWR0bCuRyUJpytWW_jyUU57QW_MQgWNecr6hWL7oLn4ax9N5QAsb8WECqX_Rhd-HEWYGfQCCMN4yPP23yUtJ_B8AaCGieMu8JO3OVtjfDHK5GIf5BDMjQSNdkXeGze62OBSd7cVPZ31xpeQVe69BGcO9CU6kC3ksKvHGgsCJSTW_YrDra2seLiUUXUnutnjWCHXaIrq-8raZT1V4wVEL9TdXcqS-Qhtm70bXNJJ_ALUS3oRDRbjOya3B8nnMvpPJaM0VbGf5l8Xl1qVLZgfqw1IqL1T_E6Whiori3AvQCYB6kFrnJ53MnwkjQMInBjbZqRe2YmD0GUuPvahaAbGBjuaiodWqNRrcnxex9E9ocpkQyj2PVzY8Kf3V0eloJQFb0tgncYdUjuEhnM-UpBH7jY4p4oLiT3OofyPnJXDJEq9Fb2e4y_vPh2vY4D-v07qpGwp82NeeKXKSrjBb7vuqtm6bboEsN2yGUzX6Vq5iBjfZpS2GKl0y1xObjim0t_6qTUHorwlFZfmBwFwflz-Z-yEBQH6RjNYyfTTz0ral3WsoShokokhQ_0Dpj6mccLOgCJywYUyGh1SWG0yCHc2WcjlOhNI8YrNT_76SPWHw9773-tqqeto7Lu0ObDuKhXNg-rIsGWKTZgf_8YkIdbpkC31aGuJQfJkUvJsouR7b95RuZ8_-56990Olp3a59bDWL1Hncyr2s8pWNkan88i6TdugTg8A4APmw_5c3lCIy6VDj8KMTHJJ6ngzv5KZ6nllorpV-k210ElN9EMalOIRKqQePzlKfTtl2zFoHEQgIVSsLaM&sai=AMfl-YRmi1N288iAUO9YSTtzEqHm1CLpPXKuiJb4SLdCL60ehw_ruBq4tb0V9Fdh8Ab--EIpsPqnRp8nq3ivdLSJ9b5uKXry7cmoQClgKR_5dsfkTK4gq_mA8VjfGbui0C3SIdRnVIOEm_0PL4W00kQ8OkrbIhHaGvPyrp-ByisQp_JDwwcrABujvA6D4xJG-MXkx-gQyDtFJxqsrUbGkk3XCSV4EvwRolPvPpaMmorr2AsxOBLTKF0IIHbyc8FYkKrVupruXkI&sig=Cg0ArKJSzECIB4f6nzb8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=393&vt=11&dtpt=193&dett=3&cstd=197&cisv=r20230411.46978&arae=0&ftch=1&adurl=

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Apr 2023 19:50:09 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame A179 2 KB
1 KB 43ms
42ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Apr 2023 20:02:46 GMT

GET
H3 200 flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame A179 4 KB
2 KB 76ms
75ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1508
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Apr 2023 20:05:09 GMT

GET
H3 200 head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame A179 11 KB
3 KB 54ms
53ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3285
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Apr 2023 19:58:08 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame A179 4 KB
2 KB 52ms
51ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:43:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Apr 2023 19:58:04 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame A179 6 KB
2 KB 51ms
51ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Apr 2023 19:56:00 GMT

GET
H3 200 300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame A179 38 KB
38 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:44:25 GMT
x-content-type-options: nosniff
age: 344
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38528
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Apr 2023 19:59:25 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 6A6E
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3238758507066341&ias_chanId=1&ias_placementId=19429846202&bidurl=http://vremea.tv/&ias_dea...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

39ms
39ms

Script
application/javascript

2600:9000:223f:400:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=250&adk=3895562249&adf=1613454706&pi=t.aa~a.3790863795~rp.3&w=360&fwrn=4&fwrnh=100&lmt=1681329007&rafmt=1&to=qs&pwprc=4515581995&format=360x250&url=http%3A%2F%2Fvremea.tv%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1681329007932&bpp=1&bdt=2418&idt=0&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba6d86a9ddcf780d-229c6b858edd0017%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MaDaLipldrAWSwt5ooVxZ9Ff2g5Mw&gpic=UID%3D00000be0f73b4670%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MY7JNlDi7wRKq1kMDB5oUKR72ivtg&prev_fmts=0x0%2C336x280%2C1200x280&nras=3&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=2066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&psts=AHQMDFdcFJw1VH8BXixBFWtddNCasYDuJpF8i4SYQNQNVxe0qnaYWRIMACuz2x1k_seSE-_5Rr_kLXB3U72W3PxBcVKFXw&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AQwv7VSOoJ&p=http%3A//vremea.tv&dtd=4
Protocol: H2
Server: 2600:9000:223f:400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 03:05:12 GMT
x-amz-version-id: UABD4oUJXAMWIvJgxkiK4f6ybdMspHHY
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 492299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 21 Mar 2023 18:43:32 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 18YO3OTWddQsg3g94IU2wvafUQ0CtIVybTtIJCt8oR2L-IJBh4Uzng==

Redirect headers

pragma: no-cache
date: Wed, 12 Apr 2023 19:50:10 GMT
server: nginx
x-server-name: app05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame C1F9 91 KB
23 KB 214ms
52ms Script
application/javascript 2600:9000:223f:400:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3238758507066341&output=html&h=250&adk=3895562249&adf=1613454706&pi=t.aa~a.3790863795~rp.3&w=360&fwrn=4&fwrnh=100&lmt=1681329007&rafmt=1&to=qs&pwprc=4515581995&format=360x250&url=http%3A%2F%2Fvremea.tv%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1681329007932&bpp=1&bdt=2418&idt=0&shv=r20230411&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dba6d86a9ddcf780d-229c6b858edd0017%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MaDaLipldrAWSwt5ooVxZ9Ff2g5Mw&gpic=UID%3D00000be0f73b4670%3AT%3D1681329006%3ART%3D1681329006%3AS%3DALNI_MY7JNlDi7wRKq1kMDB5oUKR72ivtg&prev_fmts=0x0%2C336x280%2C1200x280&nras=3&correlator=4923295086925&frm=20&pv=1&ga_vid=95655730.1681329006&ga_sid=1681329006&ga_hid=45544892&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1010&ady=2066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&psts=AHQMDFdcFJw1VH8BXixBFWtddNCasYDuJpF8i4SYQNQNVxe0qnaYWRIMACuz2x1k_seSE-_5Rr_kLXB3U72W3PxBcVKFXw&pvsid=3419308478080113&tmod=2081266803&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=AQwv7VSOoJ&p=http%3A//vremea.tv&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 17554434
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: omus-rAiOktvFsdrfaHnZUWDDMac_V0ayo6mnIvqtHdSpkMlEJ6ZBA==

GET dt
dt.adsafeprotected.com/ Frame 6A6E 0
0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6A6E 0
26 B 157ms
76ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4YwzeYhxluRLEIgYL8ZCj5blyNo1J5fXIJlTusIGFICz0yb5KQ61nSnL3Gju-pAsGgRpSH_sij2evN-9KDvHzBnKlLaVYrEKE-htTa7tqaCkHj9FzVNl1Jdk_5JQcWZrqrUqN5ysAEcYGISZNUoaDwoFNCg&sai=AMfl-YSANbp7Q5rA6E8kMpqWOanPUcYV7SSu10qJPumH0jAx2NkdcFcHJOOiJNlDLcohTVLkXVnkJ2iUJZd2agUUNpeJU2VlSATPntsWDa3NW058W4oKB-LVnLCE_YDU5v0&sig=Cg0ArKJSzKOH0rAOzfutEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: vremea.tv
URL: http://vremea.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:50:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 passback_300x250.js Show response
static.adsafeprotected.com/ Frame 79D4 3 KB
2 KB 39ms
39ms Script
application/javascript 2600:9000:223f:400:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_300x250.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
date: Fri, 07 Apr 2023 20:24:57 GMT
x-amz-cf-pop: FRA56-P5
age: 429914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:42 GMT
server: AmazonS3
etag: W/"44f0ac540dc9c11f94344414c879b658"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: ti74PXJsZf5oXT6H-BpZUZDfErRTynEBjA2sg46Ez16J2EfxiYd88Q==

GET
H2 200 IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame 79D4 14 KB
14 KB 44ms
44ms Image
image/png 2600:9000:223f:400:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
date: Tue, 11 Apr 2023 12:56:12 GMT
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 111239
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 14233
last-modified: Fri, 18 Feb 2022 23:28:59 GMT
server: AmazonS3
etag: "65a8b98b798ce416d94c2847aca40c71"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: PTKAOpY6LqW6sVY6QYn8Q3fq_3hjiHSGK6OOBW3d6JkVf0gZTedrdQ==

GET dt
dt.adsafeprotected.com/ Frame 6A6E 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=b9b63d27-f4ab-5191-2b86-ca8c346955d1&tv=%7Bc:9BoImH,pingTime:-3,time:40,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:40,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tBffblt+11%7C12%7C131%7C141%7C151*.990511-61634100%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C171%7C181%7C191,idMap:151*,rmeas:1,rend:0,renddet:na,siq:22%7D&br=c

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=b9b63d27-f4ab-5191-2b86-ca8c346955d1&tv=%7Bc:9BoImI,pingTime:-6,time:41,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:41,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tBffblt+11%7C12%7C131%7C141%7C151*.990511-61634100%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C171%7C181%7C191,idMap:151*,rmeas:1,rend:0,renddet:na,siq:22%7D&tpiLookup=ao:vremea.tv%2Cgoogleads.g.doubleclick.net*&br=c

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=b9b63d27-f4ab-5191-2b86-ca8c346955d1&tv=%7Bc:9BoImK,pingTime:-2,time:44,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1390,beZ:1391,mfA:1394,cmA:1395,inA:1396,inZ:1400,prA:1401,prZ:1406,si:1411,poA:1412,poZ:1427,cmZ:1427,mfZ:1427,loA:1431,loZ:1432,ltA:1433,ltZ:1433%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:44,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tBffblt+11%7C12%7C131%7C141%7C151*.990511-61634100%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C171%7C181%7C191,idMap:151*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:22,sinceFw:20,readyFired:true%7D&br=c

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=b9b63d27-f4ab-5191-2b86-ca8c346955d1&tv=%7Bc:9BoIuQ,pingTime:-10,time:545,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTExLjAuNTU2My4xNDYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002022202222222002020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1681329010840%7C%7C85799d8a68dac5f8255e0a1d2c091fc7%7C%7C54018389c7a32a8d685baa10091bc39c%7C%7C37bdada549ab93a29e921c11f233cadf%7C%7C4a28f342ab07fd5890000b9e277dcb56%7C%7Cf5b11c5a18827b7609da8c9bec6f340d%7C%7C604b032e83a00c31ecc646fa17ff1913%7C%7Ce7af5f6642660d8135c729181dcd146d%7C%7C1663701684%7D

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vremea.tv/	1970-01-20 11:03:35	Name: _gid Value: GA1.2.1525273517.1681329006
.vremea.tv/	1970-01-20 11:02:09	Name: _gat Value: 1
.vremea.tv/	1970-01-20 20:38:09	Name: _ga_QYJ6V2JD3J Value: GS1.1.1681329006.1.0.1681329006.0.0.0
.vremea.tv/	1970-01-20 20:38:09	Name: _ga Value: GA1.1.95655730.1681329006
.vremea.tv/	1970-01-20 20:23:45	Name: __gads Value: ID=ba6d86a9ddcf780d-229c6b858edd0017:T=1681329006:RT=1681329006:S=ALNI_MaDaLipldrAWSwt5ooVxZ9Ff2g5Mw
.vremea.tv/	1970-01-20 20:23:45	Name: __gpi Value: UID=00000be0f73b4670:T=1681329006:RT=1681329006:S=ALNI_MY7JNlDi7wRKq1kMDB5oUKR72ivtg
.doubleclick.net/	1970-01-20 20:23:45	Name: IDE Value: AHWqTUlShkKMUuEpFem9ip2vOEts6hzQzo-gDSSjumkbnb57vkuDwTwa5gRNcOW1YcI
.doubleclick.net/	1970-01-20 11:02:12	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 13:11:45	Name: uuid2 Value: 4258189093544930783
.casalemedia.com/	1970-01-20 13:11:45	Name: CMPS Value: 1119
.casalemedia.com/	1970-01-20 13:11:45	Name: CMPRO Value: 1119
.adnxs.com/	1970-01-20 13:11:45	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlerBk*L!]tbPl1M>e)ZlrFUfJ+tGXxp2AaB=Vb=z-'K1B1bG4AbT_(fF?Yvp$gK<DNY3If)y3KL9D3I?+=Njjlw
.casalemedia.com/	1970-01-20 19:47:45	Name: CMID Value: ZDcLcU2MGCDFSbeN7Jm1fQAA
.ctnsnet.com/	1970-01-20 19:47:45	Name: gid_CAESEOBs3cGj5Nl03Hip1FtAOZc Value: 1
.ctnsnet.com/	1970-01-20 19:47:45	Name: cid_6f8795840c484e08b9c9a19480b26dbe Value: 1
.bidswitch.net/	1970-01-20 19:47:45	Name: c Value: 1681329009
.bidswitch.net/	1970-01-20 19:47:45	Name: tuuid_lu Value: 1681329009
.bidswitch.net/	1970-01-20 19:47:45	Name: tuuid Value: ec468047-67c1-4e54-bce9-418ddd5bf822
.yahoo.com/	1970-01-20 19:48:06	Name: A3 Value: d=AQABBHELN2QCEOmpwNOS2kALM8aF4yhvoLoFEgEBAQFcOGRAZAAAAAAA_eMAAA&S=AQAAAh2mo8lUGIj4qBllUMlf9aI
ads.avct.cloud/	1970-01-20 19:47:45	Name: uuid Value: 93316797-a670-406c-8dbf-2e6b326cf7ed
.pubmatic.com/	1970-01-20 11:03:35	Name: KTPCACOOKIE Value: YES

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://vremea.tv/img/icons-wx-.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://graph.facebook.com/2010383092616632/picture Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avct.cloud
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
ib.adnxs.com
image6.pubmatic.com
img.youtube.com
ipac.ctnsnet.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
s0.2mdn.net
s3-eu-west-1.amazonaws.com
static.adsafeprotected.com
tpc.googlesyndication.com
vremea.tv
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
dt.adsafeprotected.com
142.250.181.226
142.250.184.226
18.156.85.82
185.80.39.216
185.89.210.46
192.82.242.209
2001:4860:4802:34::36
2600:9000:223f:400:8:48e:53c0:93a1
2a00:1450:4001:800::200a
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a03:2880:f01c:800e:face:b00c:0:2
2a05:d018:d29:3605:5a00:a9cf:83b3:fc4
35.186.193.173
35.71.131.137
51.89.9.254
52.17.114.61
52.218.104.194
54.171.137.99
54.187.66.243
00070fee7703f74a8f3fb549172e55075aec3b16950270497490dc4031426858
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
0368f5e99f73c43a418b2c3f60a86c04bee2dc620b87f95b0b05091e7bd2f975
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
06e7cfc33099ad5ee212809eba92a05111f953f6da171cca9b1c07a5dec736bc
077d26b1a58dd6c282fa6e15c00699a6c303a65f40e32c13da3755c53330e6d1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1197d95bbd94c2fb4f9f747ea93352188a59edd4644b494dfd8b32c6893f6649
126f4e887c5d5390e1a7eb8be29e24335b0a521ef12a6808d1637ea6d0e48f49
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
148dd805c0cca6f54f717d87b0056c2dc0317c7dbe15bee7838f26fdcad64fa9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a6bb174d735a599e2a6d6cb4baa300ba715a4a1f7b4dee2f95bca71d7c8518a
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
2089b8870812fe00520822b003e514a9a904b2f6a4b0dc15c6618046444e82da
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
29c9e8752f25b17961e3c6ff72de34b1f1a157dfc5fabb68bd148b8ec9002b17
2a271877bd7e13e7f46859858f7a8dd9456713c148707f83b4ef74f8987a1d60
2b4957a7f933f96010b047a01b880c578634675d0958104a6abbc15eb9bbbbaf
2d408b3407069eccc933306dcd72b68ff95b8455af8645256ef2049c605f4d65
2e6a2c48ddf656dd18431ca6f656e4d671a93141d2db4f304587d74280ecfbe4
313390efb2ef7507bb13a59937b62210695b1d0e624cb74ce063d4110c68f542
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317dd17ec383067d5aa635f481a189cd1dfa265f4d658dcc06d2a94d6665464c
35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2
394d8aef152e2761682bb1279091cfce7828660ece0b701a4fbdc4cebe4f1ea0
3cc5ff3310398e45d6145ecac8bd447ea437936aa44d9b625878aa0a292aa226
44bc9a63017fca8c0b703ff18b42914c8b45450b1bbc3e38115198f99efb2afe
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
45fea11e259cb9648a0a336e4a144a514f33a527ea978af733a4639ec6fa67cb
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
499f3f556fa82e2aaeba97713f700c5cf5ce7f87c9c81abc9054185c9ca8897b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cdea6114a57afc5479b6618d9e5d61d165c27a1cd9e935f97eb6e51ed11345e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5553c5554babe6295721a6a9476b9ee7a39243e70d6e511c72db8fc4d31de0d9
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a3854344ba3a992b968b9f208e97a8b70ce4d52921d37cee163e9ee35efcb00
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db
7d4ac0890a6b5e48a77388289e1eb109077a39e5c71c556dc993a157eb566a4e
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
8016ad4ab0c235de5f088713fbcf0e3f43c0732f4d346bf073a61a1146126166
82c846c07d28766314f5cc0e8fe3821795348c1bec92b6ceb58c88a68e0882f6
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8a6c20fb8aa10acb53017591f884561f69b5529866a5e108ebd4ef58a53c1c93
8b79921f081e88341401040c57d00d856fdd5637ab57afbd102e367a0702fe35
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbcfcd48707ef2883452073311c37075a18a293c6716c3be0aa91ab3bd36b43
941b53f2219d9886aeaf98846918ce12748d5239bf8ffebc1216efca419de12a
99f4c3c808122fd74495858d6de9689c802e5636b03ee81398a3b8706ce70b3d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02c28dee2269f9fae99418dfc505fc4d9900160821ef1385e55b245b24713e7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50f09da043009c3e1d009aa9293c71c3e18aae8d484d142f1702633676a9bc4
a9f365b538215baaa59f350e7bdbbef5c604ec2b7fd6638eff47bdf64c1d666f
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b8bc0c6575e3f3ef0c7f6f58ca67b95bf5f2de21b2c9e5a5d968741291dc15c9
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bc50641c2fb0d2529d0c9093b1d4907564ba87dba818c6f240cfe5d2d4b020d0
c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14
c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9
c4c4de212da23851d048773fafcea78fa9f4e33b98cf5b15852eddc348eb30fb
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ce384d6541fb26871908cec97ea6862d2bd176a60617591fc7db2a179dd5208e
ce5b8e14337dd1dfd4e89440d971fccdeb71aef1292fdcfc282dcf935958feca
d1c63fee5d64b0f41e08d3a8b82fd2d239bb805c67945b32e090312669cdc0d8
d4832b2d3bd0b6d899c05c82c212cacde11140f6f7c8a9208974a9bf475597c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5437b986a98d4f035858502dc2027b1ed9e81c6cbe626662af97e82e922e448
e79b6b0f3db469b2cf611023ef64e2ca041c69424f4b159c8fd53137d7a15b24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ec55590b4975f100400af0eac637989df72263315ad2bd36fc934c628994de
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

vremea.tv Open in urlscan Pro 54.171.137.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

166 Requests

76 %HTTPS

62 %IPv6

25 Domains

35 Subdomains

29 IPs

5 Countries

2366 kBTransfer

5641 kBSize

21 Cookies

8 Outgoing links

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vremea.tv Open in urlscan Pro
54.171.137.99 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

76 %
HTTPS

62 %
IPv6

25
Domains

35
Subdomains

29
IPs

5
Countries

2366 kB
Transfer

5641 kB
Size

21
Cookies

166 HTTP transactions
6 data transactions