urlscan.io logo urlscan.io
SecurityTrails logo

viber.angryuser.help Open in urlscan Pro
89.184.70.208  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.viber.angryuser.help/
Effective URL: https://viber.angryuser.help/
Submission: On October 20 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 120 HTTP transactions. The main IP is 89.184.70.208, located in Ukraine and belongs to MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA. The main domain is viber.angryuser.help.
TLS certificate: Issued by R3 on October 20th 2021. Valid for: 3 months.
This is the only time viber.angryuser.help was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 89.184.70.208 28907 (MIROHOST ...)
6 142.250.184.234 15169 (GOOGLE)
1 142.250.185.72 15169 (GOOGLE)
12 216.58.212.130 15169 (GOOGLE)
11 142.250.185.99 15169 (GOOGLE)
2 95.213.129.125 49505 (SELECTEL)
17 142.250.185.66 15169 (GOOGLE)
3 142.250.186.174 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
3 142.250.186.162 15169 (GOOGLE)
7 136.243.130.81 24940 (HETZNER-AS)
1 74.125.140.155 15169 (GOOGLE)
4 142.250.186.131 15169 (GOOGLE)
23 216.58.212.129 15169 (GOOGLE)
4 142.250.185.226 15169 (GOOGLE)
3 5 142.250.186.100 15169 (GOOGLE)
120 18
23    89.184.70.208 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: ds67.mirohost.net
www.viber.angryuser.help
viber.angryuser.help
6    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
1    142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net
www.googletagmanager.com
12    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
pagead2.googlesyndication.com
11    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
2    95.213.129.125 (Russian Federation)

ASN49505 (SELECTEL, RU)
cackle.me
17    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.de
3    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
www.google-analytics.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
partner.googleadservices.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
adservice.google.de
3    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
adservice.google.com
7    136.243.130.81 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.81.130.243.136.clients.your-server.de
i.cackle.me
1    74.125.140.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f155.1e100.net
stats.g.doubleclick.net
4    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
www.gstatic.com
23    216.58.212.129 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f1.1e100.net
tpc.googlesyndication.com
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googletagservices.com
5    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
Domain Requested by
23 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
22 viber.angryuser.help viber.angryuser.help
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
12 pagead2.googlesyndication.com viber.angryuser.help
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
11 fonts.gstatic.com fonts.googleapis.com
7 i.cackle.me cackle.me
i.cackle.me
viber.angryuser.help
6 fonts.googleapis.com viber.angryuser.help
googleads.g.doubleclick.net
5 www.google.com 3 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 www.googletagservices.com googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
viber.angryuser.help
2 cackle.me viber.angryuser.help
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com viber.angryuser.help
1 www.viber.angryuser.help 1 redirects
120 18

This site contains links to these domains. Also see Links.

Domain
cackle.me
gravatar.com
Subject Issuer Validity Valid
viber.angryuser.help
R3		 2021-10-20 -
2022-01-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.cackle.me
Sectigo RSA Domain Validation Secure Server CA		 2021-10-20 -
2022-10-20		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 18 frames:

Primary Page: https://viber.angryuser.help/
Frame ID: 128BC1DBB364033B04FC35C65EB1A354
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20190131/zrt_lookup.html
Frame ID: 390861DD50CA1EC68C6455F75900C83F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&adk=1812271804&adf=3025194257&lmt=1623927199&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fviber.angryuser.help%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773320600&bpp=3&bdt=249&idt=82&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5596527187682&frm=20&pv=2&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=102
Frame ID: 79B4555577346514756ACA454920C5B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
Frame ID: 7D703B87F9C6F40DF90D3B017738F3FB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
Frame ID: 519CB1ADFD241CAD229D4E5C27F70865
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Frame ID: 887D75385314086A50FABA75A9830A1E
Requests: 14 HTTP requests in this frame

Frame: https://i.cackle.me/xdm/index.html?xdm_e=https%3A%2F%2Fviber.angryuser.help&xdm_c=default7832&xdm_p=1
Frame ID: A6DEAE6D31618B9932097A2BC3D56078
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5F3A630F6EB012A02763131632B1673D
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 97AEFD52A431E8AD2B41AC93BD052BD7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 33BBDCA13A0E5CE15AFE52330471B3CD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2D6E9935D0317CF735F371F36D95267C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 07F9E0820D3A4A5217E8FFE588F51DDD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CB8183CD2D94ECC59FF9DADB8BEDAD5A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 05996394760689EC8CBB0E85AAE5E2AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: D359F1A4E1484E6C36BCCC081EDA259F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 987E93539D67781505B7F69C140A1FBF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 34A33782F1220ECA202166909950E849
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4B893B71D49D5938C3AE49C0B0F6947A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Скачать Viber (Вайбер) бесплатно и на русском языке последнюю версию

Page URL History Show full URLs

  1. https://www.viber.angryuser.help/ HTTP 301
    https://viber.angryuser.help/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

120
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

18
Subdomains

18
IPs

4
Countries

1459 kB
Transfer

3358 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.viber.angryuser.help/ HTTP 301
    https://viber.angryuser.help/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 84
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 112
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

120 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
viber.angryuser.help/
Redirect Chain
  • https://www.viber.angryuser.help/
  • https://viber.angryuser.help/
47 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
4df4c366dca54d8da7f6d5da113b4e74cb2bc90d6aedca4056b52aebf8f4e5eb
Security Headers
Name Value
Strict-Transport-Security max-age=300;

Request headers

:method
GET
:authority
viber.angryuser.help
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 20 Oct 2021 23:42:00 GMT
content-type
text/html; charset=UTF-8
content-length
9744
last-modified
Thu, 17 Jun 2021 10:53:19 GMT
vary
Accept-Encoding
content-encoding
gzip
front-end-https
on
strict-transport-security
max-age=300;

Redirect headers

server
nginx
date
Wed, 20 Oct 2021 23:41:59 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://viber.angryuser.help/
x-redirect-by
WordPress
front-end-https
on
strict-transport-security
max-age=300;
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
8c0c6175278a9af9636b961d65cdd18841671e678071edce1c9784b318759233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 23:41:02 GMT
server
ESF
date
Wed, 20 Oct 2021 23:42:00 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 20 Oct 2021 23:42:00 GMT
style.min.css
viber.angryuser.help/wp-content/themes/root/css/ 		156 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://viber.angryuser.help/wp-content/themes/root/css/style.min.css
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
bfbc63d69e0eb15c6f214d18bc2b7a8cd9b4fec24465de8ab7b781499b9f71cd

Request headers

:path
/wp-content/themes/root/css/style.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 11:07:27 GMT
server
nginx
etag
W/"606457ef-26fd2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=950400 public, must-revalidate, proxy-revalidate
expires
Sun, 31 Oct 2021 23:42:00 GMT
style.css
viber.angryuser.help/wp-content/themes/root_child/ 		278 B
491 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://viber.angryuser.help/wp-content/themes/root_child/style.css
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
53cb486a3f6a61535fd7bb4fa01a15a1b1154f18e5f14ce32950ec257bc66aba

Request headers

:path
/wp-content/themes/root_child/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
last-modified
Tue, 30 Mar 2021 11:01:29 GMT
server
nginx
etag
"60630509-116"
content-type
text/css
cache-control
max-age=950400 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
278
expires
Sun, 31 Oct 2021 23:42:00 GMT
jquery.min.js
viber.angryuser.help/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viber.angryuser.help/wp-includes/js/jquery/jquery.min.js
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/wp-includes/js/jquery/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 22:57:12 GMT
server
nginx
etag
W/"60f754c8-15db1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=950400 public, must-revalidate, proxy-revalidate
expires
Sun, 31 Oct 2021 23:42:00 GMT
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113983595-2
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
41a22495ee891a9862720371d8b4b658b1a8253f57fd3cc8d6831b6ef73c1b99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
36832
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 21:30:03 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Oct 2021 23:42:00 GMT
style.css
viber.angryuser.help/wp-topfile/ 		2 KB
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://viber.angryuser.help/wp-topfile/style.css
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
df42d0b316c933ceeb43f242160d8082bca3e54a40ec7cd13cdbe29762fb19b4

Request headers

:path
/wp-topfile/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 12:23:18 GMT
server
nginx
etag
W/"606469b6-76d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=950400 public, must-revalidate, proxy-revalidate
expires
Sun, 31 Oct 2021 23:42:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
50e0e1413581dfc4b7261c494da902f7b39388ebb06b354b2adfffb7995d8720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51000
x-xss-protection
0
server
cafe
etag
6209827068384171329
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 23:42:00 GMT
icon-viber.png
viber.angryuser.help/wp-content/uploads/2018/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viber.angryuser.help/wp-content/uploads/2018/09/icon-viber.png
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
5353cc52ef5242059ad7e37d98fabf44a7a13140ac223017692d303266e4d498

Request headers

:path
/wp-content/uploads/2018/09/icon-viber.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
last-modified
Tue, 30 Mar 2021 11:07:02 GMT
server
nginx
etag
"60630656-83a"
content-type
image/png
cache-control
max-age=7776000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
2106
expires
Tue, 18 Jan 2022 23:42:00 GMT
swiper.min.js
viber.angryuser.help/wp-content/themes/root/js/ 		122 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viber.angryuser.help/wp-content/themes/root/js/swiper.min.js
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
7481ca08ab9f3cba9123f51023007c2132b1b31c09009c0a9dca77c1c2c98631

Request headers

:path
/wp-content/themes/root/js/swiper.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 11:07:27 GMT
server
nginx
etag
W/"606457ef-1e727"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=950400 public, must-revalidate, proxy-revalidate
expires
Sun, 31 Oct 2021 23:42:00 GMT
lightbox.js
viber.angryuser.help/wp-content/themes/root/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viber.angryuser.help/wp-content/themes/root/js/lightbox.js
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
2a1e5f133bda3e06c7120cd15b93f918e47e43b57838d22dbb2f84fba0dc37d5

Request headers

:path
/wp-content/themes/root/js/lightbox.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 11:07:27 GMT
server
nginx
etag
W/"606457ef-bd2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=950400 public, must-revalidate, proxy-revalidate
expires
Sun, 31 Oct 2021 23:42:00 GMT
scripts.min.js
viber.angryuser.help/wp-content/themes/root/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viber.angryuser.help/wp-content/themes/root/js/scripts.min.js
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
9ab327a1b2500b2d50c3567e7b4acd32e9521404f30bad79ec5a7ca83aaf8238

Request headers

:path
/wp-content/themes/root/js/scripts.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 11:07:27 GMT
server
nginx
etag
W/"606457ef-1d5c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=950400 public, must-revalidate, proxy-revalidate
expires
Sun, 31 Oct 2021 23:42:00 GMT
comment-reply.min.js
viber.angryuser.help/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viber.angryuser.help/wp-includes/js/comment-reply.min.js
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path
/wp-includes/js/comment-reply.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 11:00:00 GMT
server
nginx
etag
W/"60781cb0-ba8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=950400 public, must-revalidate, proxy-revalidate
expires
Sun, 31 Oct 2021 23:42:00 GMT
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1ac53e44767e808ff66b3ce88ebed0049f3d9cba0d1af7554c94bfe0b29b85b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viber.angryuser.help
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:38:41 GMT
x-content-type-options
nosniff
age
25399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 16:38:41 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viber.angryuser.help
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:31:40 GMT
x-content-type-options
nosniff
age
25820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 16:31:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viber.angryuser.help
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
195263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 18 Oct 2022 17:27:37 GMT
KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
d2a4d131bd14a3fa0e89f5dc3fb1c387b0b64e00d93d7709f20972f36dbb2c07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viber.angryuser.help
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 10:31:45 GMT
x-content-type-options
nosniff
age
565815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10300
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 14 Oct 2022 10:31:45 GMT
fontawesome-webfont.woff2
viber.angryuser.help/wp-content/themes/root/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://viber.angryuser.help/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/wp-content/themes/root/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path
/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
origin
https://viber.angryuser.help
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/wp-content/themes/root/css/style.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://viber.angryuser.help/wp-content/themes/root/css/style.min.css
Origin
https://viber.angryuser.help
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 11:07:27 GMT
server
nginx
etag
W/"606457ef-12d68"
vary
Accept-Encoding
content-type
application/font-woff2
cache-control
max-age=315360000 public, must-revalidate, proxy-revalidate
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viber.angryuser.help
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:40:33 GMT
x-content-type-options
nosniff
age
25287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 16:40:33 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viber.angryuser.help
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:37:36 GMT
x-content-type-options
nosniff
age
25464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17304
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 16:37:36 GMT
viber.png
viber.angryuser.help/wp-content/uploads/2018/07/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viber.angryuser.help/wp-content/uploads/2018/07/viber.png
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
2a97e35eb57a97d0035ec18c559c5cd33c99d25a54d5c79832b6eeb534bbd041

Request headers

:path
/wp-content/uploads/2018/07/viber.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
last-modified
Tue, 30 Mar 2021 11:05:46 GMT
server
nginx
etag
"6063060a-13ec0"
content-type
image/png
cache-control
max-age=7776000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
81600
expires
Tue, 18 Jan 2022 23:42:00 GMT
widget.js
cackle.me/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cackle.me/widget.js
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.213.129.125 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
5d3f094734e47a48f932c0f482abe3e8a14791ae07583a8726e7df34a429b83e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 23:42:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Sep 2021 09:59:24 GMT
Server
nginx
ETag
W/"6140727c-2437"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 21 Oct 2021 23:42:00 GMT
blokirovka-kontakta-v-vaybere-330x140.jpg
viber.angryuser.help/wp-content/uploads/2018/07/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viber.angryuser.help/wp-content/uploads/2018/07/blokirovka-kontakta-v-vaybere-330x140.jpg
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
ff14a692e3b0abe30ad924a4757405925105cd60880bfa8f6e62bfa35b8acc3f

Request headers

:path
/wp-content/uploads/2018/07/blokirovka-kontakta-v-vaybere-330x140.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
last-modified
Tue, 30 Mar 2021 11:06:13 GMT
server
nginx
etag
"60630625-2646"
content-type
image/jpeg
cache-control
max-age=7776000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
9798
expires
Tue, 18 Jan 2022 23:42:00 GMT
viber-ili-whatsapp-330x140.jpg
viber.angryuser.help/wp-content/uploads/2018/07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viber.angryuser.help/wp-content/uploads/2018/07/viber-ili-whatsapp-330x140.jpg
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
bd4f67a9a77d37ff591b2c1f2da2d0ba6b580f796d859b5a8db8de807881bf68

Request headers

:path
/wp-content/uploads/2018/07/viber-ili-whatsapp-330x140.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
last-modified
Tue, 30 Mar 2021 11:06:09 GMT
server
nginx
etag
"60630621-1cac"
content-type
image/jpeg
cache-control
max-age=7776000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
7340
expires
Tue, 18 Jan 2022 23:42:00 GMT
viber-bez-telefonnogo-nomera-330x140.jpg
viber.angryuser.help/wp-content/uploads/2018/08/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viber.angryuser.help/wp-content/uploads/2018/08/viber-bez-telefonnogo-nomera-330x140.jpg
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
ee86c84757527720c3acebe8ed8966fb06bab12fc201250efef5d0a9aef76d6b

Request headers

:path
/wp-content/uploads/2018/08/viber-bez-telefonnogo-nomera-330x140.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
last-modified
Tue, 30 Mar 2021 11:07:02 GMT
server
nginx
etag
"60630656-291f"
content-type
image/jpeg
cache-control
max-age=7776000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
10527
expires
Tue, 18 Jan 2022 23:42:00 GMT
ustanovka-viber-na-windows-330x140.jpg
viber.angryuser.help/wp-content/uploads/2018/07/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viber.angryuser.help/wp-content/uploads/2018/07/ustanovka-viber-na-windows-330x140.jpg
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
a23a7cccaf3316a08da8a4c30df186e839f967254891de3804bddfabc00bf8d9

Request headers

:path
/wp-content/uploads/2018/07/ustanovka-viber-na-windows-330x140.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
last-modified
Tue, 30 Mar 2021 11:06:05 GMT
server
nginx
etag
"6063061d-3192"
content-type
image/jpeg
cache-control
max-age=7776000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
12690
expires
Tue, 18 Jan 2022 23:42:00 GMT
videozvonok-v-viber-330x140.jpg
viber.angryuser.help/wp-content/uploads/2018/08/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viber.angryuser.help/wp-content/uploads/2018/08/videozvonok-v-viber-330x140.jpg
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
9fb4b5dafc36be6d944f3326315d9fba8fe33d718cbd91f176f6557b6e9ca881

Request headers

:path
/wp-content/uploads/2018/08/videozvonok-v-viber-330x140.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
last-modified
Tue, 30 Mar 2021 11:06:56 GMT
server
nginx
etag
"60630650-2ed2"
content-type
image/jpeg
cache-control
max-age=7776000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
11986
expires
Tue, 18 Jan 2022 23:42:00 GMT
vayber-onlayn-330x140.jpg
viber.angryuser.help/wp-content/uploads/2018/07/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viber.angryuser.help/wp-content/uploads/2018/07/vayber-onlayn-330x140.jpg
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
afbb933f6353c44c9a07090520ec93255795cef48cfbfdb10911b16154ee308c

Request headers

:path
/wp-content/uploads/2018/07/vayber-onlayn-330x140.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
last-modified
Tue, 30 Mar 2021 11:06:29 GMT
server
nginx
etag
"60630635-2343"
content-type
image/jpeg
cache-control
max-age=7776000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
9027
expires
Tue, 18 Jan 2022 23:42:00 GMT
registratsiya-i-aktivatsiya-viber-330x140.jpg
viber.angryuser.help/wp-content/uploads/2018/07/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viber.angryuser.help/wp-content/uploads/2018/07/registratsiya-i-aktivatsiya-viber-330x140.jpg
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
85d69300313f6dcc51b86774752c82b29d9e37ac87f9f004f6a8013ad5dc1739

Request headers

:path
/wp-content/uploads/2018/07/registratsiya-i-aktivatsiya-viber-330x140.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
last-modified
Tue, 30 Mar 2021 11:06:06 GMT
server
nginx
etag
"6063061e-203f"
content-type
image/jpeg
cache-control
max-age=7776000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
8255
expires
Tue, 18 Jan 2022 23:42:00 GMT
rassylka-v-vaybere-330x140.jpg
viber.angryuser.help/wp-content/uploads/2018/07/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viber.angryuser.help/wp-content/uploads/2018/07/rassylka-v-vaybere-330x140.jpg
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
63bf546d0be15460c54de0da8c3d9efe317f1e4413892666427cbca3e6b0a962

Request headers

:path
/wp-content/uploads/2018/07/rassylka-v-vaybere-330x140.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
last-modified
Tue, 30 Mar 2021 11:06:20 GMT
server
nginx
etag
"6063062c-2255"
content-type
image/jpeg
cache-control
max-age=7776000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
8789
expires
Tue, 18 Jan 2022 23:42:00 GMT
viber-support-330x140.jpg
viber.angryuser.help/wp-content/uploads/2018/08/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viber.angryuser.help/wp-content/uploads/2018/08/viber-support-330x140.jpg
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
4a2b58aa377d92b51fa4fe0ee7db2e57400a00739d9b5088caff9d769d51f7e5

Request headers

:path
/wp-content/uploads/2018/08/viber-support-330x140.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
last-modified
Tue, 30 Mar 2021 11:07:00 GMT
server
nginx
etag
"60630654-257d"
content-type
image/jpeg
cache-control
max-age=7776000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
9597
expires
Tue, 18 Jan 2022 23:42:00 GMT
pereslat-fayl-330x140.jpg
viber.angryuser.help/wp-content/uploads/2018/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viber.angryuser.help/wp-content/uploads/2018/08/pereslat-fayl-330x140.jpg
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.184.70.208 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
ds67.mirohost.net
Software
nginx /
Resource Hash
c528ea9cf66c55f8d2f73e297ae4ed5c9abfb290774a9e5261a4b17a7832fe0b

Request headers

:path
/wp-content/uploads/2018/08/pereslat-fayl-330x140.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
viber.angryuser.help
referer
https://viber.angryuser.help/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
last-modified
Tue, 30 Mar 2021 11:06:59 GMT
server
nginx
etag
"60630653-21ed"
content-type
image/jpeg
cache-control
max-age=7776000 public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
8685
expires
Tue, 18 Jan 2022 23:42:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/ 		271 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
7a1c7b653713a617643f8a5a149912073073ba77f7d0d8778f8524b17f5596bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99362
x-xss-protection
0
server
cafe
etag
17114109636645632102
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 23:42:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211019/r20190131/ Frame 3908 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211019/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211019/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://viber.angryuser.help/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 20 Oct 2021 16:42:38 GMT
expires
Wed, 03 Nov 2021 16:42:38 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
25162
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&eid=31063007&frequency=1
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:42:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113983595-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
6054
date
Wed, 20 Oct 2021 22:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19887
expires
Thu, 21 Oct 2021 00:01:06 GMT
cookie.js
partner.googleadservices.com/gampad/ 		204 B
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=viber.angryuser.help&callback=_gfp_s_&client=ca-pub-5534106068881534
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
7151e3fb27180f5d5b269ea0ce6b79e71d34f1a7e3ef626a3a8fc97f915a04c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=viber.angryuser.help
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=viber.angryuser.help
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 23:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 79B4 		159 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&adk=1812271804&adf=3025194257&lmt=1623927199&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fviber.angryuser.help%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773320600&bpp=3&bdt=249&idt=82&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5596527187682&frm=20&pv=2&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=102
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
938ba8c6386548151019e156823d63005a8ff57db6c748d62c2275fc013efeb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5534106068881534&output=html&adk=1812271804&adf=3025194257&lmt=1623927199&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fviber.angryuser.help%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773320600&bpp=3&bdt=249&idt=82&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5596527187682&frm=20&pv=2&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=102
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://viber.angryuser.help/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Oct 2021 23:42:01 GMT
server
cafe
content-length
42513
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 20-Oct-2021 23:57:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 20 Oct 2021 23:42:01 GMT
cache-control
private
bootstrap
i.cackle.me/widget/58982/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.cackle.me/widget/58982/bootstrap?chan=265&url=https%3A%2F%2Fviber.angryuser.help%2F&callback=cackle_Comment58982
Requested by
Host: cackle.me
URL: https://cackle.me/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.130.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.130.243.136.clients.your-server.de
Software
nginx /
Resource Hash
039b79c4d7d3db8f085e972fe0c7b1bf21d5b650800aa9f78d1abf3eea775513

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 23:42:00 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Language
en
Cache-Control
no-cache, no-store, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/json;charset=UTF-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&aip=1&a=1118242687&t=pageview&_s=1&dl=https%3A%2F%2Fviber.angryuser.help%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Viber%20(%D0%92%D0%B0%D0%B9%D0%B1%D0%B5%D1%80)%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B8%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8E%D1%8E%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACUABBAAAAC~&jid=1375710208&gjid=925321925&cid=613949689.1634773321&tid=UA-113983595-2&_gid=302585759.1634773321&_r=1&gtm=2ouai0&did=dZTNiMT&z=632443875
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://viber.angryuser.help/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:42:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://viber.angryuser.help
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&aip=1&a=1118242687&t=pageview&_s=2&dl=https%3A%2F%2Fviber.angryuser.help%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Viber%20(%D0%92%D0%B0%D0%B9%D0%B1%D0%B5%D1%80)%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B8%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D1%8E%D1%8E%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACUABBAAAAC~&jid=&gjid=&cid=613949689.1634773321&tid=UA-113983595-2&_gid=302585759.1634773321&gtm=2ouai0&did=dZTNiMT&z=1060342696
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 13:13:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37705
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
comment2ru.js
i.cackle.me/widget/js/ 		179 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.cackle.me/widget/js/comment2ru.js?v=14092021095920
Requested by
Host: cackle.me
URL: https://cackle.me/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.130.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.130.243.136.clients.your-server.de
Software
nginx /
Resource Hash
3a248e3dc8f3d63cc8242b7ca0c04bca44058e0732bb9343f4e138ce24e79b56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 23:42:00 GMT
Content-Encoding
gzip
Last-Modified
Sun, 01 Aug 2021 18:05:04 GMT
Server
nginx
ETag
W/"6106e250-2cad2"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 19 Nov 2021 23:42:00 GMT
comment2.css
i.cackle.me/widget/css/ 		46 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.cackle.me/widget/css/comment2.css?v=14092021095920
Requested by
Host: cackle.me
URL: https://cackle.me/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.130.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.130.243.136.clients.your-server.de
Software
nginx /
Resource Hash
cffcfb93817681351e19f7f0156118f4c8eb1b662f948d6e06a6882ce6ac3779

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 23:42:00 GMT
Content-Encoding
gzip
Last-Modified
Sun, 01 Aug 2021 18:05:04 GMT
Server
nginx
ETag
W/"6106e250-b9df"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 19 Nov 2021 23:42:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-113983595-2&cid=613949689.1634773321&jid=1375710208&gjid=925321925&_gid=302585759.1634773321&_u=YChACUAABAAAAC~&z=1348479993
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://viber.angryuser.help/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Oct 2021 23:42:01 GMT
content-type
text/plain
access-control-allow-origin
https://viber.angryuser.help
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
03dd32167f60cef34ec0ab4532cd6ec8f082444819855fb6ef91450eecf2346e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52662
x-xss-protection
0
server
cafe
etag
18336288560747499727
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 23:42:01 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=viber.angryuser.help
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 23:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=viber.angryuser.help
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 23:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7D70 		77 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a5e062fa11bc36ffde22c1bc4cc5c40d3cd365c87aa151a17423de7b4ad5f428
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://viber.angryuser.help/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Oct 2021 23:42:01 GMT
server
cafe
content-length
27899
x-xss-protection
0
set-cookie
IDE=AHWqTUmycQ_sYxBidfT7qQU46QiUUyD8ora354lxKO37TwamP1f9nNblqDl6n8JregQ; expires=Mon, 14-Nov-2022 23:42:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 20 Oct 2021 23:42:01 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 519C 		85 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
07e5da707caba94625f6e72bfb20d9c01c6ac4f475e455443b604ee09cf25ad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://viber.angryuser.help/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Oct 2021 23:42:02 GMT
server
cafe
content-length
29010
x-xss-protection
0
set-cookie
IDE=AHWqTUm2sJp9KR2SZAmDo3yt-nyFvstFmiA4yEuvQ007y3HwAAGpbxY9CY-uawJTv0o; expires=Mon, 14-Nov-2022 23:42:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 20 Oct 2021 23:42:02 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 887D 		112 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
bfa05c381881bbedeec10d3b7c7c204c86d9ad39cd1a6a724534c5833f006d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://viber.angryuser.help/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 20 Oct 2021 23:42:02 GMT
server
cafe
content-length
39479
x-xss-protection
0
set-cookie
IDE=AHWqTUnB7NouY6tK8nyDaTYPO2LRmuSOSiS5GBt3gwjYKIfD4D8XeFosx1euZsQ3br8; expires=Mon, 14-Nov-2022 23:42:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 20 Oct 2021 23:42:02 GMT
cache-control
private
index.html
i.cackle.me/xdm/ Frame A6DE 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.cackle.me/xdm/index.html?xdm_e=https%3A%2F%2Fviber.angryuser.help&xdm_c=default7832&xdm_p=1
Requested by
Host: i.cackle.me
URL: https://i.cackle.me/widget/js/comment2ru.js?v=14092021095920
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.130.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.130.243.136.clients.your-server.de
Software
nginx /
Resource Hash
ef7cc45592eb8af039c62ec23fea875d265ce8b20bef061daaadef88bfaddaed

Request headers

Host
i.cackle.me
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://viber.angryuser.help/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/

Response headers

Server
nginx
Date
Wed, 20 Oct 2021 23:42:01 GMT
Content-Type
text/html; charset=utf-8
Last-Modified
Wed, 28 Jul 2021 21:52:22 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"6101d196-2677"
Expires
Fri, 19 Nov 2021 23:42:01 GMT
Cache-Control
max-age=2592000
Content-Encoding
gzip
truncated
/ 		185 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
cackle.png
i.cackle.me/widget/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.cackle.me/widget/img/cackle.png
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.130.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.130.243.136.clients.your-server.de
Software
nginx /
Resource Hash
496d7ce31af38b0a6aa9178c0714598621613fa62420dbad92a8f3649bb1c2c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 23:42:01 GMT
Last-Modified
Wed, 28 Jul 2021 21:52:22 GMT
Server
nginx
ETag
"6101d196-509"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1289
Expires
Fri, 19 Nov 2021 23:42:01 GMT
anonym2.png
cackle.me/widget/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cackle.me/widget/img/anonym2.png
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.213.129.125 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
96ece815756726d4acfc51349a5b26cf5cd05d6ade637be117dbe998837a939d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 23:42:01 GMT
Last-Modified
Wed, 28 Jul 2021 20:52:22 GMT
Server
nginx
ETag
"6101c386-679"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1657
Expires
Fri, 19 Nov 2021 23:42:01 GMT
easyXDM.min.js
i.cackle.me/xdm/ Frame A6DE 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.cackle.me/xdm/easyXDM.min.js
Requested by
Host: i.cackle.me
URL: https://i.cackle.me/xdm/index.html?xdm_e=https%3A%2F%2Fviber.angryuser.help&xdm_c=default7832&xdm_p=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.130.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.130.243.136.clients.your-server.de
Software
nginx /
Resource Hash
cab290f4c3e08a3d377b57d5a497f4089cda26bb2df4256f03032dc2d1d2821d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://i.cackle.me/xdm/index.html?xdm_e=https%3A%2F%2Fviber.angryuser.help&xdm_c=default7832&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 23:42:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jul 2021 21:52:22 GMT
Server
nginx
ETag
W/"6101d196-50ec"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 19 Nov 2021 23:42:01 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=viber.angryuser.help
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 23:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=viber.angryuser.help
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 23:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/ Frame 5F3A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://viber.angryuser.help/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 20 Oct 2021 17:00:03 GMT
expires
Wed, 03 Nov 2021 17:00:03 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
24118
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
authorize.json
i.cackle.me/login/58982/ Frame A6DE 		106 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.cackle.me/login/58982/authorize.json
Requested by
Host: i.cackle.me
URL: https://i.cackle.me/xdm/index.html?xdm_e=https%3A%2F%2Fviber.angryuser.help&xdm_c=default7832&xdm_p=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.130.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.130.243.136.clients.your-server.de
Software
nginx /
Resource Hash
fb428ed432b2090daf7f204e0daaec8981821e9bd6ca186a052ea6e707160801

Request headers

Accept
application/json;
Referer
https://i.cackle.me/xdm/index.html?xdm_e=https%3A%2F%2Fviber.angryuser.help&xdm_c=default7832&xdm_p=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 23:42:01 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Language
en
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/json;charset=UTF-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 5F3A 		4 KB
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 23:25:20 GMT
server
ESF
date
Wed, 20 Oct 2021 23:42:01 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 20 Oct 2021 23:42:01 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5F3A 		205 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 10:22:14 GMT
x-content-type-options
nosniff
age
220787
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 18 Oct 2022 10:22:14 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5F3A 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 11:46:43 GMT
x-content-type-options
nosniff
age
42918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 20 Oct 2022 11:46:43 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/elements/html/ Frame 5F3A 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
3108a595755e4b68a8c9af8465be4462d8d3479043a586bfd3bc18c97c06fe6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 21:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7873
x-xss-protection
0
server
cafe
etag
16040667361225943213
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 21:08:16 GMT
css
fonts.googleapis.com/ Frame 97AE 		3 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 23:26:05 GMT
server
ESF
date
Wed, 20 Oct 2021 23:42:01 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 20 Oct 2021 23:42:01 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 97AE 		2 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:26:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 22:26:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/ Frame 97AE 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:55:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 22:55:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 97AE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 23:01:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 97AE 		122 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 23:42:01 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 97AE 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:25:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
983
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 23:25:38 GMT
fc4a425cba241d0dce431f7f76e62919.js
www.gstatic.com/mysidia/ Frame 97AE 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fc4a425cba241d0dce431f7f76e62919.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11259
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 04:56:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 12 Jan 2022 05:47:14 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 33BB 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 20 Oct 2021 22:54:37 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
si
googleads.g.doubleclick.net/pagead/drt/ Frame 33BB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmycQ_sYxBidfT7qQU46QiUUyD8ora354lxKO37TwamP1f9nNblqDl6n8JregQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 20 Oct 2021 23:42:02 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 21-Oct-2021 00:42:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 20 Oct 2021 23:42:02 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 20 Oct 2021 23:42:01 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
13640108321193619872
tpc.googlesyndication.com/simgad/ Frame 7D70 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13640108321193619872?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkpEgCVulWsluXjs1TdsZvqOXmBfg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
e0e8e5e15bbe833784e38ed6db4552e74fed3c6efa38c29c9200401b3040b5e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 23:03:03 GMT
x-content-type-options
nosniff
age
347939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48073
x-xss-protection
0
last-modified
Mon, 12 Jul 2021 08:52:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 16 Oct 2022 23:03:03 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/ Frame 7D70 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:55:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2791
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 22:55:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 7D70 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 23:01:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D70 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 23:42:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 7D70 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:25:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
984
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 23:25:38 GMT
l
www.google.com/ads/measurement/ Frame 7D70 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlgiPWaa98kiUYJ0RnQeXQ1sAN2GEYZpE-h4HAM-JEXLE_-NAL7ayvdZnFJBj91SoqJQCC
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 7D70 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
20731b5cce4398a7bea4b2b919dcab676f481d929c16a12b6a74a19b51e48d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11249
x-xss-protection
0
server
cafe
etag
2407096445939648700
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 16:07:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7D70 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CDTN6SalwYfGLJ_e07_UP65adgAKs-trBZIrE04W_DtistpWLAxABIOqrnQRgleKQgqAHoAHRgZm-A8gBAqgDAcgDyQSqBNwBT9CC2AhjmITloalFQBYzTp9ox8mLshZIZBjfEUmdGF_G8HFAuDx9MM27JsErIVOfUlbtt_ZEBk8aB6Fiw5hJQMp6P1T198r6u3fdd3FYkl5iDOSnQ6zZT3RAplVRS5ZdFcYYNlh0JKwRoPkXVTFuLS5JiEgadixqwJEaPXh_wqpE_DFJGYJrixMldBa8fIas5geWU-YivG-NAHzWY3fzJIjmHOzphIWYMv3JCE6pzHqTfdwGoAjwCb9UxrbRFw7QA3UT7fsIlTXRIMMPrNnTHziqDq8hLnzQuvTfcsAE-b6mx8gDkgUECAQYAZIFBAgFGASgBgKAB-W_yM4BqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBDWoB_SCAkIgOGAcBABGF-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNTUzNDEwNjA2ODg4MTUzNBgA&sigh=JPARw9CHg24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Oct 2021 23:42:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2D6E 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmycQ_sYxBidfT7qQU46QiUUyD8ora354lxKO37TwamP1f9nNblqDl6n8JregQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 20 Oct 2021 22:54:37 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2845
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 07F9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: viber.angryuser.help
URL: https://viber.angryuser.help/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 09:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
50180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 09:45:42 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2D6E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
DSID=NO_DATA; IDE=AHWqTUnB7NouY6tK8nyDaTYPO2LRmuSOSiS5GBt3gwjYKIfD4D8XeFosx1euZsQ3br8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 20 Oct 2021 23:42:02 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 21-Oct-2021 00:42:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 20 Oct 2021 23:42:02 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 20 Oct 2021 23:42:02 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 887D 		8 KB
715 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 22:38:10 GMT
server
ESF
date
Wed, 20 Oct 2021 23:42:02 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 20 Oct 2021 23:42:02 GMT
css
fonts.googleapis.com/ Frame 887D 		8 KB
715 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 23:34:55 GMT
server
ESF
date
Wed, 20 Oct 2021 23:42:02 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 20 Oct 2021 23:42:02 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 887D 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
2b4550ac1f8a3f589276d0a1a9dddafa7ab37606a2dc52ed59580e776071cbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5880
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12922
x-xss-protection
0
server
cafe
etag
10609840481343520096
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 22:04:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 887D 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 23:42:02 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/ Frame 887D 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:55:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2791
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 22:55:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 887D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 23:01:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 887D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:25:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
984
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 23:25:38 GMT
truncated
/ Frame 7D70 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
060fe60e9157d455203925321189de4b41015c6046a3ddb4a422e8509d6e15c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/9955083269287130433/ Frame 887D 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9955083269287130433/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qk8ZVkhC2jkZ9IeGwQlZiOGwyJBRA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
fccb41ec13a79b0d2e5a01954e0e450e468bf93a7ec74fd200e2083826c3640b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:02 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22382
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 21:22:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Oct 2022 23:42:02 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 887D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CPkUWSalwYdnOJ5-C7_UPgPOugALWmczDZIGa59CODYr9oITDARABIOqrnQRgleKQgqAHoAH_24rIA8gBBqgDAcgDywSqBNIBT9CMWtMK5kJOJdclgFY_OJHvnVDzZ3owzdvkIBTorxbjDiRzSVSIKn5gLHATAEhqOMOwmduQAxTihg2BZPuaT_mhjkjIdAAbOacuIL7kzhfL1Y8DRDv-qtFZjyMYq_N7o2WJEaEZkOBv3N2GqhyifgMOddUqYtXr35vCTrs-QMIpIpB-WxLPNZdmGWFQ_NInyn1UWeq45h3O3LZpV9ssw5guRPBqXC-mwmRNZdvlv9VbP1pifdYPO2gDBDBFWmnohfhWupPVFcdHXI7ZNBLV9Ii2wASx3caZswOSBQQIBBgBkgUECAUYBKAGN4AH8O6sogKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEELyOBNIICQiA4YBwEAEYX4AKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi01NTM0MTA2MDY4ODgxNTM0GAA&sigh=t96MpjCtnOI&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Oct 2021 23:42:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame CB81 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
accept-encoding
gzip, deflate, br
cookie
DSID=NO_DATA; IDE=AHWqTUm2sJp9KR2SZAmDo3yt-nyFvstFmiA4yEuvQ007y3HwAAGpbxY9CY-uawJTv0o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 20 Oct 2021 22:54:37 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2845
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
css
fonts.googleapis.com/ Frame 519C 		6 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 23:27:33 GMT
server
ESF
date
Wed, 20 Oct 2021 23:42:02 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 20 Oct 2021 23:42:02 GMT
truncated
/ Frame 887D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39a17e3d5cadb698d625973e1932179cfa2658d0bb4b71def001dd04c3e3e3a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 887D 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:39:18 GMT
x-content-type-options
nosniff
age
25364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 16:39:18 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 887D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:31:40 GMT
x-content-type-options
nosniff
age
25822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 16:31:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 887D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
195265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 18 Oct 2022 17:27:37 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 519C 		2 KB
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:26:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
server
cafe
etag
638833322182864030
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 22:26:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/ Frame 519C 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:55:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2791
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 22:55:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 519C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 23:01:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 519C 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 23:42:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 519C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:25:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
984
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 23:25:38 GMT
fc4a425cba241d0dce431f7f76e62919.js
www.gstatic.com/mysidia/ Frame 519C 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fc4a425cba241d0dce431f7f76e62919.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 05:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11259
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 04:56:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 12 Jan 2022 05:47:14 GMT
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 0599 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=1280375804&pi=t.aa~a.1970592991~i.15~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=3&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0&nras=2&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rNPuudJC5X&p=https%3A//viber.angryuser.help&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 09:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
50180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 09:45:42 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/3502162519743031754/ Frame 519C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3502162519743031754/downsize_200k_v1?w=200&h=200
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
5791c0583f2939be9c74bdc83228c47da573ecc0ef7546811dad4a4f5e6268d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 01:43:20 GMT
x-content-type-options
nosniff
age
597522
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3518
x-xss-protection
0
last-modified
Tue, 20 Aug 2019 15:51:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 14 Oct 2022 01:43:20 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/11954884184570808807/ Frame 519C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11954884184570808807/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
ee41e227a02a6b77b874853486a60721d2a68fc3422bb24f47baa8fc585b82d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 23:20:53 GMT
x-content-type-options
nosniff
age
260469
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19094
x-xss-protection
0
last-modified
Fri, 20 Aug 2021 11:38:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Oct 2022 23:20:53 GMT
truncated
/ Frame 519C 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame 519C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CezR-SalwYbi5J6W07_UPsvqOgA2vuo7kZL6I-ozwCf2L7NeEKRABIOqrnQRgleKQgqAHoAHB3duAA8gBCakC6TnazFSMsz6oAwHIA8sEqgTkAU_QkhNjG8B951hcusgSHg6YfQY37OTjpfGlfevTX6YnET6jEa6olry2OMwmlyqQzpAEQFP930K2VnMTHpbKpAt5sEePLpR_16MVQGx04zidTMvYACu2kO3Pi_DHCSZbi0crCVb_CrEsI7uxaOOpaeLmNr9irMedfa3O--pMySff8ge4mNs7U6HVliYALiunSr74dDOV2HWzTQmTo2657U2CJR1F2htLayIHo8sGLGbtGChGc_AQHN3Xdpkwy_ptUv6N7rv62kzuRVKhx4KeoSj2r1tkOC_zbTq_-APTL3NtssMd08AEx4Hgx5wCoAYugAenoqR_qAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBChkjnSCAkIgOGAcBABGF-ACgHICwHYEwOIFAnQFQGAFwGyFxwKGggAEhRwdWItNTUzNDEwNjA2ODg4MTUzNBgA&sigh=fueSTSdIpUI&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 20 Oct 2021 23:42:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame CB81
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
DSID=NO_DATA; IDE=AHWqTUm2sJp9KR2SZAmDo3yt-nyFvstFmiA4yEuvQ007y3HwAAGpbxY9CY-uawJTv0o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 20 Oct 2021 23:42:02 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 21-Oct-2021 00:42:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Wed, 20 Oct 2021 23:42:02 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 20 Oct 2021 23:42:02 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 519C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bf92784647714e4d47ffe19fbd95310dbc4addd636dbef334f143691eb71f91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 519C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:31:40 GMT
x-content-type-options
nosniff
age
25822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 16:31:40 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 519C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:59:32 GMT
x-content-type-options
nosniff
age
290550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 17 Oct 2022 14:59:32 GMT
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame D359 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=280&adk=3206152381&adf=3872670109&pi=t.aa~a.1970592991~i.17~rp.4&w=654&fwrn=4&fwrnh=100&lmt=1623927199&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=654x280&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&fwr=0&pra=3&rh=164&rw=654&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=-M&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280&nras=3&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=301&ady=1962&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8m0k9SNGD5&p=https%3A//viber.angryuser.help&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 09:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
50180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 09:45:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211019&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
7d8bdf98b7a14241a07fb61ef7fe77220abd9ccbd54ce5cc73b1a16c126badb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 23:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8522
x-xss-protection
0
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 987E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5534106068881534&output=html&h=245&adk=1062863634&adf=2694599380&pi=t.aa~a.342023311~rp.4&w=300&lmt=1623927199&nsk=9b28007&rafmt=11&pwprc=6665320269&tp=site_kit&psa=0&ad_type=text_image&format=300x245&url=https%3A%2F%2Fviber.angryuser.help%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634773321604&bpp=1&bdt=1253&idt=0&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3be48ee93dff1c1-221525e8fbca00bc%3AT%3D1634773320%3ART%3D1634773320%3AS%3DALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA&prev_fmts=0x0%2C654x280%2C654x280&nras=4&correlator=5596527187682&frm=20&pv=1&ga_vid=613949689.1634773321&ga_sid=1634773321&ga_hid=1118242687&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1045&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31063007%2C21066428%2C31062525&oid=2&pvsid=1237741718940601&pem=212&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=vfpTOalcHF&p=https%3A//viber.angryuser.help&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 09:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
50180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 09:45:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5534106068881534&plah=viber.angryuser.help
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 20 Oct 2021 23:42:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 34A3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://viber.angryuser.help/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 20 Oct 2021 23:12:53 GMT
expires
Thu, 20 Oct 2022 23:12:53 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4B89 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
47e7e57fdd3f4c169a30d10efff8e0fec6c8e2a1856cc2cbee4d2f45b6e149f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cDuQu+wVkt938vkKB89umQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://viber.angryuser.help/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 20 Oct 2021 23:42:03 GMT
date
Wed, 20 Oct 2021 23:42:03 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-cDuQu+wVkt938vkKB89umQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 34A3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 09:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
50181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 09:45:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4B89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211019&jk=1237741718940601&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211019&jk=1237741718940601&bg=!JSalJmLNAAao6lBpqOo7ACkAdvg8WrFihegOB7rCQP2mBDAGvME9lux2hV-kDCyd3Dbc4k8EGqpMNAIAAABsUgAAAAxoAQeZAshgsUpJgMP6NNfZiOGQjU__5kVNDqO5mU55tzXOkRTiFmuHW1HrRFqnS2JZlkcCmElkxJRd6vJE7IXcLzn-UMDqISz2ii7yvBjT8umgxxub5ZZURyjAJFbJ-3NiVLtFKf0mumpcrYyNqxd8yrGKid-Udn0qylT6g6ywtcnVp_3MpiZQA7R7N_UCFpWom7W3Dxbhvd2LCG68WzjajkKkbSb1Dog5G_m0c4fokBvZW-dpqaiqixZWydWuX-FX8rCuBOkublNsyUCYHyCtAxro4-zXMNOdFqWuf9tmT4TpyzlEmtHUwh3kEHBZ2jG-AH1CjJ_mrMK7iuoxrMMV79_p2jdv26OY5tMOVmNL5VNQ8uPcDrXVIe9wz6mFz9BYXbfGet_U191LNDWmLjm_yT4hANbEDpbEQclt3niVly4SrZ0MtUAjPeKXquVBsqgXUV3ST_v2x_n_w0x37HdlqkvxYO0RWquxzsKswwt3WyKn600RDJAxqOYWHbvGL0hSd6yRZkK5vL2zVMlOMhxE4Dte5mPcaR_5or84FoXi2j3cCP8t-HSDSKm-PLj7FLg_5RRCOXl8DnBlaptT9YP-tYwR6QHQB86YjznlAxGgthGoE1MV7aKMbprZgjf5LS2ueiROyBn7T73nPH0E1T_PehaM2b6OvIQGw43k1azyoTkJ462W4_1v3xNudgAv9zMJxQMkUNCQtZPw5Ay3tGEEUE0wMQDyby3lMarZgAdVlQJomqudn5LSAV_37YjE4bB4AGGdzrTYb8OJnj7RtYTKTBjGE3IrlLswjqtBuvO400VnYEtGx0s_Le7sfleorE5FcLKvQCDLp4NZvjOZrLVvdJk98LC7W2GXu_ICq2R0uIvlJ-JUMb2d2X2Fz1sE03fiVb1ZRf46S3P-GE9iLnFL16wdyf76YO1ZXaAFfWdvIgli2WOF1i-6skF0Aa4j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://viber.angryuser.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:42:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect boolean| originAgentCluster undefined| $ function| jQuery function| gtag object| dataLayer object| adsbygoogle object| cackle_widget object| pseudo_links function| Swiper object| settings_array object| wps_ajax function| GoTo function| base64_decode function| createCookie function| readCookie function| eraseCookie object| addComment object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_image_requests boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| Cackle function| cackle_Comment58982 object| gaplugins object| gaData object| google_llp number| google_lpabyc function| PushStream object| PushStreamManager function| md5 object| doT string| cb object| easyXDM object| googletag object| GoogleGcLKhOms

6 Cookies

Domain/Path Name / Value
.angryuser.help/ Name: __gads
Value: ID=f3be48ee93dff1c1-221525e8fbca00bc:T=1634773320:RT=1634773320:S=ALNI_MZrtUa6YBRKaZN1ZY0u4uwEMHsXFA
.angryuser.help/ Name: _ga
Value: GA1.2.613949689.1634773321
.angryuser.help/ Name: _gid
Value: GA1.2.302585759.1634773321
.angryuser.help/ Name: _gat_gtag_UA_113983595_2
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUm2sJp9KR2SZAmDo3yt-nyFvstFmiA4yEuvQ007y3HwAAGpbxY9CY-uawJTv0o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=300;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cackle.me
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.cackle.me
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
viber.angryuser.help
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.viber.angryuser.help
136.243.130.81
142.250.184.234
142.250.185.226
142.250.185.66
142.250.185.72
142.250.185.99
142.250.186.100
142.250.186.131
142.250.186.162
142.250.186.174
142.250.186.34
172.217.23.98
216.58.212.129
216.58.212.130
74.125.140.155
89.184.70.208
95.213.129.125
039b79c4d7d3db8f085e972fe0c7b1bf21d5b650800aa9f78d1abf3eea775513
03dd32167f60cef34ec0ab4532cd6ec8f082444819855fb6ef91450eecf2346e
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
060fe60e9157d455203925321189de4b41015c6046a3ddb4a422e8509d6e15c3
07e5da707caba94625f6e72bfb20d9c01c6ac4f475e455443b604ee09cf25ad7
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
20731b5cce4398a7bea4b2b919dcab676f481d929c16a12b6a74a19b51e48d01
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
2a1e5f133bda3e06c7120cd15b93f918e47e43b57838d22dbb2f84fba0dc37d5
2a97e35eb57a97d0035ec18c559c5cd33c99d25a54d5c79832b6eeb534bbd041
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4550ac1f8a3f589276d0a1a9dddafa7ab37606a2dc52ed59580e776071cbea
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
3108a595755e4b68a8c9af8465be4462d8d3479043a586bfd3bc18c97c06fe6d
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
39a17e3d5cadb698d625973e1932179cfa2658d0bb4b71def001dd04c3e3e3a7
3a248e3dc8f3d63cc8242b7ca0c04bca44058e0732bb9343f4e138ce24e79b56
41a22495ee891a9862720371d8b4b658b1a8253f57fd3cc8d6831b6ef73c1b99
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
47e7e57fdd3f4c169a30d10efff8e0fec6c8e2a1856cc2cbee4d2f45b6e149f3
496d7ce31af38b0a6aa9178c0714598621613fa62420dbad92a8f3649bb1c2c2
4a2b58aa377d92b51fa4fe0ee7db2e57400a00739d9b5088caff9d769d51f7e5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4df4c366dca54d8da7f6d5da113b4e74cb2bc90d6aedca4056b52aebf8f4e5eb
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50e0e1413581dfc4b7261c494da902f7b39388ebb06b354b2adfffb7995d8720
5353cc52ef5242059ad7e37d98fabf44a7a13140ac223017692d303266e4d498
53cb486a3f6a61535fd7bb4fa01a15a1b1154f18e5f14ce32950ec257bc66aba
5791c0583f2939be9c74bdc83228c47da573ecc0ef7546811dad4a4f5e6268d2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d3f094734e47a48f932c0f482abe3e8a14791ae07583a8726e7df34a429b83e
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
63bf546d0be15460c54de0da8c3d9efe317f1e4413892666427cbca3e6b0a962
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7151e3fb27180f5d5b269ea0ce6b79e71d34f1a7e3ef626a3a8fc97f915a04c9
7481ca08ab9f3cba9123f51023007c2132b1b31c09009c0a9dca77c1c2c98631
7a1c7b653713a617643f8a5a149912073073ba77f7d0d8778f8524b17f5596bf
7d8bdf98b7a14241a07fb61ef7fe77220abd9ccbd54ce5cc73b1a16c126badb2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85d69300313f6dcc51b86774752c82b29d9e37ac87f9f004f6a8013ad5dc1739
869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858
8c0c6175278a9af9636b961d65cdd18841671e678071edce1c9784b318759233
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
938ba8c6386548151019e156823d63005a8ff57db6c748d62c2275fc013efeb6
96ece815756726d4acfc51349a5b26cf5cd05d6ade637be117dbe998837a939d
9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6
9ab327a1b2500b2d50c3567e7b4acd32e9521404f30bad79ec5a7ca83aaf8238
9bf92784647714e4d47ffe19fbd95310dbc4addd636dbef334f143691eb71f91
9fb4b5dafc36be6d944f3326315d9fba8fe33d718cbd91f176f6557b6e9ca881
a23a7cccaf3316a08da8a4c30df186e839f967254891de3804bddfabc00bf8d9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e062fa11bc36ffde22c1bc4cc5c40d3cd365c87aa151a17423de7b4ad5f428
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
afbb933f6353c44c9a07090520ec93255795cef48cfbfdb10911b16154ee308c
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd4f67a9a77d37ff591b2c1f2da2d0ba6b580f796d859b5a8db8de807881bf68
bfa05c381881bbedeec10d3b7c7c204c86d9ad39cd1a6a724534c5833f006d71
bfbc63d69e0eb15c6f214d18bc2b7a8cd9b4fec24465de8ab7b781499b9f71cd
c528ea9cf66c55f8d2f73e297ae4ed5c9abfb290774a9e5261a4b17a7832fe0b
cab290f4c3e08a3d377b57d5a497f4089cda26bb2df4256f03032dc2d1d2821d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cffcfb93817681351e19f7f0156118f4c8eb1b662f948d6e06a6882ce6ac3779
d1ac53e44767e808ff66b3ce88ebed0049f3d9cba0d1af7554c94bfe0b29b85b
d2a4d131bd14a3fa0e89f5dc3fb1c387b0b64e00d93d7709f20972f36dbb2c07
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df42d0b316c933ceeb43f242160d8082bca3e54a40ec7cd13cdbe29762fb19b4
e0e8e5e15bbe833784e38ed6db4552e74fed3c6efa38c29c9200401b3040b5e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee41e227a02a6b77b874853486a60721d2a68fc3422bb24f47baa8fc585b82d2
ee86c84757527720c3acebe8ed8966fb06bab12fc201250efef5d0a9aef76d6b
ef7cc45592eb8af039c62ec23fea875d265ce8b20bef061daaadef88bfaddaed
fb428ed432b2090daf7f204e0daaec8981821e9bd6ca186a052ea6e707160801
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fccb41ec13a79b0d2e5a01954e0e450e468bf93a7ec74fd200e2083826c3640b
ff14a692e3b0abe30ad924a4757405925105cd60880bfa8f6e62bfa35b8acc3f