www.pobjeda.me Open in urlscan Pro
2606:4700:20::681a:a53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.pobjeda.me/
Effective URL:
https://www.pobjeda.me/
Submission: On November 11 via api (November 11th 2022, 6:38:01 am UTC) from US — Scanned from DE

Summary HTTP 366 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 63 IPs in 9 countries across 44 domains to perform 366 HTTP transactions. The main IP is 2606:4700:20::681a:a53, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pobjeda.me. The Cisco Umbrella rank of the primary domain is 401891.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 13th 2022. Valid for: a year.

This is the only time www.pobjeda.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:20:... 2606:4700:20::ac43:4a6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700:20:... 2606:4700:20::681a:a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.7.127 108.138.7.127	16509 (AMAZON-02) (AMAZON-02)
5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
32	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	108.138.17.79 108.138.17.79	16509 (AMAZON-02) (AMAZON-02)
15	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.147.113 18.66.147.113	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
9	2606:4700:303... 2606:4700:3032::6815:41fa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3036::6815:4f16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.30.44.244 52.30.44.244	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
18	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
6	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.28.22.239 52.28.22.239	16509 (AMAZON-02) (AMAZON-02)
3	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
3	2606:4700:440... 2606:4700:4400::ac40:983f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
2 7	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	3.125.60.173 3.125.60.173	16509 (AMAZON-02) (AMAZON-02)
5 5	3.123.45.72 3.123.45.72	16509 (AMAZON-02) (AMAZON-02)
6 6	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
3 3	3.127.121.199 3.127.121.199	16509 (AMAZON-02) (AMAZON-02)
5	3.75.3.113 3.75.3.113	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.31.28 18.156.31.28	16509 (AMAZON-02) (AMAZON-02)
9	104.17.120.107 104.17.120.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
36	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	18.130.2.144 18.130.2.144	16509 (AMAZON-02) (AMAZON-02)
3	46.4.250.26 46.4.250.26	24940 (HETZNER-AS) (HETZNER-AS)
3	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
6	13.32.121.66 13.32.121.66	16509 (AMAZON-02) (AMAZON-02)
1	44.209.187.139 44.209.187.139	14618 (AMAZON-AES) (AMAZON-AES)
6	152.228.222.122 152.228.222.122	16276 (OVH) (OVH)
6	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
18	3.11.224.13 3.11.224.13	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:d55e:b03e:2f7a:ba8e	16509 (AMAZON-02) (AMAZON-02)
2 3	52.95.115.255 52.95.115.255	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
366	63

7 2606:4700:20::ac43:4a6d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pobjeda.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.pobjeda.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:20::681a:a53 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pobjeda.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.pobjeda.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-127.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-79.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-113.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ffd259c51ee25b834de944bba428f30d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3032::6815:41fa (United States)

ASN13335 (CLOUDFLARENET, US)

lupon.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:4f16 (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.44.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-44-244.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.22.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-22-239.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:983f (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.125.60.173 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-60-173.eu-central-1.compute.amazonaws.com

ghent-aws-fr.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.123.45.72 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-45-72.eu-central-1.compute.amazonaws.com

aws-fr-sync.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.5.142 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.127.121.199 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-121-199.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.75.3.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-3-113.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.31.28 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-31-28.eu-central-1.compute.amazonaws.com

imp-euro.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.17.120.107 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.130.2.144 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-130-2-144.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.4.250.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.26.250.4.46.clients.your-server.de

tm.simptrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.121.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-66.fra60.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.187.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-187-139.compute-1.amazonaws.com

imp.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 152.228.222.122 (France)

ASN16276 (OVH, FR)
PTR: ns3189334.ip-152-228-222.eu

s333.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 3.11.224.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:d55e:b03e:2f7a:ba8e (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.115.255 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 ffd259c51ee25b834de944bba428f30d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136	1 MB
38	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 203	202 KB
36	ad4m.at ad4m.at — Cisco Umbrella Rank: 9541 as.ad4m.at — Cisco Umbrella Rank: 28280 assets.ad4m.at — Cisco Umbrella Rank: 36321	3 MB
30	adform.net 6 redirects adx.adform.net — Cisco Umbrella Rank: 3954 track.adform.net — Cisco Umbrella Rank: 3500 c1.adform.net — Cisco Umbrella Rank: 582 s1.adform.net — Cisco Umbrella Rank: 7708	112 KB
24	pobjeda.me 1 redirects www.pobjeda.me — Cisco Umbrella Rank: 401891 api.pobjeda.me — Cisco Umbrella Rank: 367862 media.pobjeda.me — Cisco Umbrella Rank: 294722	2 MB
21	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 17892 api.webgains.io — Cisco Umbrella Rank: 57986	95 KB
20	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 439 pixel.rubiconproject.com — Cisco Umbrella Rank: 307 eus.rubiconproject.com — Cisco Umbrella Rank: 541 token.rubiconproject.com — Cisco Umbrella Rank: 544	40 KB
15	moatads.com z.moatads.com — Cisco Umbrella Rank: 406 px.moatads.com — Cisco Umbrella Rank: 473	315 KB
15	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	687 KB
12	webgains.com track.webgains.com — Cisco Umbrella Rank: 45190	163 KB
12	emxdgt.com 3 redirects hb.emxdgt.com — Cisco Umbrella Rank: 3660 e1.emxdgt.com — Cisco Umbrella Rank: 1146 imp-euro.emxdgt.com — Cisco Umbrella Rank: 42226 imp.emxdgt.com — Cisco Umbrella Rank: 5164	22 KB
11	bidswitch.net 11 redirects ghent-aws-fr.bidswitch.net — Cisco Umbrella Rank: 10299 aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 24162 x.bidswitch.net — Cisco Umbrella Rank: 281	7 KB
11	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
9	brealtime.com biddr.brealtime.com — Cisco Umbrella Rank: 3237 js.brealtime.com — Cisco Umbrella Rank: 5013	27 KB
9	4dex.io script.4dex.io — Cisco Umbrella Rank: 2169 mp.4dex.io — Cisco Umbrella Rank: 2225	72 KB
9	lupon.media lupon.media — Cisco Umbrella Rank: 452730	67 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 279 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915	4 KB
6	criteo.net static.criteo.net — Cisco Umbrella Rank: 623	171 KB
6	adxpremium.services s333.adxpremium.services — Cisco Umbrella Rank: 53968	2 KB
6	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 57421	373 KB
6	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 691 gum.criteo.com — Cisco Umbrella Rank: 390 mug.criteo.com — Cisco Umbrella Rank: 2725	8 KB
6	gstatic.com fonts.gstatic.com	122 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1569 m.addthis.com — Cisco Umbrella Rank: 1549	217 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 625 script.hotjar.com — Cisco Umbrella Rank: 763 vars.hotjar.com — Cisco Umbrella Rank: 824 in.hotjar.com — Cisco Umbrella Rank: 1628	72 KB
3	simptrack.com tm.simptrack.com — Cisco Umbrella Rank: 89682	3 KB
3	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 209	3 KB
3	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6054	528 B
3	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3711	1014 B
3	adxbid.info adxbid.info — Cisco Umbrella Rank: 50202	287 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 2536	20 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8709 www.google.de — Cisco Umbrella Rank: 5922	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	203 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 94	54 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	112 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	118 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 355	710 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 341	265 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416	597 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1764	709 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2154	257 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1492	48 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	694 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 201	2 KB
366	44

	Domain	Requested by
33	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
32	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.pobjeda.me
18	api.webgains.io	analytics.webgains.io
18	assets.ad4m.at	as.ad4m.at
15	www.googletagservices.com	www.pobjeda.me securepubads.g.doubleclick.net
12	track.webgains.com	as.ad4m.at track.webgains.com
12	ad4m.at	s1.adform.net ad4m.at
12	track.adform.net	www.pobjeda.me s1.adform.net
12	pagead2.googlesyndication.com	www.pobjeda.me pagead2.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	px.moatads.com	www.pobjeda.me
10	www.google.com	www.pobjeda.me securepubads.g.doubleclick.net tpc.googlesyndication.com
9	media.pobjeda.me	www.pobjeda.me
9	lupon.media	securepubads.g.doubleclick.net lupon.media www.pobjeda.me
9	www.pobjeda.me	1 redirects www.pobjeda.me
7	pixel.rubiconproject.com	2 redirects www.pobjeda.me adxbid.info
6	eus.rubiconproject.com	adxbid.info eus.rubiconproject.com
6	static.criteo.net	adxbid.info static.criteo.net
6	s333.adxpremium.services	adxbid.info
6	cdn.track.production.webgains.team	as.ad4m.at track.webgains.com
6	as.ad4m.at	ad4m.at as.ad4m.at
6	s1.adform.net	ghent-aws-fr.bidswitch.net s1.adform.net
6	biddr.brealtime.com	www.pobjeda.me adxbid.info
6	c1.adform.net	6 redirects
6	script.4dex.io	adxbid.info script.4dex.io
6	adx.adform.net	adxbid.info
6	fonts.gstatic.com	fonts.googleapis.com
6	api.pobjeda.me	www.pobjeda.me
5	e1.emxdgt.com	www.pobjeda.me imp-euro.emxdgt.com
5	aws-fr-sync.bidswitch.net	5 redirects
4	token.rubiconproject.com	4 redirects
4	z.moatads.com	s7.addthis.com adxbid.info
3	aax-eu.amazon-adsystem.com	2 redirects
3	cm.g.doubleclick.net	1 redirects
3	s.amazon-adsystem.com	2 redirects
3	analytics.webgains.io	track.webgains.com
3	tm.simptrack.com	as.ad4m.at
3	js.brealtime.com	adxbid.info
3	imp-euro.emxdgt.com	3 redirects
3	x.bidswitch.net	3 redirects
3	ghent-aws-fr.bidswitch.net	3 redirects
3	ib.adnxs.com	adxbid.info
3	prebid-eu.creativecdn.com	adxbid.info
3	fastlane.rubiconproject.com	adxbid.info
3	bidder.criteo.com	adxbid.info
3	mp.4dex.io	adxbid.info
3	hb-api.omnitagjs.com	adxbid.info
3	hb.emxdgt.com	adxbid.info
3	adxbid.info	securepubads.g.doubleclick.net
3	s7.addthis.com	www.pobjeda.me s7.addthis.com
2	gum.criteo.com	1 redirects static.criteo.net
2	www.facebook.com	www.pobjeda.me
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.youtube.com	www.pobjeda.me www.youtube.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.pobjeda.me connect.facebook.net
2	www.googletagmanager.com	www.pobjeda.me www.googletagmanager.com
1	mug.criteo.com
1	px.ads.linkedin.com
1	match.adsrvr.org
1	pr-bh.ybp.yahoo.com	1 redirects
1	imp.emxdgt.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	code.createjs.com	lupon.media
1	www.google.de	www.pobjeda.me
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ffd259c51ee25b834de944bba428f30d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.hotjar.com	www.pobjeda.me
1	fonts.googleapis.com	www.pobjeda.me
1	cdnjs.cloudflare.com	www.pobjeda.me
366	78

This site contains links to these domains. Also see Links.

Domain
issuu.com
www.facebook.com
www.instagram.com
twitter.com
apps.apple.com
play.google.com
www.fleka.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-13` - `2023-05-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-20` - `2022-11-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.emxdgt.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2022-01-21` - `2023-02-22`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
simptrack.com R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2022-08-26` - `2023-08-05`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 43 frames:

Primary Page: https://www.pobjeda.me/
Frame ID: 36F519CB2D9E2FD7E854E271D5031C67
Requests: 76 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html
Frame ID: 485F6B229C304B2D64A3FE741DFF6B99
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
Frame ID: 501D553FD1B82A1237D64257E38E8879
Requests: 1 HTTP requests in this frame

Frame: https://ffd259c51ee25b834de944bba428f30d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E0B3F451D99AC4E8BA268DE8284F7315
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2610418223630718&output=html&adk=1812271804&adf=3025194257&lmt=1665382088&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.pobjeda.me%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668148670240&bpp=3&bdt=404&idt=770&shv=r20221109&mjsv=m202211080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2776242277272&frm=20&pv=2&ga_vid=614322669.1668148670&ga_sid=1668148671&ga_hid=95691678&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070616%2C31070830%2C44770880%2C44775016&oid=2&pvsid=3894180619877934&tmod=1817235884&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=810
Frame ID: E05104B4C863B4F3C9E432EE28144919
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXLwtlf4oXp1QOtvfPP58KBpEz9Foxf8qK3FCLY6DGmR9_VDru9HxLQgvJlFL4HJtW6IsMF44v8FmAjWjtgse6u2vaQMGfbGBqSp0xmPZylodBiJBWay6nH7wSXxSXScAgTnkeaqY4rEIx7dEKL8s9Ex19hnDejVeOfT8mdaaMo4tZp4v6z9VbZq2Un4h0dIgDrTFCsZoE43ZghT26X_MX8eDHGgX_BMWdSZ1SMfOTOrj1vud78dDAdZM992Os3FqCaAQWsI4lP8KwEkBi_1s6w96C-XDRkqApCY46Rksk31SSsrsIkzUzB1K8lMpqLpQ&sai=AMfl-YSAZ39jFazcJUCHGv_MwoKIdvAVU14V4cB33t9UKhRR5Gy4UQdzrqoi26EqKUXRyQv1-Lg0zWiCspAf5UJkqNj43mmwedzFwFA2DIGkiow6Z3Dw3CKkX2Fxha2b1_0zcA&sig=Cg0ArKJSzDai25b8VUZXEAE&uach_m=[UACH]&adurl=
Frame ID: 090F3D57EE6660A38939D6F02EC7500B
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-qhNdFjw7q2txxhNKMGrCB0AN-V3lkQdPOy7-LnmBZ4lQcjQwh-OdGYr6h2cZbGY59_k8nNtzE8GQH3whXj_Lo73zKJK3bew2dtAAl6ieGEgKKEy1nopeu4FESDyc0EDX6d8b5S9cmpBHE72O4bEE3yzW7VkV84PuoyP3wIU9S2URO8lRkGWtbSCj0dO7w5ziQqd_R7_VRjxPft8VjogX1Nv1jbJ2fRKSMHqgVMzjT_ievtpklY_6mYYwmCh3LJlrYez0bf8oZ7c8BkOT30mhhfPQWyzlwFX-rhcD4-ARWZX3kC7gMUMZSmDG4XLMi_U&sai=AMfl-YSATzZFGRk96tAwe5YQ_XNl0JPw4DCvJh44hnnIBb-IvkYSgrGvYHD9HfvuyptpG2Y59J22Bxx6LA96l_kzUpfjQvVgLQDJiXiSlNqNu_QI4wb_Z2-3NIpwHvocyMh-DA&sig=Cg0ArKJSzBX0CWyu_m6XEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6F4498E0DC4EDE0698DE2FDD67DEEBFD
Requests: 5 HTTP requests in this frame

Frame: https://lupon.media/pobjeda/2022/publish/publish300x250/index.html
Frame ID: 8E574CD86BE635A12F39637E8507FA26
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVjFpIAWKGaDB9mC6nFBbfENHnEjSq_yqucWcj5uJcnnC2GcnLJY3_Aq8Jdgb9I4vFwbOMBBdLgT6Vr5g1AvlGzCuDzl-romd6fQwSCu3Uzzp7eI96fdrPknrIYqrL4YbtXVJKz0W1DI4LsRgyHO3xGYN8j2QPmVJP6XuVXehX4-1KJ2e6e1Q9eHP2s49yrQYdmZhtS6JiNbuIvBG1kKTwBsYY6wjcAssfC12COS_kndhySe7BafLmqdY_q6SGO4cmsSgdb4YRKM8EdFn4v-dWczxZkA3Tfc4t3kjwITannZLqF8qfUIkSeSgrp02VhS4&sai=AMfl-YQzfySxBtVvZC9g2MbtCLZ_WGLdUNQ-RISRP0beOG-ntGiY4J_07jBPrcUES4h3Mr5b3LHEcwzCMj7p7Wlrs-W6h9cyE4n8W9FXPoBytgJiSzIDsD20kNRMDyeFLxnrUQ&sig=Cg0ArKJSzIDAiD1aAe0KEAE&uach_m=[UACH]&adurl=
Frame ID: 3FC1867B5AEC0A8AFB14400B448D5EBE
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss63uVKlceppm8TckLBQMlHKpLUAoCM8GJJyv_xH4D3fkMOrYWh4BpuGDOMH9gDClhY9yL87zjRUS1P4Q8p9y9HzWiRcQunhzxmbXeVZzS9q9ZifbxwQRhEJY1JrYMuP2Gpuz5yU5syH35yRWOEQqgPajYZus2b7f152huQNA6VBa_aoNBXJRbWeS9L0a_SBx-jmZrpZIDG9P4yJ31mZeCtulskb6UyFr8vJTNHUB3TqlftM4lMQem3xVehLvJWw7U6R_ZGFS0wJ8ku1EztIo5rjK32lzDwyUK959fAtOTKuOC6UBvC7BIGaPJ-4s9Q3J4&sai=AMfl-YTXGJSRqS73332DQ83N6qkUofwefk1hikny7yskwPbxsJlfKum-dIJL7kOgMNryv65zP8VJLEjzMSMem4lRDSqUt0U0PoFdDiwPcQ0lMwgaEVLgegolRoH80whLPUVHnA&sig=Cg0ArKJSzNF7_yr_PL5QEAE&uach_m=[UACH]&adurl=
Frame ID: 368F1939B206DAC4FACB9E0A448CDBBE
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyQzLA_J32CQrDw74zmC01VaUWUFJ5MWDMcEiqdMXM6h-g8jVbjE8d8mSDyXMANJ7OHt54YHMV121KUJ55GtmVUZCNGPs67OxZdPiDQMPuwP5jZbn1xFgoALX85hlV4-X9GiUd9PtWcGJcjOS4FfaXxVN5_9yZXxtGiGCDPNFzQ2Oo_lCJfa8GpRtdwgElZ3yENN_JNsjxoVeP81sEY9_gw1ikLs31GGOmkfvV0pAnE7lFu-LGrkOeITQRanVN8_YVXJ8wvaHF_3Pn3YnFnjR5JEjpfVAFPq-FuhttTZzadIIESwS2MwNZ-Bq75XZAqpg&sai=AMfl-YSKWOGylmSm6UUi0kC-bT7jwYKr-bjwiPDOWBzI7UlXfjZwldqZZH3DhtZPmcRfV6J2ieW7KmsosuhkXDz-c45exIbfk88H0rAcfJIQNaWNMCbYPZaEkBWEgNkFUYI9pQ&sig=Cg0ArKJSzNf2ZWoqCGHmEAE&uach_m=[UACH]&adurl=
Frame ID: 25CF984C56F1B0A29FC14FE6E0C725E3
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8VDBzPh_sKkM1MOKBimLrls_9B4NhbZmaH0eJryMyPEK8w1zhe8j-LNy8vJm4y3hVXA5M7VHeAyKTI0QA-emiHYMN8OQYvFN9L_mC7laBdm3zoZgtB_fw_wRaJjYXALlTpxh8yjIejGYgTXs9m7Jg3hhrSH52IeVg0GJnITJKiTo-0_XAajmn7vNtHsM2uvZ6PG4R_8qtJVnz1-lItiyCj_1Li4KWWnTv6_n5ukOoyaZgT2fAmWjVYfu4TzRTWha27aPxVvvRG3RM_-DFlTHeK-ghDCekwioTrsq1wIW5QuiZWv7yavsNpp7VsISFq3o&sai=AMfl-YQJh4q0tHg5POr3uGMFsm1Nmg0SEbZweg4fHc17qZj6VOtgNWkLZ_H4CfxwjyqP_ZlxrCHkWqSl3XjKuPPQTE6SXvLDDHuWK-V58uDXuOo7Jql92T7H1I19aPLNahNKuw&sig=Cg0ArKJSzGVp3Zotah4ZEAE&uach_m=[UACH]&adurl=
Frame ID: 473059CC0998DE5ECF72770A6B3DC2AA
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKIBs5GCKZezYP-v8nJsyLjcKWiZX5jaaC3y37TeYcK-9UX-BkkjB2TfDIEjFUuW8-7bzqAxv4mvJM3KwfRsNWhjfeeKN1gkU82qtXYkNFKm-ihXqHYmT42BnPKgtfh0d325ELM3HosXk00ju03NvQhluGkkicCkSa1_gGTqLxZicgm04VKqdR2yaLiWzXvvtRDKCnyYKohpNuJhGaUzR1tBoJZFUSfHesOIJaD20pVAqTZgpCgRsVsboHwnErxJ98FHjzxuCgWo3Ctd0hSgNf5LEUdMFs-HF6rRBEM6TvdqavSznChXzj6t2-ge3t1qqSrQ&sai=AMfl-YRYKm3EJ0XVyqT7RolAsWMLapsuxPlot2X0SLej8eFXHNGavZovEuVVuuUKvY0QNFrZUDUs6HLxrE47efiEqJ6LVO6yBgJEPYzKB8H4UG4iSGvW9-WZp-v-cg-JX73X2A&sig=Cg0ArKJSzD6sXxDjotulEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 814E2A72B04390E8FBBF0724EFAC269C
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJyZhUP1HRG49JDarDgdkN4jDu6wsm8jhxTkCe0dAW2qyfBMf23ueZpPcxPfb8RzOArW9lVEFBkaJ23WEGBn7oRbOrs2zAGpuOtKIgg2ucoFt9pTXMaMdnLagAxAX_uWB5VgpTP9ys2zFiCoXaHM9Sh5K68edbk2G2W4IKL864Ko70kvQOqDyZy1ejZTVNW3SxA3F7CWJDC4VW3ou3yPaDz6nEN6TlFRfkR6Rr8mVCPBIlB667UhfNbev2_0IzpAlx-j_O6o7QKXdkYJwSp77koxEQP-omUSuRbj2ce52GqzBtpWOJya7fYDUm1Djt0U8&sai=AMfl-YT6lNX0gdWEWuG1x-bhSV4kAiK7XgcTWkh-dSlsGVDxi__QmlujNuHIMOX7NK7aG27K-IFEnvLHJBa0C93eAC-X9ztMH1d7SxmqxVaPRdaTLAuvKuAtO391DwDEibekYA&sig=Cg0ArKJSzGt6A_fBOzktEAE&uach_m=[UACH]&adurl=
Frame ID: 784408D9E8A436B554BB29EF223AF8D6
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv49w974OkBrIQ0yLGwtG7AnMzeyA-tt4xg4dwx51remlZ6ftv_JAg7XWWc0JAXkNmj6HO1QIqIoKYB85xOVyKjRgV8hD9Shp3aRcfqy7CJK0i-1hJQbYEhC0EQKBHAWAtyGG5FYvyEEe-BftkWE3PR2tUmXGdIA0gRRZSqQD48bZCwXGPxK2sU-ER1bWmz8ItfPTiZvdWCtCSYpjpYBA7fVgX4BJO35YSITxWM0tC69lDrkcT-ILeXCAmPYzPcQwpIyG890vzWKvJPU_GFNdbetd1DILCqCTCO1Edgaqsz2x_C6Wj4sLXi9PaHj2bEmcY&sai=AMfl-YRqy98zt3hsp2iRFS4excEIAgKnoympfmFHgjGUtsPm85CzfrRbobqjnc5GhLb_cUWGQcPKe096PQeIO1gZWCmrvdbNY3zoINnbYseMb5SieMfNokfcJGGmScvQFTlHWQ&sig=Cg0ArKJSzC-I2xzpKCq_EAE&uach_m=[UACH]&adurl=
Frame ID: 6CB4835FD407174CBEA72F9BD09EDD6E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstONNl3_eb4mk9t2afA20PR4--9U2jA8aEBi1vsD5YpZsGq-sD_sWvLXPT7RIF-GjSu7QDEuucQnRGbZvjL6wAoCTh9od70RkRAcS0Y9kb2RuC_lqh4qBjX6VakmtpNe2tV5sHG-9ZEFfI608fUV3wTNwpB3E6QUv64ov52DDvwU3JLrpeU35LOaq5Wkb67G_HDWiqAF4uDlqzsQhpmC_qw73cggqkEYa-pggdg0fSjS3hHxnUC_zq1AtK4OAXEILPR7QKmNzRa9u8ebJyLbpNRpzr3cHoFRQUs2FOFuRMQXKjVzQkDbGOOeCYOtV3-DNfqr_Q&sai=AMfl-YT_rX6E3ah59H3NUt8uCfx5QREHX1-qE_PtpFn72sFc07cOQiTLAtWAw8sKMsStYV4MD2kh8pvdHvYEP7cDM4u08Lo5zR4_Z34WA67pjxlxtfTyonNBeOcbd-vMg_sbjg&sig=Cg0ArKJSzDTXgLvVnJPqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: ED7B5E980B96E076F3BBAA1F9C278F76
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAGletFuRE6PgMgrfGyE1zIIvhfyXmNFDbO2l25IGFDkAQ58iSP6_DBKAR5WRHdW1u67L1YitDGet5BbLaSxvPxAMh9dqN-dw6lAXzmmhOkDzrckfHcHykRa3y-PVyhE-a3nubGnN1ye4kBRfmBzNnA6ukFn93ckzSDADXgxa61HbbEYh1G42YbDwPXrQsaKigm5LP2RSgbueMKHOjyiY6kFdxNvwbT01WgpvhsQya1WBFRVh9kBJzG3OObixy4T3XLOGrPPQc7dwHD4Re6HwK-eLE1ig21dy2ImT_foz7KFI3BXH5J_G5F4lLwA2djMIH&sai=AMfl-YTssh5TCjTFxlfjIqq0K7aA3RzECKhDnkcBMN0Fc6k8tQTrBliNXGr182tzHIVE2Kk50hBdtsFNeT4JuWXDUAglZjjIT9djH0lExzJ_-_Dr8xoHvIuQtWGsPbxTvXC7Mg&sig=Cg0ArKJSzAh2l3CN6xNuEAE&uach_m=[UACH]&adurl=
Frame ID: 91C389432EF854A40110EA510CA9886E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKqvKKO9K8cG_pNa1aLNQD5E5tU61DwmlGQL06Dpd1AkRRx6Zww1SgCPEGYDyXVp61IJ6mU4LgMZZMrylwq8NGRTdRQ-iqNZ8uNxpwDuZAYmmGYNtbhEJO8_sA-1Atmxp_o3CIEfzVoJSncwHM23b4rxR4eEYBMSX7oYuTeiucG1bnbpuvwIKlDJx3JJymna-BovsDvuNSwN_8kGAu-XgGpN2LtgYkIOAxjruQhq720jK0PQ_tVizKOQKRGJvAr6YrUOpbHcDYuKqk1tHtMwnX1VBa2O1RkfERn70S3Eg1ypYamL7e5Bx25M4xAKGppaz9GjnB_1U&sai=AMfl-YRkBtk_w7z0Lp7m9akgWwkVKqtk0fkuiDV0hGC8Q9Jzvow3QCaw9jujhOGeG70xU1NTHsS9VSXYfn5ontyt4YqJdnPKmDybMwNMAX4ZYLGRWfgJggnikP8ZTQ5X3ZyUDhgaeg&sig=Cg0ArKJSzGDysnwjwB3JEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B71CC6FE08C450B091C5B50405EA557A
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9ww_G-FfI5-MVMaU1ru-naOmHsENZG9WxiWhgKiyeanT7uDfu77n6_rFy-ClUGYjTuAncl5Pyklge4W09kJA5bbaqqMcBPYC_ilUahZc80VzHhIGFg5zbnuPy7dJKFMNRDYcf5BvjMx37A0kLpUX3DhWGnp5yVF_NAL_dgzkoDvD-n9ZfcMea7e9bdf9_OZP7WsuI5myfhZ1jyECcpnRzaKYKY_ibPf0itrZ6kBjutkBW70I4bOfCl3STdad5kTFD5PJW9D-9j-lwURJAiN_tIrWP9tw8XcmnWLTnx47h-EGZoevLnXUgSLa9aZHcBqY&sai=AMfl-YSoit6tyF3iP9FD_AfIVq-mjngZKnh46e4gtlJVbs_8Ri8oilbU5YrAJp4VMItm-xRVB_FFF0H-fasxSbBJoLWvd3FlgNNAi0eCZpHLqOJ16yEgRhbbDgn7aANJpZ451Assrw&sig=Cg0ArKJSzNnvCyayN_p3EAE&uach_m=[UACH]&adurl=
Frame ID: A422180E9487A18F60E7AAD090BE708F
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0StYqXc0EhK-3DsgH35qd-YzLYTSqy-yeJmyxgsOHEW_FcEUGKgIcCavI4kbllyE7iDZclrAY-k5DJRBkLpxQWD-q3yg7Zbh9gcab1jKQfKDCo0UocWlz1TYCET1mDXugOT3tqcySm1o4wQ8RTJchvgFv-URvBOsKBE2LrhlXIocG2N85vYgE8pJQN0LzCBATzGbxRg7tdwTFOh-y0ibiSex9nJ1Am8hl8gjufORYsmkOVugKd3dq9eL1u3u4AjLmL8XAs7JealMEjFv5pwNWI6pCUIvKq1TzaEGgPf_ogvZbXaSJK73ucmUnvSTMxT-B&sai=AMfl-YTPRxi1kSrYSIA7deJmLx6gGC-SVI0GL-897NWDevamvwhHOk9NrmEeceIzdwYrKMjA6Wq2YW9B1gSAhJrCvIrKBOpSt6_fHqYz8rGGUVoKxfgWGLzNETOtmONSZeHwVGDjWA&sig=Cg0ArKJSzNE9eIN1rzxyEAE&uach_m=[UACH]&adurl=
Frame ID: 72B02F20409B81C62EC237C863D167AB
Requests: 8 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=37104560;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=GXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Frame ID: 78F17E85E06CD263199AFCDE800784AC
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=37104560;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=DCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Frame ID: B90A0B634793B7D76389E662B570FF7D
Requests: 13 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=37104562;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=O-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Frame ID: 0CC24924A58C424B0426C3016F688A26
Requests: 15 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5C9ADDB8BB4521ABA697DD03AA6443E6
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A45CB623AC2B201E7A5CD5C6A119E745
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 777B51B7277C2145273FC339AACB9F5F
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 30044C1894C8980CCFEF1D315B434CE5
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 1F5154889CF7802C9CE9515B2F42C685
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1C66D361FA7C705D9AD0AB13FCC29750
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 58AD27CC1C192639278CE8B9990F8C65
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 413984B0FCDDC01491D8D0DB044CD08F
Requests: 18 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: DD62B51B3B1C813DFBC249CF3B1CBD20
Requests: 18 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 9B5358A14615B0319B6F33B943E292C1
Requests: 18 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2
Frame ID: 98239874487AE54C4F7EB5DF3A2A8B5F
Requests: 1 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2
Frame ID: 82C4B1AD08082CF0B40920D312C67224
Requests: 1 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2
Frame ID: B02DB409A23E86BE0198CFE4DB82FBB6
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: B8EE94AA58B64F0068C209E8167B326A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C6384DD3DBB290B59539ED7C9E82D7B7
Requests: 10 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: DDAD9FDEB559966C12BCC2FAD527089B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FC9B3186FE930D38382403905E03063E
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 30A443CC4DAEE702C700B5ED58EFECEF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A8BDBD13E10501E48CC14C26E2C71767
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.pobjeda.me
Frame ID: 251CF1E43E0A85093153E612543F232A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Početna - Najvažnije vijesti svakog dana - Pobjeda

Page URL History Show full URLs

http://www.pobjeda.me/ HTTP 301
https://www.pobjeda.me/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

366
Requests

95 %
HTTPS

49 %
IPv6

44
Domains

78
Subdomains

63
IPs

9
Countries

9957 kB
Transfer

17976 kB
Size

40
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://issuu.com/novapobjeda
Title: Listalica

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NovaPobjeda/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/pobjeda.me/

Search URL Search Domain Scan URL

URL: https://twitter.com/Pobjedacg

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/pobjeda/id1484385813

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=me.pobjeda.android

Search URL Search Domain Scan URL

URL: https://www.fleka.me/
Title: fleka

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.pobjeda.me/ HTTP 301
https://www.pobjeda.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 192

https://ghent-aws-fr.bidswitch.net/imp/0.05610/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104560_Qrtbwp_R_I_WAUCTION__PRICE_X-zyirBqH7LG__xVfbESZzFRDP7tIYXQCm10_Qrtbdata_RGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk__rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn____nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/5lX884c01co6_c4bFUGat-omBIsI4S-ZcWqCTPLZ1NpmozakooFZRhApk4BSMx80PCiIO-qEVu21dUp-TbywsXZBziMEIs523Kun6ZG-5P6Iw0u5uBZ2P6wVSO2wA33go9MOM_aIGd3ZfFnVAWvgAJ4fq75Hh_D8e3_Cgn-4bLhjQUDqyy9F2H26S7UPpKNn_w6rJGPCScFQLtUln-0B4tEHB7qb3PHh_kY7kTY0ex4DKD78iC8SzLugHkUsidyhD4rFH3UQlP1wEE0FTxAmfa31gwouk88L6KiVTVRIjgzOxS3CHq7sc8rn249I7mjYCPZYUjrSZ2ZLuyEssbeRlTNQfrfqWPcejXpiYMYaubTZjk3YTGKAZAsjplNxj_z8eULPYpPSLyjKJ1z0UVkl468X34DPWGn3o5ZL9VrHcrUT3wvXN3CMPe2Zv-gJV1xZy65lCRYjDQT4F59a8PsI9hb7Fl0s-X2saIlfD8o5ioQSKGdXmZ45NjT1aJPzMK7WmKv0TZxAlPW_tFBST_fJvjuiuoLCoKhoYrnkHTpEVHCch6ZtMujLGF4A5lYptrQg64iH_r2xCMyaAzcVEYdCXvxjm2bw0egfhPjniZTQ1zcVSdd-9Ay3o1GREWekBTYBka_ieURvV-vZxhDwy_4xOp4GlPe9fVfUTaoYTQRi1p-KaBez52o65f4dEGWddysuxivllkUONEA6nR1EpGEapZlYA-esFBV3K0NnygmkF1HnTRFFWK4RNaQbpoiNzoA3ewvkH6Wkm3N42RipkHaun9CSeRs3w4nKsQAVcTkzFDg24qZlCGREKq1y6ZzDqGn9Km61VYiyPs3xrR8AE8vqcniKfoWv6YT1ESypDX7yMqIiCu694huwt4X8j8xcHVp2JfL14ES-6lG1_OFZYW4uZiTHeK9vWQZelfmLLx-n0VOrxRGn0eDFCEmwaIGqiCxkLR1sZgjzJvshaXxfmgPQer9GKbwr0Hv6E4MSTRS37lcbZndxfWRGgyMet6Y/$%7BCLICK_URL_ENC%7D HTTP 302
https://track.adform.net/adfscript/?bn=37104560;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=GXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D

Request Chain 193

https://aws-fr-sync.bidswitch.net/sync?ssp=emxdigital&dsp_id=70&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=emxdigital&dsp_id=70&imp=1 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=emxdigital HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=emxdigital HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=4892233149632719757&ssp=emxdigital HTTP 302
https://e1.emxdgt.com/put?d=d21&uid=65a26055-1651-4a6f-8df9-cc14a7182651&gdpr=&gdpr_consent=

Request Chain 194

https://imp-euro.emxdgt.com/imp/?cp=0.05610&ts=1668148672&seat=70&w=300&h=250&pb=0.04488&sid=1132&tid=78589&pid=413&uid=68951668148671827219f1&wid=21&dom=www.pobjeda.me&tp=0.05610&mt=1&dt=2&st=1&os=&ip=217.114.215.132&sz=&country=DE&region=TH&city=Erfurt&zip=&dma=&agency_id=&cluster=euro-hb&browser=chrome&rf=www.pobjeda.me&data_fee_type=&data_fee=0&clstr_nm=header-bidding-euro-4&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.110%20Safari/537.36&make=&ifa=&adom=ad4m.at&cat=3&gdpr=1&crid=70_37104560&burlv2=aHR0cHMlM0ElMkYlMkZnaGVudC1hd3MtZnIuYmlkc3dpdGNoLm5ldCUyRndpbl9ub3RpY2UlMkZlbXhkaWdpdGFsX2JpZCUzRnJpZCUzRDVsWDg4NGMwMWNvNl9jNGJGVUdhdC1vbUJJc0k0Uy1aY1dxQ1RQTFoxTnBtb3pha29vRlpSaEFwazRCU014ODBQQ2lJTy1xRVZ1MjFkVXAtVGJ5d3NYWkJ6aU1FSXM1MjNLdW42WkctNVA2SXcwdTV1QloyUDZ3VlNPMndBMzNnbzlNT01fYUlHZDNaZkZuVkFXdmdBSjRmcTc1SGhfRDhlM19DZ24tNGJMaGpRVURxeXk5RjJIMjZTN1VQcEtObl93NnJKR1BDU2NGUUx0VWxuLTBCNHRFSEI3cWIzUEhoX2tZN2tUWTBleDRES0Q3OGlDOFN6THVnSGtVc2lkeWhENHJGSDNVUWxQMXdFRTBGVHhBbWZhMzFnd291azg4TDZLaVZUVlJJamd6T3hTM0NIcTdzYzhybjI0OUk3bWpZQ1BaWVVqclNaMlpMdXlFc3NiZVJsVE5RZnJmcVdQY2VqWHBpWU1ZYXViVFpqazNZVEdLQVpBc2pwbE54al96OGVVTFBZcFBTTHlqS0oxejBVVmtsNDY4WDM0RFBXR24zbzVaTDlWckhjclVUM3d2WE4zQ01QZTJadi1nSlYxeFp5NjVsQ1JZakRRVDRGNTlhOFBzSTloYjdGbDBzLVgyc2FJbGZEOG81aW9RU0tHZFhtWjQ1TmpUMWFKUHpNSzdXbUt2MFRaeEFsUFdfdEZCU1RfZkp2anVpdW9MQ29LaG9Zcm5rSFRwRVZIQ2NoNlp0TXVqTEdGNEE1bFlwdHJRZzY0aUhfcjJ4Q015YUF6Y1ZFWWRDWHZ4am0yYncwZWdmaFBqbmlaVFExemNWU2RkLTlBeTNvMUdSRVdla0JUWUJrYV9pZVVSdlYtdlp4aER3eV80eE9wNEdsUGU5ZlZmVVRhb1lUUVJpMXAtS2FCZXo1Mm82NWY0ZEVHV2RkeXN1eGl2bGxrVU9ORUE2blIxRXBHRWFwWmxZQS1lc0ZCVjNLME5ueWdta0YxSG5UUkZGV0s0Uk5hUWJwb2lOem9BM2V3dmtINldrbTNONDJSaXBrSGF1bjlDU2VSczN3NG5Lc1FBVmNUa3pGRGcyNHFabENHUkVLcTF5Nlp6RHFHbjlLbTYxVllpeVBzM3hyUjhBRTh2cWNuaUtmb1d2NllUMUVTeXBEWDd5TXFJaUN1Njk0aHV3dDRYOGo4eGNIVnAySmZMMTRFUy02bEcxX09GWllXNHVaaVRIZUs5dldRWmVsZm1MTHgtbjBWT3J4UkduMGVERkNFbXdhSUdxaUN4a0xSMXNaZ2p6SnZzaGFYeGZtZ1BRZXI5R0tid3IwSHY2RTRNU1RSUzM3bGNiWm5keGZXUkdneU1ldDZZJTI2cCUzRCUyNCU3QkVNWF9CVVJMJTdEJTI2YWlkJTNE HTTP 302
https://biddr.brealtime.com/check_gdpr.js

Request Chain 198

https://ghent-aws-fr.bidswitch.net/imp/0.05610/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104560_Qrtbwp_R_I_WAUCTION__PRICE_X-zyirBqH7LG__xVfbESZzFRDP7tIYXQCm10_Qrtbdata_RDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn____nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/HWsWpMEN0VneDdwvFfhEWG7OQTpNO41Xt1v0xyf1ApaH9NynYaL7d2BY3J_lMVibhNso-ZikbYOL2-3-oKVXzhI5pvxeKxAxhLyZXw6XmFV-kMvCvKMH6-nGAGiFx7o6v7zwHlHxwly18wQFSe357lotb-yAHopjeUrlW8C8gGF89JqMVsKjKtPbTtw8xb8N6VzRdCFSCfS6_7z0Vib5diFAoatzEadkhvYDpxrSH4FRPf0_VQsj4IjhqI79e0Fu2PvCGV--yfE8mJsLDr_XzbFMZRcf_gsIvkBUinjMf-Kgc4HuyhhAmjXyqinoqtUa1TixUQfqiuzhj3cK7a41lpF_bCtlfrGiMg7-0CNQ9vO3g-tTnr2Oh3nB1bqJB14160cmfNI5ERnN5dcZROtQmoMq8aEf0GjQVzdTrQ_AHl4lThDXPH3pdPBdF-k3hujVJY1EDTuBH7ez1NudzwCY0xL5k5qzJcwOYMPK8x8mE3fDlIPGNHaLCh8CaQL8ef7fiGTG7UDWUcnWYZZdfreiEowhGjtgy2FnjPOhbpqJNeKvZS_EbCVuHFtBlLmOV1Q2mX17W8errrkVijwpV2BTeTFupRfSWN63nvOy9IeGx0dZJirNTvQ_dSoOyHe__bLEEdtnlL7hQj7L0-dFuQCmAzQ5nYmsVQ4SdTtJ-I_jYjaBAvpZDdBPZ3u2dlquhlzHPrqGalu2guSXown9lbPIkTWt2RwCMs5hReY8XxTHWSJptGdLj5jcaBFAB-UCz0NmSVUEaP_-hQv07F9VaML7S0_RjI_zmzlGwnHhtWtsEX7rIf4lqIOK3mN7-YwR6sX6qfQ6hcQw2PwMbEdS_dcySnIWyMefV4Z8YCNBF_Mol4nBI81XDDl51-f1Mgt1Lc_KrGleukDKilSj3HDHy2P-BbawFWyGWuFS5Aw9n0HjIgLHAA3K_cibmCZ1Aw2kBzqqrhMAD7fSIc3nV-Nl6ioAV1SnFO1OFnd5LgYxtB1dgmU-V0D9MaFMpjUU/$%7BCLICK_URL_ENC%7D HTTP 302
https://track.adform.net/adfscript/?bn=37104560;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=DCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D

Request Chain 199

https://aws-fr-sync.bidswitch.net/sync?ssp=emxdigital&dsp_id=70&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=emxdigital&dsp_id=70&imp=1 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=emxdigital HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=emxdigital HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=5254144355316055829&ssp=emxdigital HTTP 302
https://e1.emxdgt.com/put?d=d21&uid=65a26055-1651-4a6f-8df9-cc14a7182651&gdpr=&gdpr_consent=

Request Chain 200

https://imp-euro.emxdgt.com/imp/?cp=0.05610&ts=1668148672&seat=70&w=300&h=250&pb=0.04488&sid=1132&tid=78589&pid=413&uid=68791668148671877987f1&wid=21&dom=www.pobjeda.me&tp=0.05610&mt=1&dt=2&st=1&os=&ip=217.114.215.132&sz=&country=DE&region=TH&city=Erfurt&zip=&dma=&agency_id=&cluster=euro-hb&browser=chrome&rf=www.pobjeda.me&data_fee_type=&data_fee=0&clstr_nm=header-bidding-euro-4&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.110%20Safari/537.36&make=&ifa=&adom=ad4m.at&cat=3&gdpr=1&crid=70_37104560&burlv2=aHR0cHMlM0ElMkYlMkZnaGVudC1hd3MtZnIuYmlkc3dpdGNoLm5ldCUyRndpbl9ub3RpY2UlMkZlbXhkaWdpdGFsX2JpZCUzRnJpZCUzREhXc1dwTUVOMFZuZURkd3ZGZmhFV0c3T1FUcE5PNDFYdDF2MHh5ZjFBcGFIOU55bllhTDdkMkJZM0pfbE1WaWJoTnNvLVppa2JZT0wyLTMtb0tWWHpoSTVwdnhlS3hBeGhMeVpYdzZYbUZWLWtNdkN2S01INi1uR0FHaUZ4N282djd6d0hsSHh3bHkxOHdRRlNlMzU3bG90Yi15QUhvcGplVXJsVzhDOGdHRjg5SnFNVnNLakt0UGJUdHc4eGI4TjZWelJkQ0ZTQ2ZTNl83ejBWaWI1ZGlGQW9hdHpFYWRraHZZRHB4clNINEZSUGYwX1ZRc2o0SWpocUk3OWUwRnUyUHZDR1YtLXlmRThtSnNMRHJfWHpiRk1aUmNmX2dzSXZrQlVpbmpNZi1LZ2M0SHV5aGhBbWpYeXFpbm9xdFVhMVRpeFVRZnFpdXpoajNjSzdhNDFscEZfYkN0bGZyR2lNZzctMENOUTl2TzNnLXRUbnIyT2gzbkIxYnFKQjE0MTYwY21mTkk1RVJuTjVkY1pST3RRbW9NcThhRWYwR2pRVnpkVHJRX0FIbDRsVGhEWFBIM3BkUEJkRi1rM2h1alZKWTFFRFR1Qkg3ZXoxTnVkendDWTB4TDVrNXF6SmN3T1lNUEs4eDhtRTNmRGxJUEdOSGFMQ2g4Q2FRTDhlZjdmaUdURzdVRFdVY25XWVpaZGZyZWlFb3doR2p0Z3kyRm5qUE9oYnBxSk5lS3ZaU19FYkNWdUhGdEJsTG1PVjFRMm1YMTdXOGVycnJrVmlqd3BWMkJUZVRGdXBSZlNXTjYzbnZPeTlJZUd4MGRaSmlyTlR2UV9kU29PeUhlX19iTEVFZHRubEw3aFFqN0wwLWRGdVFDbUF6UTVuWW1zVlE0U2RUdEotSV9qWWphQkF2cFpEZEJQWjN1MmRscXVobHpIUHJxR2FsdTJndVNYb3duOWxiUElrVFd0MlJ3Q01zNWhSZVk4WHhUSFdTSnB0R2RMajVqY2FCRkFCLVVDejBObVNWVUVhUF8taFF2MDdGOVZhTUw3UzBfUmpJX3ptemxHd25IaHRXdHNFWDdySWY0bHFJT0szbU43LVl3UjZzWDZxZlE2aGNRdzJQd01iRWRTX2RjeVNuSVd5TWVmVjRaOFlDTkJGX01vbDRuQkk4MVhERGw1MS1mMU1ndDFMY19LckdsZXVrREtpbFNqM0hESHkyUC1CYmF3Rld5R1d1RlM1QXc5bjBIaklnTEhBQTNLX2NpYm1DWjFBdzJrQnpxcXJoTUFEN2ZTSWMzblYtTmw2aW9BVjFTbkZPMU9GbmQ1TGdZeHRCMWRnbVUtVjBEOU1hRk1walVVJTI2cCUzRCUyNCU3QkVNWF9CVVJMJTdEJTI2YWlkJTNE HTTP 302
https://biddr.brealtime.com/check_gdpr.js

Request Chain 208

https://ghent-aws-fr.bidswitch.net/imp/0.05610/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104562_Qrtbwp_R_I_WAUCTION__PRICE_X-zyirBqH7LG__xVfbESZzFRDP7tIYXQCm10_Qrtbdata_RO-DGEutRE__Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi__GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn____nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/qIwF9rwTBtSNF-FLpbowR07yghdYF6d9d_jfAlaDu5I0mzj9VbihfnXBB2RcpOXqqEQU8lOMDINtcWfYB5dNIREOOrOLONK6mtQ4WSTd1ugES6Ygbtl76h72fAF_mWXJm_m6JLPklADXDjhcYczailEwGbRUH03ogWN-CIUPM5y-KM6jv9T1d8unUhvxnSPe17LZ9-Q3SMtIVoT1riEXpkntYCgBX0125_dUtdf55E42rhrOruY2TZt2Z2Vobc3dp2CKqN7XHSRe7zV29i5Dirvdxm19LAjenZnSuqv7HpOU2nUiiqNQb5GE4bW4oqd0hoKEvo-To374VeKZV6b7C7oJvwyDiyAy0FI4wBYLPPT4-G-SkiHSRiNGyC7uNjTgwZO7qP3q3NAPRftSw18J_PgMcYjRmH6VQRJk8xQYJ-N1lJdthJ7iNmRWLeQ96KCwMT9FA7lkg8KCV9RkIXUotkHwNyPXE5B9O3zaj40kRPk49zrub4ZJpRLXk0vMshczlD6Y2P3IuLA2LcsHIcozhoCdXskwsQD_nYk5Ix9jlpc05zTp5jpXjbyp_fs6oBbj7vXWl4l2mOKw9tmiZFK4CO9e9lCyjlJDJLe50elAWzMtnyg73PKbmqfdQmzCzZMLewqyTAy7hiSkhjred3TJpwrgSxljfTE-Ju4ZjrG4di82PGsumYDjgP8nCa_vlw7BUOeqvV1rKr_HGjbnre14RoSiTOAQeDhOjTzwoTTFBiQUhvmUqs0GFl8aAi0DE4xi8T4wLlajA-YtDUjjraaiDtNYskpn-pR4ieheo6aL_FbnBR9gGtWjlDe1cBJrAqn94_XFk5jurc71lImLHZAvpOB4j5jBQW_96mQj_kwnxSJ4SqirzNsjcv560jDjKJuBnHpFo37bDNNvd6JIMrPs8o891Yyk5RFwqdPofdJbulvk-AG65DXkpCLNxI5wXRRDeW6kNCM2o0cNW3bhLrXqv3fcwYDgVmc0eshWW0df6Izl5poL-_bdYUyuNA/$%7BCLICK_URL_ENC%7D HTTP 302
https://track.adform.net/adfscript/?bn=37104562;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=O-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D

Request Chain 209

https://aws-fr-sync.bidswitch.net/sync?ssp=emxdigital&dsp_id=70&imp=1 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=emxdigital HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=emxdigital HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=780708691027848781&ssp=emxdigital HTTP 302
https://e1.emxdgt.com/put?d=d21&uid=65a26055-1651-4a6f-8df9-cc14a7182651&gdpr=&gdpr_consent=

Request Chain 210

https://imp-euro.emxdgt.com/imp/?cp=0.05610&ts=1668148672&seat=70&w=728&h=90&pb=0.04488&sid=1132&tid=78589&pid=413&uid=68781668148672332013f1&wid=21&dom=www.pobjeda.me&tp=0.05610&mt=1&dt=2&st=1&os=&ip=217.114.215.132&sz=&country=DE&region=TH&city=Erfurt&zip=&dma=&agency_id=&cluster=euro-hb&browser=chrome&rf=www.pobjeda.me&data_fee_type=&data_fee=0&clstr_nm=header-bidding-euro-4&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.110%20Safari/537.36&make=&ifa=&adom=ad4m.at&cat=3&gdpr=1&crid=70_37104562&burlv2=aHR0cHMlM0ElMkYlMkZnaGVudC1hd3MtZnIuYmlkc3dpdGNoLm5ldCUyRndpbl9ub3RpY2UlMkZlbXhkaWdpdGFsX2JpZCUzRnJpZCUzRHFJd0Y5cndUQnRTTkYtRkxwYm93UjA3eWdoZFlGNmQ5ZF9qZkFsYUR1NUkwbXpqOVZiaWhmblhCQjJSY3BPWHFxRVFVOGxPTURJTnRjV2ZZQjVkTklSRU9Pck9MT05LNm10UTRXU1RkMXVnRVM2WWdidGw3Nmg3MmZBRl9tV1hKbV9tNkpMUGtsQURYRGpoY1ljemFpbEV3R2JSVUgwM29nV04tQ0lVUE01eS1LTTZqdjlUMWQ4dW5VaHZ4blNQZTE3TFo5LVEzU010SVZvVDFyaUVYcGtudFlDZ0JYMDEyNV9kVXRkZjU1RTQycmhyT3J1WTJUWnQyWjJWb2JjM2RwMkNLcU43WEhTUmU3elYyOWk1RGlydmR4bTE5TEFqZW5ablN1cXY3SHBPVTJuVWlpcU5RYjVHRTRiVzRvcWQwaG9LRXZvLVRvMzc0VmVLWlY2YjdDN29Kdnd5RGl5QXkwRkk0d0JZTFBQVDQtRy1Ta2lIU1JpTkd5Qzd1TmpUZ3daTzdxUDNxM05BUFJmdFN3MThKX1BnTWNZalJtSDZWUVJKazh4UVlKLU4xbEpkdGhKN2lObVJXTGVROTZLQ3dNVDlGQTdsa2c4S0NWOVJrSVhVb3RrSHdOeVBYRTVCOU8zemFqNDBrUlBrNDl6cnViNFpKcFJMWGswdk1zaGN6bEQ2WTJQM0l1TEEyTGNzSEljb3pob0NkWHNrd3NRRF9uWWs1SXg5amxwYzA1elRwNWpwWGpieXBfZnM2b0Jiajd2WFdsNGwybU9Ldzl0bWlaRks0Q085ZTlsQ3lqbEpESkxlNTBlbEFXek10bnlnNzNQS2JtcWZkUW16Q3paTUxld3F5VEF5N2hpU2toanJlZDNUSnB3cmdTeGxqZlRFLUp1NFpqckc0ZGk4MlBHc3VtWURqZ1A4bkNhX3ZsdzdCVU9lcXZWMXJLcl9IR2pibnJlMTRSb1NpVE9BUWVEaE9qVHp3b1RURkJpUVVodm1VcXMwR0ZsOGFBaTBERTR4aThUNHdMbGFqQS1ZdERVampyYWFpRHROWXNrcG4tcFI0aWVoZW82YUxfRmJuQlI5Z0d0V2psRGUxY0JKckFxbjk0X1hGazVqdXJjNzFsSW1MSFpBdnBPQjRqNWpCUVdfOTZtUWpfa3dueFNKNFNxaXJ6TnNqY3Y1NjBqRGpLSnVCbkhwRm8zN2JETk52ZDZKSU1yUHM4bzg5MVl5azVSRndxZFBvZmRKYnVsdmstQUc2NURYa3BDTE54STV3WFJSRGVXNmtOQ00ybzBjTlczYmhMclhxdjNmY3dZRGdWbWMwZXNoV1cwZGY2SXpsNXBvTC1fYmRZVXl1TkElMjZwJTNEJTI0JTdCRU1YX0JVUkwlN0QlMjZhaWQlM0Q= HTTP 302
https://biddr.brealtime.com/check_gdpr.js

Request Chain 365

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Km-lSrmNTjyyjtE1nhE6ww&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Km-lSrmNTjyyjtE1nhE6ww

Request Chain 366

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFDNE5EMkItMTktQ0lNWQ==

Request Chain 367

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/fIuJxH8rglX8AFf9N2aaqMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5033346967806502393

Request Chain 368

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=c9G4ywPfTwGMPhUqTbm5tw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=c9G4ywPfTwGMPhUqTbm5tw

Request Chain 370

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAC4ND2B-19-CIMY

Request Chain 371

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAwFzDZ9JOpjBCwYBS1sjz8&google_cver=1

Request Chain 372

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGIwNDk2OTRjYTEwZjRmZDJhMWYwODg0NTU1MDZmMzk4YTA2Y2I5Zg

Request Chain 373

https://gum.criteo.com/sid/json?origin=publishertag&domain=pobjeda.me&sn=ChromeSyncframe&so=0&topUrl=www.pobjeda.me&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=pD7aKXxOWUxDdEx0eXFXQjQvcGhwbzEvRjB4QjJ4T2loSG1WWGxVdlhHWE9uUHVwQXFjQlRsWm90S2lRTkFkTzAwZmhVeGpzcFZ0RUpBWHEveTFDVVJ2VVFLNGQrR1NPRWY3M28rM1djOUFJR1E0MXJSVWhwaTlUcmsvQjhJaGdmVWRLQWxUYVpFY2JNTzZncFJ3TjlCdldib2l5ekdHUzVvN25FWXl1OTlMUnFMeDBNUEtGNWh3MGdqaHQ5RWFKOEpHNFErWDFHMzc5aitNK0VlR1VlVk45VjVCamZDM0gxUytacVdORzd4b3FqQmY3MkZpeDlWOEpPL3hLMElnZjVQU1lyT0YzMzVWR1FtZjZKNUZkemozQVcvdz09fA&cppv=2

366 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pobjeda.me/
Redirect Chain

http://www.pobjeda.me/
https://www.pobjeda.me/

16 KB
6 KB

110ms
59ms

Document
text/html

2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pobjeda.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af19bbef2659e37e94f84cd4eaeeb6f2c2b308181aabde34145d6ae01e19276a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 768505822c159bb8-FRA
content-encoding: br
content-type: text/html
date: Fri, 11 Nov 2022 06:37:49 GMT
last-modified: Mon, 10 Oct 2022 06:08:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i7RSLVt2UdsYUjhcqUIIDso8MA3KWi0qpNkvWpa1ZsgSG8wxASLT3bwCmDsm38S0g8Jy3sUVDyDfzGzilKNdNjntTVY0tOHwWZMYVMWeUV1fXEMSuO%2FoV0Hho81d8oxmsdDS1ERlsdK%2FJ9t"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 768505817d3091de-FRA
Connection: keep-alive
Content-Type: text/html
Date: Fri, 11 Nov 2022 06:37:49 GMT
Location: https://www.pobjeda.me/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cGrIF%2BMEJswFdgbmKjZIaaaEiAwKlWRi4QOwUPgDdbPee4t3SzfT%2FVNzA37HMUYTQduPM%2F8ul%2FachxBT82bccH4eRcaj%2B%2BC%2BPtiVh2L1uqmfet%2FrGPNj84XvsLHUS4YbXk2NIpDnQz47Ljw"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 main.5c8792c9.css
www.pobjeda.me/assets/styles/ 312 KB
41 KB 36ms
35ms Stylesheet
text/css 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pobjeda.me/assets/styles/main.5c8792c9.css
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757f774f3f4eee76182bc5f7f096c9ae01a6f01b59cb556caeca279402429f91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Aug 2022 10:51:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3835680
etag: W/"62fa2535-4e05a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5prEhAkvlSGbINalTilVQhe7UybjhDS0eDPxZkl3TmjTkZlL9WQixLz%2BhXby16JxtrAqsTb0tERL2TXWKbNyj%2BhxZE9BI44iJ%2BZHcmYQhRx7v0VtFdPjSeDhDMyfKbEcKaKD%2FYeFbSPwOEvY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 768505828ce49bb8-FRA
expires: Wed, 27 Sep 2023 21:09:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 84ms
31ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-147158618-1

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c62e27e1c85bc201dc895f5907d6edbe6f1e986467ead6f0d6f112630e9aa8f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44662
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Nov 2022 06:37:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
54 KB 117ms
62ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6675d9c8d29926adc68dc569da2871057ab374c4de08f4e098b95d69d543f30b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55147
x-xss-protection: 0
server: cafe
etag: 17546122133737323232
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 06:37:49 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 99ms
33ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f35f1c7530f7024e1bfe728071e547c04bdfff8955d0bfc9a514f10c6dcb6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27315
x-xss-protection: 0
server: sffe
etag: "1390 / 286 of 1000 / last-modified: 1668121631"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Nov 2022 06:37:49 GMT

GET
H2 200 ico_appstore.7f6485de.png
www.pobjeda.me/assets/images/ 7 KB
7 KB 58ms
57ms Image
image/png 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pobjeda.me/assets/images/ico_appstore.7f6485de.png
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1488e66f7a0392302bd84c3dddcdd7f3cc88140aa3965067b28c5831917774c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:49 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Sep 2021 22:21:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23219630
etag: "614bac74-1c3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvGMAYWsF72jj90iyRdP49hK7qutEXt%2FzDiBsjvKPXBqHBhMjfoUFUxs63kah4R48wpQ6YY4nz%2FngQdGbdSj%2BHaiL6MP2g45fh%2FjmMxUoRyzfmiXPEjf%2FCMr75pwc%2F%2BfnZj92l3RtkaXo4%2B3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76850582fdd69bb8-FRA
content-length: 7228
expires: Wed, 15 Feb 2023 12:43:59 GMT

GET
H2 200 ico_googleplay.2a1489a6.png
www.pobjeda.me/assets/images/ 7 KB
7 KB 58ms
58ms Image
image/png 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pobjeda.me/assets/images/ico_googleplay.2a1489a6.png
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 348ed6c258020358bbf38e5e66b76d6b04973468391cd212a786c4ad3c62bbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:49 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Sep 2021 22:21:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 22083539
etag: "614bac74-1c16"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umZS%2F3q0eo8b7DarU4s2TB56ronXKkQxgnJT9QCBSBDyhMKO7UXcqgxXz5xW63iaUbqPVh%2BnUyqd1qRxupE8ziP7K8wB11iNDNlb0oz%2Bm%2By9yvABuhnCoNXDcVhKOe%2BwJV%2B%2BIx0%2Br5Lfa%2BQD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76850582fdd99bb8-FRA
content-length: 7190
expires: Tue, 28 Feb 2023 16:18:50 GMT

GET
H2 200 plugins.53237a88.js Show response
www.pobjeda.me/scripts/ 602 KB
198 KB 42ms
42ms Script
application/javascript 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pobjeda.me/scripts/plugins.53237a88.js
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d54b20ff199d0bbe8de24a41733a2a30176c4a0764f7c127b1ca0a2ec9631bfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Dec 2021 07:42:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 25052944
etag: W/"61cac001-96780"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJRBCVarxlPbPGpEfu8ms5k7SwVjFk%2Bty2jD3FTAqTVfgBTxizg838ErS0gWeqYk9g3KzK185qD%2B28wLpCSkZ%2FfcQRw1F%2B0FBlyhPx04Wg6r9TtMe6uZj7I5mMwZFOqX%2Fhd0ViSosHimGMRZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76850582edb69bb8-FRA
expires: Wed, 25 Jan 2023 07:28:45 GMT

GET
H2 200 webapp.7c0d78d1.js Show response
www.pobjeda.me/scripts/ 165 KB
38 KB 56ms
55ms Script
application/javascript 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pobjeda.me/scripts/webapp.7c0d78d1.js
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 878ae9787dc9d444c4fa3b9fdfbfc2d7e2b3582ec1cfebb66a8247a9c87ac00b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2022 06:27:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8467809
etag: W/"62ecb85a-294ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqAzm7nmXK9FYAU0a%2BE8eyg%2Ff2BlQk9n7HiYK9y8mePC2nO9FLGuBvoCw8FkrKaduj700pOQoIH%2FZqtSSQ3VG8g4jQTlO%2FCLQ9BO38SIU7HSI4Ret%2FOlJ%2FdDmb6lUcLbX4Q5Xaw5WkfYZlKw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76850582fdd09bb8-FRA
expires: Sat, 05 Aug 2023 06:27:40 GMT

GET
H2 200 templates.d8618a1a.js Show response
www.pobjeda.me/scripts/ 225 KB
39 KB 54ms
53ms Script
application/javascript 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pobjeda.me/scripts/templates.d8618a1a.js
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85db1f2725a2a4229dcdb182f8c98227d50767d3cb461d4498f6abfc7b2e3309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Oct 2022 06:08:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2766577
etag: W/"6343b6c8-38567"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gD%2B3sdhPk08MLMhyCfku8ti2MA6I3EValLcNCODrVIj8Zd950jldCxHQR1HcynrYHQaoGcDWXwJL4DqcmDByvbHscffiRYFQcIspdf3ooDGc1%2FXkA3smS0fLrQXTybIsZWli716dlml4g3h2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 76850582fdd29bb8-FRA
expires: Tue, 10 Oct 2023 06:08:12 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 72ms
24ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Nov 2022 06:37:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 05CDtrlYo7EvGPwfbauLeY9WE4QeEuITJBk9vBSx3mS8kCmTNHVhTW4GJe2fRPUS819K1WITdY1g8Aedpej5jQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
74 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BPRBRMW9X3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-147158618-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f2b776271f48be10ac3b9f1d78c9b80c8906c19dbccbf8a1f27ec12aa2d8278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75989
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Nov 2022 06:37:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 76ms
24ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-147158618-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Nov 2022 05:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4916
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 11 Nov 2022 07:15:54 GMT

GET
H3 200 389079698651695 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 51ms
26ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/389079698651695?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f19291c55ffeacf962bbc77a8f01303798a53387554aec7343bd45980846747b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 11 Nov 2022 06:37:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86002
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: vKjIj8ABoThw2OMLXmci221V7ynGjR6z5hhA4poCvajczGpMUIpH7XkKwOtQVekZE/od3TszT6wEijtyd6ZTDg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 3 KB
2 KB 85ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js?_=1668148670026

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/scripts/plugins.53237a88.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 735756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1046
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlKt%2FClVgDrNDeSRbLuQvKWG1%2By4ruAn7Xbn6ijdqpPvJeaDqQnSHBrmHv5a46dY0fs9iUmyR1eNyf0ss5Y6Ea51Aa06Wc5h0SUM5cDbwcqXw1jUwW4it47kwbciyPedJYYungh%2BGeYdrdVaIi0Oj%2BSH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 768505841e369bb6-FRA
expires: Wed, 01 Nov 2023 06:37:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 102ms
46ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,400,700|Rubik:300,400,500,700&display=swap&subset=latin-ext

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08c4bac1911b3376bbc0e223f89698b70536f43965c6a2afb77f49fecebe9d35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 11 Nov 2022 06:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 06:37:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Nov 2022 06:37:50 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 94ms
37ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

874e87fa935e7bccb5fa562bb4796cb9016ffda5fe036c748cd6458de421bf67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 11 Nov 2022 06:37:50 GMT

GET
H2 200 hotjar-1554296.js Show response
static.hotjar.com/c/ 4 KB
3 KB 112ms
27ms Script
application/javascript 108.138.7.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1554296.js?sv=6

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-127.fra56.r.cloudfront.net

Software

Resource Hash

6f4ad34e736a0227aabb0e4c05db656857cd951be7c3af379e2dd473721b9e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 11 Nov 2022 06:37:50 GMT
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 33
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/595ab7221599cf3db08a3a9e7a1aa541
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: kHQScKTFt6dUv7YuDJvoFf_GrpG-aCrrmsKuaWViFyzD4Is20ebVdA==

OPTIONS
H2 200 details
api.pobjeda.me/v1/ Frame 0
0 133ms
45ms Preflight
application/json 2606:4700:20::ac43:4a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pobjeda.me/v1/details

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: fl-access-token,fl-articles-hits,fl-website,locale
Access-Control-Request-Method: GET
Origin: https://www.pobjeda.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: fl-access-token,fl-website,fl-admin,locale,Content-Type,fl-articles-hits,fl-api-response-type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 768505851bd3915e-FRA
content-encoding: br
content-type: application/json
date: Fri, 11 Nov 2022 06:37:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffjIBvi571AAlcXC3BKpUYnmyto%2Fv%2By5ZWZLcPXhVkWxQZWKpSJ8%2FO2V4%2FtxElPPcaR7x70FiNunwQ6X3pYv66D3ZxrVa9QVT98TOeVABW7cCw4aAIH1L6MXVaulFlZusjtI61GkA55p%2FvvI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 139ms
38ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/scripts/plugins.53237a88.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Fri, 11 Nov 2022 06:37:50 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 details Show response
api.pobjeda.me/v1/ 48 KB
4 KB 50ms
50ms XHR
application/json 2606:4700:20::ac43:4a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pobjeda.me/v1/details

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/scripts/plugins.53237a88.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52e9779aa23669f58f3c3b46608b9c220dee7c25d8fdac95b4f27b6fd55212b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
locale: me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
fl-articles-hits: 0fa23e93-9a02-4581-9391-e7f7e0dce860
Accept: application/json, text/plain, */*
Referer: https://www.pobjeda.me/
fl-access-token: null
fl-website: true

Response headers

date: Fri, 11 Nov 2022 06:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.pobjeda.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GL360ciO449g61itUr8GJEtuKhjzDqmU%2BN4yEp65NU7zR1AzDN1JfaX83ffyJ025TbSNOkab62wvocCqFF8x6gQafZDYa7M%2Fh6fzCh1GKoCB%2BZd2baXpDsVJkpaH29fqLYNAbouAQ73RPY3q"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
cf-ray: 768505856c6c915e-FRA
access-control-allow-headers: fl-access-token,fl-website,fl-admin,locale,Content-Type,fl-articles-hits,fl-api-response-type

GET
H2 200 pubads_impl_2022110801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 87ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131898
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:38:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Nov 2023 11:54:48 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 71 B
694 B 94ms
30ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.pobjeda.me

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e96aa0b33182cc05f49f6308f2db4cbea0b6f9cd47e79b8dd15735d6b13bdc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:50 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 79ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BPRBRMW9X3&gtm=2oeb90&_p=95691678&cid=614322669.1668148670&ul=en-us&sr=1600x1200&_s=1&sid=1668148670&sct=1&seg=0&dl=https%3A%2F%2Fwww.pobjeda.me%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BPRBRMW9X3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/ 355 KB
117 KB 103ms
55ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2610418223630718&plah=www.pobjeda.me&bust=31070830

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17dd8a0c0cd221b87a63fdbdd2163adf55a8dcb0d66a3368d4bdb85704f713c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119503
x-xss-protection: 0
server: cafe
etag: 12862366289971183033
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 06:37:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/ Frame 485F 10 KB
5 KB 73ms
22ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 20:01:29 GMT
etag: 10353107486223812946
expires: Thu, 24 Nov 2022 20:01:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v21/ 33 KB
33 KB 84ms
31ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,700|Rubik:300,400,500,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pobjeda.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:17:16 GMT
x-content-type-options: nosniff
age: 292834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33580
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 21:17:16 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 73ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,700|Rubik:300,400,500,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pobjeda.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:03:44 GMT
x-content-type-options: nosniff
age: 192846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 01:03:44 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 74ms
29ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=95691678&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pobjeda.me%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1925270122&gjid=471761456&cid=614322669.1668148670&tid=UA-147158618-1&_gid=2109198799.1668148670&_r=1&gtm=2oub90&z=1773023726

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 71ms
23ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=389079698651695&ev=PageView&dl=https%3A%2F%2Fwww.pobjeda.me%2F&rl=&if=false&ts=1668148670298&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668148670297.2139732741&it=1668148670010&coo=false&rqm=GET

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Nov 2022 06:37:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/c4225c42/www-widgetapi.vflset/ 161 KB
53 KB 66ms
21ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c64fcbaf5909fcab9ad263ef654d029a486aac70414f6504a0c7d3f04a93fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 22:15:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53867
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 10 Nov 2023 22:15:10 GMT

GET
H2 200 modules.161a981e5a2b8d0e6270.js Show response
script.hotjar.com/ 262 KB
67 KB 85ms
26ms Script
application/javascript 108.138.17.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.161a981e5a2b8d0e6270.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1554296.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-79.fra56.r.cloudfront.net

Software

Resource Hash

84fd546c645b59fd37fe279dad317df63fb7b3e2acec2fc7c740afdc94945f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 15:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 56083
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68494
last-modified: Thu, 10 Nov 2022 15:02:59 GMT
etag: "5316b8be12a3303e0d46fbc96b5f7f2a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: SctMgqKOXMy1JCUBd5XE9JPGHbgIjSa7ot0PmMaTEHmyH1GcqtmV-w==

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 71ms
21ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:50 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=38350
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

OPTIONS
H2 200 naslovna-strana
api.pobjeda.me/v1/pages/ Frame 0
0 43ms
42ms Preflight
application/json 2606:4700:20::ac43:4a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pobjeda.me/v1/pages/naslovna-strana?extended_fields=seo_image,image,gallery.media,featured_gallery.media,video_cover_image,landing_page.modules.header_tags,landing_page.modules.banner,landing_page.modules.articles.image,landing_page.modules.articles.category,landing_page.modules.articles.author.image,landing_page.modules.articles.authors.image,landing_page.modules.articles.gallery.media,landing_page.modules.articles.featured_gallery.media,landing_page.modules.articles.video_cover_image

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: fl-access-token,fl-api-response-type,fl-articles-hits,fl-website,locale
Access-Control-Request-Method: GET
Origin: https://www.pobjeda.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: fl-access-token,fl-website,fl-admin,locale,Content-Type,fl-articles-hits,fl-api-response-type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 76850585fdbc915e-FRA
content-encoding: br
content-type: application/json
date: Fri, 11 Nov 2022 06:37:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvWytKjvaT3xqfDyvQ20%2FXaRt7moaoxWAshtG9qvWyhcc3MybkABjBAqB06t1UIra9%2FkxJwgKKW306KspE6pBYjxORki6GOy1JSPt2uWBPkMmW1CBDCEQUVqt%2BAy2PjSVNlITNT2ZKqyrTuQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 naslovna-strana Show response
api.pobjeda.me/v1/pages/ 203 KB
20 KB 66ms
66ms XHR
application/json 2606:4700:20::ac43:4a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/scripts/plugins.53237a88.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f93d903c5e237bdfea596f6a87f49505b1106bb036cdcbf9bdb88b33910a37d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

fl-api-response-type: slim
accept-language: de-DE,de;q=0.9
locale: me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
fl-articles-hits: 0fa23e93-9a02-4581-9391-e7f7e0dce860
Accept: application/json, text/plain, */*
Referer: https://www.pobjeda.me/
fl-access-token: null
fl-website: true

Response headers

date: Fri, 11 Nov 2022 06:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.pobjeda.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOFkFgxakkmmaQYw8hBnZsk7dj3xkbqy2d%2BPd47P%2Bca6RHOr9c21EmTbIv1IMPEeZI7mmSx8dQiR%2FEQTaB9kxgG8%2BRGEllvN7I6606e7HZyWfT%2FD8sQlofzesYmvfvfGb1HGI%2B%2BDUJXtB7TL"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
cf-ray: 768505864e45915e-FRA
access-control-allow-headers: fl-access-token,fl-website,fl-admin,locale,Content-Type,fl-articles-hits,fl-api-response-type

GET
H3 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 81ms
26ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,700|Rubik:300,400,500,700&display=swap&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pobjeda.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 03:47:50 GMT
x-content-type-options: nosniff
age: 96600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 03:47:50 GMT

GET
H3 200 iJWKBXyIfDnIV7nPrXyi0A.woff2
fonts.gstatic.com/s/rubik/v21/ 17 KB
17 KB 76ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nPrXyi0A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,700|Rubik:300,400,500,700&display=swap&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90ebbbbaded0b3957104970c5523090c52c7863ad78cce4f9258f576e154397e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pobjeda.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 19:12:37 GMT
x-content-type-options: nosniff
age: 213913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17188
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:12:37 GMT

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ 14 KB
14 KB 85ms
36ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,700|Rubik:300,400,500,700&display=swap&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6eedf7e6d72d844f2c64732129b7112906137772ef9e5654d6f668295ce816a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pobjeda.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:28:07 GMT
x-content-type-options: nosniff
age: 583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14652
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 06:28:07 GMT

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ 18 KB
18 KB 94ms
47ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,700|Rubik:300,400,500,700&display=swap&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pobjeda.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:50:29 GMT
x-content-type-options: nosniff
age: 560841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18416
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 18:50:29 GMT

GET
H2 200 box-c6ca1c87e308a39aabb76b56ba54398b.html Show response
vars.hotjar.com/ Frame 501D 2 KB
1 KB 82ms
22ms Document
text/html 18.66.147.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1554296.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-113.fra60.r.cloudfront.net

Software

Resource Hash

a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 584144
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 12:22:06 GMT
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-id: F4e7QarCQEQw3xMwHtwveEq9GIniq4rMpJkMhdgtDbjdAFZTwoUCww==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 99ms
33ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-147158618-1&cid=614322669.1668148670&jid=1925270122&gjid=471761456&_gid=2109198799.1668148670&_u=YADAAUAAAAAAACAAI~&z=331844346

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 11 Nov 2022 06:37:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 92ms
30ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pobjeda.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 104ms
30ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pobjeda.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 109 KB
20 KB 130ms
82ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3894180619877934&correlator=3164670564700154&eid=31070746%2C31070739&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fifs&iu_parts=21870299330%2Cheader_728x90%2Cside_left%2Cside_right&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%2C300x600%7C200x600%7C160x600%2C300x600%7C200x600%7C160x600&ifi=2&adks=3523127945%2C3494706769%2C889116296&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1668148670613&lmt=1665382088&dlt=1668148669836&idt=731&adxs=469%2C-148%2C1448&adys=51%2C235%2C235&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.pobjeda.me%2F&frm=20&vis=1&psz=728x-1%7C300x0%7C300x0&msz=728x-1%7C300x0%7C300x0&fws=512%2C512%2C512&ohw=0%2C0%2C0&ga_vid=614322669.1668148670&ga_sid=1668148671&ga_hid=95691678&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fdb5cdb66c0374491a20498218d2691fdeece6b310f5bbbfabf8d376e4ce76f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20264
x-xss-protection: 0
google-lineitem-id: 5835059699,5468688676,5468688676
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138371147504,138322585321,138322198806
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ffd259c51ee25b834de944bba428f30d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E0B3 6 KB
3 KB 117ms
30ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffd259c51ee25b834de944bba428f30d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 06:37:50 GMT
expires: Sat, 11 Nov 2023 06:37:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 articles
api.pobjeda.me/v1/ Frame 0
0 68ms
68ms Preflight
application/json 2606:4700:20::ac43:4a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pobjeda.me/v1/articles?extended_fields=authors.image&limit=10&order=DESC&orderby=published_at&published_at_from=2022-11-09+00:00:00

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: fl-access-token,fl-api-response-type,fl-articles-hits,fl-website,locale
Access-Control-Request-Method: GET
Origin: https://www.pobjeda.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: fl-access-token,fl-website,fl-admin,locale,Content-Type,fl-articles-hits,fl-api-response-type
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 76850588aa94915e-FRA
content-encoding: br
content-type: application/json
date: Fri, 11 Nov 2022 06:37:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MI5yQuFFoSiHs%2BtNCChdoBTw0Gjmv%2B8k%2BSzFfLpdQSiQj%2BND4unlw%2F2GkSJYnC8UyTOrH%2FItHN4VSJyhUJhPhjF4bxrvFUkMNprEjrxJzmh1327GD8bK%2B%2BMXNon4QoVFrkb8ceMZX%2Bec%2Bj7s"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 module-s-i_972x330.264c837d.jpg
www.pobjeda.me/assets/images/site/modules/ 83 KB
84 KB 53ms
53ms Image
image/jpeg 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pobjeda.me/assets/images/site/modules/module-s-i_972x330.264c837d.jpg
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/assets/styles/main.5c8792c9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b40aec8051325c42f92eb30db8838c574fdb9c13b0db1a9655a8081d09b29e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/assets/styles/main.5c8792c9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5224
content-length: 85188
last-modified: Wed, 22 Sep 2021 22:21:40 GMT
cf-bgj: h2pri
server: cloudflare
etag: "614bac74-14cc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d70PuY9pDTwOEflKFW70dsb%2FfxTEfy5pqhuXJJ3fdM2J4m%2FAYRY6%2BPoP296ZxXtJ4BjGVeVvWQpZrPn0ym329yf40M0pPpkwh9SQT9fj2DMnWIFQrhV5ULzVmzq1WJJ37RmGlWnPwv9u2cEd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7685058829129bb8-FRA
expires: Sat, 11 Nov 2023 05:10:46 GMT

GET
H2 200 articles Show response
api.pobjeda.me/v1/ 19 KB
5 KB 55ms
55ms XHR
application/json 2606:4700:20::ac43:4a6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pobjeda.me/v1/articles?extended_fields=authors.image&limit=10&order=DESC&orderby=published_at&published_at_from=2022-11-09+00:00:00

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/scripts/plugins.53237a88.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca16d28f8926a6f3fe073723f473e227955d934d3d8a37401206f484a243fba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

fl-api-response-type: slim
accept-language: de-DE,de;q=0.9
locale: me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
fl-articles-hits: 0fa23e93-9a02-4581-9391-e7f7e0dce860
Accept: application/json, text/plain, */*
Referer: https://www.pobjeda.me/
fl-access-token: null
fl-website: true

Response headers

date: Fri, 11 Nov 2022 06:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://www.pobjeda.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYpOfHGSCcCUmidTH5fYzo0EVk8qbJ9kwAlsDQckiO5WjN8VnEBmhkNmcHAwSDhLxx797Xubm4tVOi7davlS9yS83HVqtwtFqh%2FJOHvIyW63j4%2B2253BNvM%2F9a4Fi38%2Bzuec1rMEDtpCMlz2"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
cf-ray: 768505890b50915e-FRA
access-control-allow-headers: fl-access-token,fl-website,fl-admin,locale,Content-Type,fl-articles-hits,fl-api-response-type

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 462 KB
46 KB 127ms
127ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3894180619877934&correlator=3164670564700154&eid=31070746%2C31070739&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fifs&iu_parts=21870299330%2CPozicija_1%2CPozicija_2%2CPozicija_3%2CPozicija_4%2CPozicija_5%2CPozicija_6%2CPozicija_7%2CPozicija_8%2CPozicija_9%2CPozicija_10%2CPozicija_11&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11&prev_iu_szs=970x250%2C300x250%2C970x250%2C970x250%2C970x250%2C970x250%2C300x250%2C970x250%2C970x250%2C300x250%2C970x250&ifi=5&adks=1954915683%2C2912701653%2C1443387421%2C1099688021%2C4225879160%2C3444098728%2C1660889311%2C1129519509%2C2627967284%2C3621118060%2C1337119961&sfv=1-0-40&cust_params=page%3Dnaslovna&sc=1&cookie_enabled=1&abxe=1&dt=1668148670969&lmt=1665382088&dlt=1668148669836&idt=731&adxs=315%2C1134%2C315%2C315%2C315%2C315%2C1134%2C315%2C315%2C1134%2C315&adys=219%2C842%2C3415%2C4061%2C4511%2C5157%2C5265%2C5642%2C6464%2C7355%2C9489&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ucis=4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.pobjeda.me%2F&frm=20&vis=1&psz=970x0%7C304x0%7C970x0%7C970x0%7C970x0%7C970x0%7C304x0%7C970x0%7C970x0%7C300x0%7C970x0&msz=970x0%7C304x0%7C970x0%7C970x0%7C970x0%7C970x0%7C304x0%7C970x0%7C970x0%7C300x0%7C970x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=614322669.1668148670&ga_sid=1668148671&ga_hid=95691678&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ed5d7be15105e58b524a46815e2d4747fbe77b29d3e405079355ba287523d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46598
x-xss-protection: 0
google-lineitem-id: 6146650515,5746834270,6129248354,6056746214,6130336702,6149164281,5834375923,6041969245,6020662288,5835035198,6131200487
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138411114297,138410108589,138407149796,138396895523,138408051265,138411567305,138371215059,138394968153,138392821501,138371143790,138407545728
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
694 B 98ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.pobjeda.me&callback=_gfp_s_&client=ca-pub-2610418223630718&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2610418223630718&plah=www.pobjeda.me&bust=31070830

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ba8de580137c15b453183bdeacb94ee00ced53fd2c638a884bf3da3406158a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.pobjeda.me%2F&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E051 603 B
69 B 112ms
65ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2610418223630718&output=html&adk=1812271804&adf=3025194257&lmt=1665382088&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.pobjeda.me%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668148670240&bpp=3&bdt=404&idt=770&shv=r20221109&mjsv=m202211080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2776242277272&frm=20&pv=2&ga_vid=614322669.1668148670&ga_sid=1668148671&ga_hid=95691678&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070616%2C31070830%2C44770880%2C44775016&oid=2&pvsid=3894180619877934&tmod=1817235884&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=810

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 06:37:51 GMT
expires: Fri, 11 Nov 2022 06:37:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 89ms
36ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147158618-1&cid=614322669.1668148670&jid=1925270122&_u=YADAAUAAAAAAACAAI~&z=90063125

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 97ms
44ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-147158618-1&cid=614322669.1668148670&jid=1925270122&_u=YADAAUAAAAAAACAAI~&z=90063125

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 46ms
22ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=389079698651695&ev=Microdata&dl=https%3A%2F%2Fwww.pobjeda.me%2F&rl=&if=false&ts=1668148671144&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Po%C4%8Detna%20-%20Najva%C5%BEnije%20vijesti%20svakog%20dana%20-%20Pobjeda%22%2C%22meta%3Adescription%22%3A%22Pregled%20najnovijih%20i%20najva%C5%BEnijih%20vijesti%20dana%20iz%20Crne%20Gore%20i%20svijeta%20na%20portalu%20Pobjede.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Po%C4%8Detna%20-%20Najva%C5%BEnije%20vijesti%20svakog%20dana%20-%20Pobjeda%22%2C%22og%3Asite_name%22%3A%22Pobjeda%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Pregled%20najnovijih%20i%20najva%C5%BEnijih%20vijesti%20dana%20iz%20Crne%20Gore%20i%20svijeta%20na%20portalu%20Pobjede.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.pobjeda.me%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.pobjeda.me%2Fassets%2Fpublic_images%2Fpobjeda-social-media-placeholder.jpg%22%2C%22og%3Aimage%3Aalt%22%3A%22%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668148670297.2139732741&it=1668148670010&coo=false&es=automatic&tm=3&exp=d1&rqm=GET

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 11 Nov 2022 06:37:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 090F 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXLwtlf4oXp1QOtvfPP58KBpEz9Foxf8qK3FCLY6DGmR9_VDru9HxLQgvJlFL4HJtW6IsMF44v8FmAjWjtgse6u2vaQMGfbGBqSp0xmPZylodBiJBWay6nH7wSXxSXScAgTnkeaqY4rEIx7dEKL8s9Ex19hnDejVeOfT8mdaaMo4tZp4v6z9VbZq2Un4h0dIgDrTFCsZoE43ZghT26X_MX8eDHGgX_BMWdSZ1SMfOTOrj1vud78dDAdZM992Os3FqCaAQWsI4lP8KwEkBi_1s6w96C-XDRkqApCY46Rksk31SSsrsIkzUzB1K8lMpqLpQ&sai=AMfl-YSAZ39jFazcJUCHGv_MwoKIdvAVU14V4cB33t9UKhRR5Gy4UQdzrqoi26EqKUXRyQv1-Lg0zWiCspAf5UJkqNj43mmwedzFwFA2DIGkiow6Z3Dw3CKkX2Fxha2b1_0zcA&sig=Cg0ArKJSzDai25b8VUZXEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 090F 23 KB
9 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:22:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 090F 3 KB
1 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:21:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 090F 0
0 83ms
33ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyVoqa7mLYUJNem0DNtWCuaLFY-4C81FufqrUOfe8miGmsR1Ja7xZWTyxJ7L5oUkrTqZuFURk-EF6rMD46qDaS2ivF9Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 090F 154 KB
47 KB 156ms
111ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H2 200 713289253330192645
tpc.googlesyndication.com/simgad/ Frame 090F 113 KB
113 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/713289253330192645

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04feb3ad30df7c5bffa9a73841181ddd6c1bf40e97d8a719c3f8eec28492c2a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 10:11:12 GMT
x-content-type-options: nosniff
age: 73599
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115546
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:38:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Nov 2023 10:11:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F44 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-qhNdFjw7q2txxhNKMGrCB0AN-V3lkQdPOy7-LnmBZ4lQcjQwh-OdGYr6h2cZbGY59_k8nNtzE8GQH3whXj_Lo73zKJK3bew2dtAAl6ieGEgKKEy1nopeu4FESDyc0EDX6d8b5S9cmpBHE72O4bEE3yzW7VkV84PuoyP3wIU9S2URO8lRkGWtbSCj0dO7w5ziQqd_R7_VRjxPft8VjogX1Nv1jbJ2fRKSMHqgVMzjT_ievtpklY_6mYYwmCh3LJlrYez0bf8oZ7c8BkOT30mhhfPQWyzlwFX-rhcD4-ARWZX3kC7gMUMZSmDG4XLMi_U&sai=AMfl-YSATzZFGRk96tAwe5YQ_XNl0JPw4DCvJh44hnnIBb-IvkYSgrGvYHD9HfvuyptpG2Y59J22Bxx6LA96l_kzUpfjQvVgLQDJiXiSlNqNu_QI4wb_Z2-3NIpwHvocyMh-DA&sig=Cg0ArKJSzBX0CWyu_m6XEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 index.html Show response
lupon.media/pobjeda/2022/publish/publish300x250/ Frame 8E57 7 KB
3 KB 118ms
59ms Document
text/html 2606:4700:3032::6815:41fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lupon.media/pobjeda/2022/publish/publish300x250/index.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87aa3f4cb8cdc96f816d7d734d8cd26393b580a8bc26e882623efc6c37348297

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true true
access-control-allow-origin: * *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7685058b7905bb3d-FRA
content-encoding: br
content-type: text/html
date: Fri, 11 Nov 2022 06:37:51 GMT
last-modified: Thu, 27 Oct 2022 18:31:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkN3dm0LQVz83mYEg6%2F18OIG0wywWCTd3Ck0YYKbD7ih2dJCfa9I%2F%2F3KMEfn3pbPR8pdfId9ihTeXBsWmu4q%2FB%2BGG2Ter0Q%2F%2FCXmGymB3pAV9Pw2NdlgaM9oOE57uTO%2FoscVShvk31jVAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F44 154 KB
47 KB 100ms
64ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3FC1 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVjFpIAWKGaDB9mC6nFBbfENHnEjSq_yqucWcj5uJcnnC2GcnLJY3_Aq8Jdgb9I4vFwbOMBBdLgT6Vr5g1AvlGzCuDzl-romd6fQwSCu3Uzzp7eI96fdrPknrIYqrL4YbtXVJKz0W1DI4LsRgyHO3xGYN8j2QPmVJP6XuVXehX4-1KJ2e6e1Q9eHP2s49yrQYdmZhtS6JiNbuIvBG1kKTwBsYY6wjcAssfC12COS_kndhySe7BafLmqdY_q6SGO4cmsSgdb4YRKM8EdFn4v-dWczxZkA3Tfc4t3kjwITannZLqF8qfUIkSeSgrp02VhS4&sai=AMfl-YQzfySxBtVvZC9g2MbtCLZ_WGLdUNQ-RISRP0beOG-ntGiY4J_07jBPrcUES4h3Mr5b3LHEcwzCMj7p7Wlrs-W6h9cyE4n8W9FXPoBytgJiSzIDsD20kNRMDyeFLxnrUQ&sig=Cg0ArKJSzIDAiD1aAe0KEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 3FC1 23 KB
9 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:22:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 3FC1 3 KB
1 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:21:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FC1 154 KB
47 KB 78ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H2 200 3620063637582866575
tpc.googlesyndication.com/simgad/ Frame 3FC1 65 KB
66 KB 62ms
61ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3620063637582866575

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa79c4c023cce91d4414ed5701f2472f6e00737cc48b42e1ec60e6ab549ed15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66973
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 12:15:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Nov 2023 06:37:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 368F 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss63uVKlceppm8TckLBQMlHKpLUAoCM8GJJyv_xH4D3fkMOrYWh4BpuGDOMH9gDClhY9yL87zjRUS1P4Q8p9y9HzWiRcQunhzxmbXeVZzS9q9ZifbxwQRhEJY1JrYMuP2Gpuz5yU5syH35yRWOEQqgPajYZus2b7f152huQNA6VBa_aoNBXJRbWeS9L0a_SBx-jmZrpZIDG9P4yJ31mZeCtulskb6UyFr8vJTNHUB3TqlftM4lMQem3xVehLvJWw7U6R_ZGFS0wJ8ku1EztIo5rjK32lzDwyUK959fAtOTKuOC6UBvC7BIGaPJ-4s9Q3J4&sai=AMfl-YTXGJSRqS73332DQ83N6qkUofwefk1hikny7yskwPbxsJlfKum-dIJL7kOgMNryv65zP8VJLEjzMSMem4lRDSqUt0U0PoFdDiwPcQ0lMwgaEVLgegolRoH80whLPUVHnA&sig=Cg0ArKJSzNF7_yr_PL5QEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 368F 23 KB
9 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:22:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 368F 3 KB
1 KB 67ms
21ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:21:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 368F 0
0 54ms
32ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXTyHQxS2QfbmEKgpbD8dVho7rfhBDyTZSNCcnqP4wC8XF0BlNE7uR9iqdx6pAGjFEITDCMEqhEJU_tI3YvKyC4DDIOA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 368F 154 KB
47 KB 126ms
108ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 11810272556614929102
tpc.googlesyndication.com/simgad/ Frame 368F 28 KB
28 KB 107ms
62ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11810272556614929102

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85341bad680f57c6d24ef2b103809761e91d08b08750b128368fff6be558cbe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 02:54:20 GMT
x-content-type-options: nosniff
age: 531811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28837
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 12:38:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 02:54:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 25CF 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyQzLA_J32CQrDw74zmC01VaUWUFJ5MWDMcEiqdMXM6h-g8jVbjE8d8mSDyXMANJ7OHt54YHMV121KUJ55GtmVUZCNGPs67OxZdPiDQMPuwP5jZbn1xFgoALX85hlV4-X9GiUd9PtWcGJcjOS4FfaXxVN5_9yZXxtGiGCDPNFzQ2Oo_lCJfa8GpRtdwgElZ3yENN_JNsjxoVeP81sEY9_gw1ikLs31GGOmkfvV0pAnE7lFu-LGrkOeITQRanVN8_YVXJ8wvaHF_3Pn3YnFnjR5JEjpfVAFPq-FuhttTZzadIIESwS2MwNZ-Bq75XZAqpg&sai=AMfl-YSKWOGylmSm6UUi0kC-bT7jwYKr-bjwiPDOWBzI7UlXfjZwldqZZH3DhtZPmcRfV6J2ieW7KmsosuhkXDz-c45exIbfk88H0rAcfJIQNaWNMCbYPZaEkBWEgNkFUYI9pQ&sig=Cg0ArKJSzNf2ZWoqCGHmEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 25CF 23 KB
9 KB 66ms
28ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:22:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 25CF 3 KB
1 KB 82ms
45ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:21:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 25CF 0
0 44ms
32ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxmy-eetMgBdbeKLI5T5pCR2O01jB5BR-vK2reqyJgDc3DZ7fLv5DBX6V4n3vJUchcxMoQUFxfPCfnPAEuAhgjyVXo8Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25CF 154 KB
47 KB 122ms
114ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 1804929274056364865
tpc.googlesyndication.com/simgad/ Frame 25CF 87 KB
87 KB 92ms
55ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1804929274056364865

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

355c8da1f3f06a7d8b9043d7c43bb039dcccdcf1e0574d6d167053f3b3ec10e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 02:52:56 GMT
x-content-type-options: nosniff
age: 531895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89520
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 07:01:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 02:52:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4730 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8VDBzPh_sKkM1MOKBimLrls_9B4NhbZmaH0eJryMyPEK8w1zhe8j-LNy8vJm4y3hVXA5M7VHeAyKTI0QA-emiHYMN8OQYvFN9L_mC7laBdm3zoZgtB_fw_wRaJjYXALlTpxh8yjIejGYgTXs9m7Jg3hhrSH52IeVg0GJnITJKiTo-0_XAajmn7vNtHsM2uvZ6PG4R_8qtJVnz1-lItiyCj_1Li4KWWnTv6_n5ukOoyaZgT2fAmWjVYfu4TzRTWha27aPxVvvRG3RM_-DFlTHeK-ghDCekwioTrsq1wIW5QuiZWv7yavsNpp7VsISFq3o&sai=AMfl-YQJh4q0tHg5POr3uGMFsm1Nmg0SEbZweg4fHc17qZj6VOtgNWkLZ_H4CfxwjyqP_ZlxrCHkWqSl3XjKuPPQTE6SXvLDDHuWK-V58uDXuOo7Jql92T7H1I19aPLNahNKuw&sig=Cg0ArKJSzGVp3Zotah4ZEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 4730 23 KB
9 KB 62ms
34ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:22:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 4730 3 KB
1 KB 72ms
45ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:21:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4730 0
0 35ms
33ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3ejvSEGUTEf40vgivJpLmkCnmSFmTEZ6wLSYNuR26Jw_gfe6pFgBV3XWb-Q6938XYeRtgTQ5ngpnIG5yn0QTldp5QdQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4730 154 KB
47 KB 133ms
132ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 1320242047544985179
tpc.googlesyndication.com/simgad/ Frame 4730 237 KB
237 KB 94ms
68ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1320242047544985179

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14996648bbca198cc25c9dc87e08d07cefab0c8102ca044cdef3edc26c842468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 09:57:25 GMT
x-content-type-options: nosniff
age: 333626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242869
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 09:39:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 07 Nov 2023 09:57:25 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 814E 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKIBs5GCKZezYP-v8nJsyLjcKWiZX5jaaC3y37TeYcK-9UX-BkkjB2TfDIEjFUuW8-7bzqAxv4mvJM3KwfRsNWhjfeeKN1gkU82qtXYkNFKm-ihXqHYmT42BnPKgtfh0d325ELM3HosXk00ju03NvQhluGkkicCkSa1_gGTqLxZicgm04VKqdR2yaLiWzXvvtRDKCnyYKohpNuJhGaUzR1tBoJZFUSfHesOIJaD20pVAqTZgpCgRsVsboHwnErxJ98FHjzxuCgWo3Ctd0hSgNf5LEUdMFs-HF6rRBEM6TvdqavSznChXzj6t2-ge3t1qqSrQ&sai=AMfl-YRYKm3EJ0XVyqT7RolAsWMLapsuxPlot2X0SLej8eFXHNGavZovEuVVuuUKvY0QNFrZUDUs6HLxrE47efiEqJ6LVO6yBgJEPYzKB8H4UG4iSGvW9-WZp-v-cg-JX73X2A&sig=Cg0ArKJSzD6sXxDjotulEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 Pozicija_7_pobjeda.js Show response
adxbid.info/ Frame 814E 319 KB
96 KB 107ms
51ms Script
application/javascript 2606:4700:3036::6815:4f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:4f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bd03a57b54967bbf3c8a7e0a40028716062b4ae32c4df0cec2b718fa1c7586a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 13:34:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6295
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lS2cuVzYcBWzplZ97C%2BNnV%2B%2F7TiliNgZ5ptfKAaiJLQgePi5D02XF4PQva%2Br6CJ7WZ5cZhAZnVTH0Z0FjebhsjntesnEuABpXLaDmMJwCXk85uPrOmiPXTYfmOVCBHw40Q9%2FLE3cGRZ%2BLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 7685058bce559113-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 814E 154 KB
47 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7844 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJyZhUP1HRG49JDarDgdkN4jDu6wsm8jhxTkCe0dAW2qyfBMf23ueZpPcxPfb8RzOArW9lVEFBkaJ23WEGBn7oRbOrs2zAGpuOtKIgg2ucoFt9pTXMaMdnLagAxAX_uWB5VgpTP9ys2zFiCoXaHM9Sh5K68edbk2G2W4IKL864Ko70kvQOqDyZy1ejZTVNW3SxA3F7CWJDC4VW3ou3yPaDz6nEN6TlFRfkR6Rr8mVCPBIlB667UhfNbev2_0IzpAlx-j_O6o7QKXdkYJwSp77koxEQP-omUSuRbj2ce52GqzBtpWOJya7fYDUm1Djt0U8&sai=AMfl-YT6lNX0gdWEWuG1x-bhSV4kAiK7XgcTWkh-dSlsGVDxi__QmlujNuHIMOX7NK7aG27K-IFEnvLHJBa0C93eAC-X9ztMH1d7SxmqxVaPRdaTLAuvKuAtO391DwDEibekYA&sig=Cg0ArKJSzGt6A_fBOzktEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 7844 23 KB
9 KB 34ms
25ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:22:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 7844 3 KB
1 KB 53ms
44ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:21:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7844 0
0 32ms
31ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmcsTSBDI1JPZRQP7X2BDb2n1ZmwpSMAdfPvycZFFZR1-2nSK60mScPQ9lykLF4ClIOJGKqmav0hRvSd5-xfJCI2QriQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7844 154 KB
47 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 11162331419487251083
tpc.googlesyndication.com/simgad/ Frame 7844 83 KB
83 KB 54ms
46ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11162331419487251083

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49ddfd376cdae2f41526985dc9133498a4620a9fc5f9ad25373a6362b2a3ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 07:06:47 GMT
x-content-type-options: nosniff
age: 171064
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85110
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 13:46:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Nov 2023 07:06:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6CB4 0
0 61ms
60ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv49w974OkBrIQ0yLGwtG7AnMzeyA-tt4xg4dwx51remlZ6ftv_JAg7XWWc0JAXkNmj6HO1QIqIoKYB85xOVyKjRgV8hD9Shp3aRcfqy7CJK0i-1hJQbYEhC0EQKBHAWAtyGG5FYvyEEe-BftkWE3PR2tUmXGdIA0gRRZSqQD48bZCwXGPxK2sU-ER1bWmz8ItfPTiZvdWCtCSYpjpYBA7fVgX4BJO35YSITxWM0tC69lDrkcT-ILeXCAmPYzPcQwpIyG890vzWKvJPU_GFNdbetd1DILCqCTCO1Edgaqsz2x_C6Wj4sLXi9PaHj2bEmcY&sai=AMfl-YRqy98zt3hsp2iRFS4excEIAgKnoympfmFHgjGUtsPm85CzfrRbobqjnc5GhLb_cUWGQcPKe096PQeIO1gZWCmrvdbNY3zoINnbYseMb5SieMfNokfcJGGmScvQFTlHWQ&sig=Cg0ArKJSzC-I2xzpKCq_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 6CB4 23 KB
9 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:22:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 6CB4 3 KB
1 KB 94ms
92ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:21:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6CB4 0
0 33ms
31ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWLcDsR-iDhv54c_EyBS-FBGJLcSJBV8foZFN5N8IlnVRZJFkG-oIFtSpxc_cLEI5SDnRZGlGwLfSxmLVxKB62r8f38g
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CB4 154 KB
47 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 4648417495530420151
tpc.googlesyndication.com/simgad/ Frame 6CB4 228 KB
228 KB 94ms
92ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4648417495530420151

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf57208ab09b3aacbe65b30cb337af2e20d0849772e52d901c0d21dd10cf857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 10:41:22 GMT
x-content-type-options: nosniff
age: 244589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233879
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 08:16:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Nov 2023 10:41:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ED7B 0
0 86ms
85ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstONNl3_eb4mk9t2afA20PR4--9U2jA8aEBi1vsD5YpZsGq-sD_sWvLXPT7RIF-GjSu7QDEuucQnRGbZvjL6wAoCTh9od70RkRAcS0Y9kb2RuC_lqh4qBjX6VakmtpNe2tV5sHG-9ZEFfI608fUV3wTNwpB3E6QUv64ov52DDvwU3JLrpeU35LOaq5Wkb67G_HDWiqAF4uDlqzsQhpmC_qw73cggqkEYa-pggdg0fSjS3hHxnUC_zq1AtK4OAXEILPR7QKmNzRa9u8ebJyLbpNRpzr3cHoFRQUs2FOFuRMQXKjVzQkDbGOOeCYOtV3-DNfqr_Q&sai=AMfl-YT_rX6E3ah59H3NUt8uCfx5QREHX1-qE_PtpFn72sFc07cOQiTLAtWAw8sKMsStYV4MD2kh8pvdHvYEP7cDM4u08Lo5zR4_Z34WA67pjxlxtfTyonNBeOcbd-vMg_sbjg&sig=Cg0ArKJSzDTXgLvVnJPqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 Pozicija_10_pobjeda.js Show response
adxbid.info/ Frame ED7B 319 KB
95 KB 106ms
81ms Script
application/javascript 2606:4700:3036::6815:4f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:4f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3e6769f945dd5f4d3fbe19ffa567b55eb3b72d9e94e8868ac8dbf1f152ff54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 13:32:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5221
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rs1GplInba8MjeU%2BtYKgFOluPitbkJckrFJwBtsf7HK16SgpipyS1xVHojDxSDZ2LKmkFL1pv%2BRcjQddynUPn%2BkGfYu%2FWW9J%2Fp%2Be1cK9f4f0S3wRQOk4wr5UskntIw79C2jsxlJ%2FbwBSdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 7685058bce569113-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED7B 154 KB
47 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91C3 0
0 67ms
65ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAGletFuRE6PgMgrfGyE1zIIvhfyXmNFDbO2l25IGFDkAQ58iSP6_DBKAR5WRHdW1u67L1YitDGet5BbLaSxvPxAMh9dqN-dw6lAXzmmhOkDzrckfHcHykRa3y-PVyhE-a3nubGnN1ye4kBRfmBzNnA6ukFn93ckzSDADXgxa61HbbEYh1G42YbDwPXrQsaKigm5LP2RSgbueMKHOjyiY6kFdxNvwbT01WgpvhsQya1WBFRVh9kBJzG3OObixy4T3XLOGrPPQc7dwHD4Re6HwK-eLE1ig21dy2ImT_foz7KFI3BXH5J_G5F4lLwA2djMIH&sai=AMfl-YTssh5TCjTFxlfjIqq0K7aA3RzECKhDnkcBMN0Fc6k8tQTrBliNXGr182tzHIVE2Kk50hBdtsFNeT4JuWXDUAglZjjIT9djH0lExzJ_-_Dr8xoHvIuQtWGsPbxTvXC7Mg&sig=Cg0ArKJSzAh2l3CN6xNuEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 1804929274056364865
tpc.googlesyndication.com/simgad/ Frame 91C3 87 KB
87 KB 44ms
39ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1804929274056364865

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

355c8da1f3f06a7d8b9043d7c43bb039dcccdcf1e0574d6d167053f3b3ec10e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 02:52:56 GMT
x-content-type-options: nosniff
age: 531895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89520
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 07:01:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 02:52:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 91C3 23 KB
9 KB 29ms
25ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:22:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 91C3 3 KB
1 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:21:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 91C3 0
0 37ms
33ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMVZG35MeiEZTOdW6nvcHR5t1lNpv2pDgU0rZ4FGZucJLBUqy2cRoxz6_YpZGc8uJgf7nKlwHXTo0_D9iuuAx6UOvpFA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91C3 154 KB
47 KB 62ms
58ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B71C 0
0 61ms
59ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKqvKKO9K8cG_pNa1aLNQD5E5tU61DwmlGQL06Dpd1AkRRx6Zww1SgCPEGYDyXVp61IJ6mU4LgMZZMrylwq8NGRTdRQ-iqNZ8uNxpwDuZAYmmGYNtbhEJO8_sA-1Atmxp_o3CIEfzVoJSncwHM23b4rxR4eEYBMSX7oYuTeiucG1bnbpuvwIKlDJx3JJymna-BovsDvuNSwN_8kGAu-XgGpN2LtgYkIOAxjruQhq720jK0PQ_tVizKOQKRGJvAr6YrUOpbHcDYuKqk1tHtMwnX1VBa2O1RkfERn70S3Eg1ypYamL7e5Bx25M4xAKGppaz9GjnB_1U&sai=AMfl-YRkBtk_w7z0Lp7m9akgWwkVKqtk0fkuiDV0hGC8Q9Jzvow3QCaw9jujhOGeG70xU1NTHsS9VSXYfn5ontyt4YqJdnPKmDybMwNMAX4ZYLGRWfgJggnikP8ZTQ5X3ZyUDhgaeg&sig=Cg0ArKJSzGDysnwjwB3JEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 header_728x90_pobjeda.js Show response
adxbid.info/ Frame B71C 319 KB
96 KB 77ms
47ms Script
application/javascript 2606:4700:3036::6815:4f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/header_728x90_pobjeda.js?v=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6135f5f513d9a30f33ded4967eee8bf11ae6c444573b48cf60124dabec1c6613

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 13:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5776
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sK4n6MNBvPC9PgWCr5Pbu2K41X97jfFhPoKUsGPI9w9Jb7XuzpMSxFt%2F9vmdLksoG%2BABJENCCh9%2FSVh2103oPnKX1u62aC3AnLJ2F4bfzI4Gc2piPi47pN1fWNQV2Z653M%2Fe4z8f%2FlB3rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 7685058c4cd490a2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B71C 154 KB
47 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A422 0
0 61ms
61ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9ww_G-FfI5-MVMaU1ru-naOmHsENZG9WxiWhgKiyeanT7uDfu77n6_rFy-ClUGYjTuAncl5Pyklge4W09kJA5bbaqqMcBPYC_ilUahZc80VzHhIGFg5zbnuPy7dJKFMNRDYcf5BvjMx37A0kLpUX3DhWGnp5yVF_NAL_dgzkoDvD-n9ZfcMea7e9bdf9_OZP7WsuI5myfhZ1jyECcpnRzaKYKY_ibPf0itrZ6kBjutkBW70I4bOfCl3STdad5kTFD5PJW9D-9j-lwURJAiN_tIrWP9tw8XcmnWLTnx47h-EGZoevLnXUgSLa9aZHcBqY&sai=AMfl-YSoit6tyF3iP9FD_AfIVq-mjngZKnh46e4gtlJVbs_8Ri8oilbU5YrAJp4VMItm-xRVB_FFF0H-fasxSbBJoLWvd3FlgNNAi0eCZpHLqOJ16yEgRhbbDgn7aANJpZ451Assrw&sig=Cg0ArKJSzNnvCyayN_p3EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame A422 23 KB
9 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:22:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame A422 3 KB
1 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:21:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A422 0
0 32ms
30ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAZViksnbkBIxGQjx-OWaklk1zr_tlak9Fz-VOPy95ndYkpSAXRAhV3ME8YY-WehLsaciWdCRVlnvrxY6JhXiR08MH6Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A422 154 KB
47 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 8326444008596313228
tpc.googlesyndication.com/simgad/ Frame A422 88 KB
88 KB 40ms
38ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8326444008596313228

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ed0839be16207fbd4007e1c413b78e552a25512a5075605c0ba57297d84add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 02:52:55 GMT
x-content-type-options: nosniff
age: 531896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90079
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 10:41:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 02:52:55 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 72B0 0
0 67ms
66ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0StYqXc0EhK-3DsgH35qd-YzLYTSqy-yeJmyxgsOHEW_FcEUGKgIcCavI4kbllyE7iDZclrAY-k5DJRBkLpxQWD-q3yg7Zbh9gcab1jKQfKDCo0UocWlz1TYCET1mDXugOT3tqcySm1o4wQ8RTJchvgFv-URvBOsKBE2LrhlXIocG2N85vYgE8pJQN0LzCBATzGbxRg7tdwTFOh-y0ibiSex9nJ1Am8hl8gjufORYsmkOVugKd3dq9eL1u3u4AjLmL8XAs7JealMEjFv5pwNWI6pCUIvKq1TzaEGgPf_ogvZbXaSJK73ucmUnvSTMxT-B&sai=AMfl-YTPRxi1kSrYSIA7deJmLx6gGC-SVI0GL-897NWDevamvwhHOk9NrmEeceIzdwYrKMjA6Wq2YW9B1gSAhJrCvIrKBOpSt6_fHqYz8rGGUVoKxfgWGLzNETOtmONSZeHwVGDjWA&sig=Cg0ArKJSzNE9eIN1rzxyEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 72B0 23 KB
9 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:22:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 72B0 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 17:21:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 17:21:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 72B0 154 KB
47 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48226
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667997631252355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 6291250860780622848
tpc.googlesyndication.com/simgad/ Frame 72B0 88 KB
88 KB 35ms
34ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6291250860780622848

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ed0839be16207fbd4007e1c413b78e552a25512a5075605c0ba57297d84add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 02:52:55 GMT
x-content-type-options: nosniff
age: 531896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90079
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 10:41:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 02:52:55 GMT

GET
H2 200 1668146193-image-2022-11-11-065523678-i_600x450.png
media.pobjeda.me/media/2022/11/11/ 520 KB
521 KB 44ms
31ms Image
image/png 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pobjeda.me/media/2022/11/11/1668146193-image-2022-11-11-065523678-i_600x450.png?cacheControl=1668146194
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f331a420fa57ca77f49e427fabe4df104dce493d96bd8246002847fb3e5a9862

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1783
content-length: 532593
last-modified: Fri, 11 Nov 2022 05:56:39 GMT
server: cloudflare
etag: "636de417-82071"
vary: Accept-Encoding
access-control-allow-methods: get
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmcRaO5IBcDoAsvCMZA7xx%2Bm2DpFW2leGA3JQmvgvQlTmfQDjZym%2BnU8YWe31Z0TX4OBNEvGFv7KutVN89dzaxWUg8GE%2BpS5InqY6c7QNTAl2jKObAMn4FOpMRTD0ppliIJWNbLfymmZ7%2B3Spa4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7685058cb96d9bb8-FRA
access-control-allow-headers: content-type,x-requested-with
expires: Sat, 11 Nov 2023 06:08:08 GMT

GET
H2 200 1668116549-crna-gora-poljska-0911-2022-iva-mandic-43-i_360x270.JPG
media.pobjeda.me/media/2022/11/10/ 13 KB
14 KB 60ms
47ms Image
image/jpeg 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pobjeda.me/media/2022/11/10/1668116549-crna-gora-poljska-0911-2022-iva-mandic-43-i_360x270.JPG?cacheControl=1668116550
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a167f4eb93edab47c821c6b1c31cc48f38765d1607cf0b8c149dd9158f657d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 784
content-length: 13639
cf-bgj: h2pri
last-modified: Thu, 10 Nov 2022 21:42:35 GMT
server: cloudflare
etag: "636d704b-3547"
vary: Accept-Encoding
access-control-allow-methods: get
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bkOjpC4JiYTAuwrKgnvA3Vb%2F8No1q5KiirrWosQKx1vLhEp6D9PrTUuhs9ZOhJSW1qVGUMhToQhuJt18X9lVWaWH7EJ22OohxwqogZDyjEe1vtrlMSjVnZqvWBUDMhybacYUEcJEh7U8uVUjGI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7685058cb9729bb8-FRA
access-control-allow-headers: content-type,x-requested-with
expires: Sat, 11 Nov 2023 06:24:47 GMT

GET
H2 200 1668115883-kjfgh-i_360x270.PNG
media.pobjeda.me/media/2022/11/10/ 180 KB
180 KB 61ms
48ms Image
image/png 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pobjeda.me/media/2022/11/10/1668115883-kjfgh-i_360x270.PNG?cacheControl=1668115884
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 183de4c76efd3e951d6a4d35a46978712baaaf65bbae4c4f887f3c365f5fded6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32641
content-length: 184144
last-modified: Thu, 10 Nov 2022 21:31:30 GMT
server: cloudflare
etag: "636d6db2-2cf50"
vary: Accept-Encoding
access-control-allow-methods: get
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2d8bOlBDM2KhMe%2BUZkd976tXoMrSrS03ry8HThIakEXLjEUtR3pKIUI4eGvfECXSTp9Ana7zvWWn54cQ5fUe0nLn2C005SMeruAr82mXi%2F%2BFMf%2FXFVPfRXTUx4kqu%2FyJmXSWAsu%2B29R1Y9thou8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7685058cb9769bb8-FRA
access-control-allow-headers: content-type,x-requested-with
expires: Fri, 10 Nov 2023 21:33:50 GMT

GET
H2 200 1657959205-cerovic-tekst-dritan-abazovic-sjednica-vlade-cg-izvor-govme-001-i_360x270.jpg
media.pobjeda.me/media/2022/07/16/ 11 KB
11 KB 60ms
48ms Image
image/jpeg 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pobjeda.me/media/2022/07/16/1657959205-cerovic-tekst-dritan-abazovic-sjednica-vlade-cg-izvor-govme-001-i_360x270.jpg?cacheControl=1657959217
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49620cc9b47b11f899dcaa72fe40ef3c7a21e8951ab8b07487c21a4cef26af5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35797
content-length: 11117
cf-bgj: h2pri
last-modified: Sat, 16 Jul 2022 08:13:39 GMT
server: cloudflare
etag: "62d27333-2b6d"
vary: Accept-Encoding
access-control-allow-methods: get
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAn%2BOk1gGm%2FwYuzOzmngDtcobX4aq1W24R2%2BhZiNEAn37uBIMX9Azp90eXxAnf51H%2F1e70qKREVSbv0mDWyuMvTTgqo4HS92SZOt2olQrCNVJ%2FUKigyU6ZsmnPkVQYzUGslPkbDYmXH1SNizR8g%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7685058cb97a9bb8-FRA
access-control-allow-headers: content-type,x-requested-with
expires: Fri, 10 Nov 2023 20:41:14 GMT

GET
H2 200 1668105843-ciscenje-ul-slobode-10112022-dobrilo-malidzan-5-i_360x270.JPG
media.pobjeda.me/media/2022/11/10/ 16 KB
17 KB 59ms
47ms Image
image/jpeg 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pobjeda.me/media/2022/11/10/1668105843-ciscenje-ul-slobode-10112022-dobrilo-malidzan-5-i_360x270.JPG?cacheControl=1668105882
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9696e1dee70d8ef324156199ca801bb7acf97fb4c1ea0d9524930197aa2e3d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41812
content-length: 16893
cf-bgj: h2pri
last-modified: Thu, 10 Nov 2022 18:52:47 GMT
server: cloudflare
etag: "636d487f-41fd"
vary: Accept-Encoding
access-control-allow-methods: get
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsmwDwYNTB8ld6GMJmVQceJ8klp8OhOI6HWZ3PmYPpEGdjfWOW8w8mwfWoGpT%2FPVCzo93DvLKRVR6h7W9nqp6VAkEnzWzLhm1TTzmbgoWgZ0UleAEk9U0%2Bhaj%2BEJGBa%2BUQSrlBtUw0Elb2TcEuw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7685058cb97d9bb8-FRA
access-control-allow-headers: content-type,x-requested-with
expires: Fri, 10 Nov 2023 19:00:59 GMT

GET
H2 200 1666561546-ivan-vukovic-dps-23102022-dobrilo-malidzan-5-i_360x270.JPG
media.pobjeda.me/media/2022/10/23/ 10 KB
10 KB 58ms
46ms Image
image/jpeg 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pobjeda.me/media/2022/10/23/1666561546-ivan-vukovic-dps-23102022-dobrilo-malidzan-5-i_360x270.JPG?cacheControl=1666561568
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54594b76f0c3091acebab2bf1f45a347ea71fe0ade5d2b3549635027c006e426

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46298
content-length: 9773
cf-bgj: h2pri
last-modified: Sun, 23 Oct 2022 21:50:25 GMT
server: cloudflare
etag: "6355b721-262d"
vary: Accept-Encoding
access-control-allow-methods: get
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkP3Ix3owSZ0D3rqJJ3m1ggNbV8f9Znkj42md2BeHaLWJ8JqCLJxUkAOpT1NmGUH7xboX0oVHinOnURBrH7B%2B3mvzMknovjxmD%2F205mWSdJa77JjWfN0u%2FE33OWeNX23VEGqNXrBzb86McaMnXc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7685058cb9809bb8-FRA
access-control-allow-headers: content-type,x-requested-with
expires: Fri, 10 Nov 2023 17:46:13 GMT

GET
H2 200 createjs-2015.11.26.min.js Show response
code.createjs.com/ Frame 8E57 186 KB
48 KB 296ms
29ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/createjs-2015.11.26.min.js
Requested by: Host: lupon.media
URL: https://lupon.media/pobjeda/2022/publish/publish300x250/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lupon.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:52:51 GMT

GET
H2 200 index.js Show response
lupon.media/pobjeda/2022/publish/publish300x250/ Frame 8E57 13 KB
3 KB 75ms
49ms Script
application/javascript 2606:4700:3032::6815:41fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lupon.media/pobjeda/2022/publish/publish300x250/index.js
Requested by: Host: lupon.media
URL: https://lupon.media/pobjeda/2022/publish/publish300x250/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90ad1584922bc3162caefe9ed22163de4a7a7e213a44a84596c9065ab7d27e65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lupon.media/pobjeda/2022/publish/publish300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5640
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 18:31:21 GMT
server: cloudflare
etag: W/"635ace79-34a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lf%2B3swPjzW6WlrLzleFbQoRTHpEseBK%2Fnu9Y4yErgtGLc0tAhcIYV49yKFz1ytuOIylK7wX8XBPJ%2FvoW9kF%2FwclmkHRjAx596gJTor%2B10aGPHGxij8LUbh%2BZOJAa4aYJmkBwQXu9xnnk7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=14400
access-control-allow-credentials: true, true
cf-ray: 7685058ceb6dbb3d-FRA

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F44 0
0 112ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDdv0ZGqAMdsC38aXvjhdOvI1WYZp0gwNsxR_PxENzTf3CCPZ5hbaUB7D9mlWro13JWMTyAXgsoahMHDeL88limIuXXJK1jcoAkIyU_hACM21dfUSEAzbBtFjK3UgW1uX58gv-9Q1r09WynlyQGDICBPYny5BTTrO3JpnmsyIzbNr3CegoGnr-hLVFG3H-HxdhBPzkq2MA4MKkGZmntZ66iGDHFl9EG4hGlNLY1-LKRi2_3GE2sP-Tu40eBgL0EcR-Ppep549-6Yb1ioq7vasq7BI53iuqebWRJnSL-OZlNvtlZr2rhIRB6lgwlcZKv8be1A&sai=AMfl-YShBtRrb7TCRHCHpfAy1mOSxKPUp36CIJLBZBuerwQImVCPCt_b4ZMDbfeus9V7Z5whU5sM-DkLeSmCzTPYvtZFEmPDgb29bbNXxNmvd0GN-5kJS0_umF1-kjqsEIJ1eA&sig=Cg0ArKJSzC5pWyfokLmfEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
DATA 200
OK truncated
/ Frame 6F44 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2abb18d0a40333c0c56747e9610ce32ddc690e0bb13f06768c0b7076df3a8c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 090F 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 373aa2c7d81474ba28bfbf062f754331a446090bab86a1032116fa62fb11aa27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3FC1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffc13506790967240d4fe880058b37f674e314b795a2d5190ed3ed0a4038a646

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 368F 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 083d09cbfa6407248bc36c575ac13e17f792bdb5abd83fa9ada82057314e0106

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 25CF 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec76b25a60cd277b0a327a216586a5c2ee4e71fd72944ff98df3c0d55319105f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4730 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e8a56f2584b0d4e2f22b2ade46a8a9b02cc15430d94b08a5a1195058da74643

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7844 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2e206ee7e9084cc935c38feba78f472076937381b99babb960617d688f145ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6CB4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 877c0e9df01342ec3e3a93b0fdb4a536bd1bd08c628a8d5a62847619676df8f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1554296/ 148 B
323 B 223ms
50ms XHR
application/json 52.30.44.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1554296/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.161a981e5a2b8d0e6270.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.44.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-44-244.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bdcbc89391aa102582b534556887a7e27efb13b0025724e914f5308a20448e18

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 1554296 Show response
vc.hotjar.io/sessions/ 0
257 B 218ms
46ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1554296?s=0.25&r=0.223159349548244
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.161a981e5a2b8d0e6270.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 8KQAVYhEWPV1ik8jqvrqlQh0bpVlJa0SvQO1NxjJ-AQdsE63dXLulA==

GET
DATA 200
OK truncated
/ Frame 91C3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8de2abd8e82f7a629f8ada95fae62ebb62e006231c77bfe9eedb33b5903ccfd1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A422 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2652c1c0fc51035f1d32cdf41e334c3f649b1826cbef6bb0f6dd52338cb74d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 72B0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d735696648ff5008276f6e1694901772d6ef471af79127281948202d16dd7dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 090F 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvi4E_n1hfOE3WhU2-ilcOPYemOsEi_2tudJXZe8G4zCFqKz8F5F-GF2wD3_6d3x8pp0tQWtBSyAZfmigH-9NF9fcm1R8uEV0KHXl95ImlVdNXbs7u9SNtLqFw5N-iBkNun-s28IePI-EW25m5xt5cVXPsnuASYR1XejfOc-Vb1L8XRxnjvoA4V6kbQANc1MPzmG0VD-WmdI-YlLq_aFOy-lGazYclo0uxXZZB4roib__vztrgZWPFyEI5fzWhO6ddL9Fbhfr50OBcATLSPn_sRrQ5pKiMAhRARpFXyIU9JZNyhvh3Y8mEvJJxHI98hy_bFQg&sai=AMfl-YSV2WL3iyXyXc9UlG8Rn594jL36KtVGQBaI2eFeRygL_ZykVStKevF4eO5Uq4lH9xvYTKzDqua67UTgXb59ahUa0Qdy1pmTJR9uFFuJUyrgnM3-9XmlCjLDegmisL3yXw&sig=Cg0ArKJSzCReJC7AM_xIEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:51 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 161ms
42ms Preflight 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pobjeda.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.pobjeda.me
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Fri, 11 Nov 2022 06:37:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 814E 483 B
868 B 88ms
30ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-amz-version-id: 1666365882701197
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx36ec54edbeb74121a0ef5-006352b9e9
age: 1782741
x-amz-id-2: tx36ec54edbeb74121a0ef5-006352b9e9
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbhYQkHMSyZToFNODGQ41fm%2BWrUycJcX05pxoBqjQEK7IyjYew3CvZiU69%2FmMbngOk8pkDd9669qN4lU5gGNisRvkgymgNv77eXQt0yj%2BJXP4f4uzDKU7TDkIpyk7WaFp7rp6IMGMP8IrmRn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7685058edcf1909c-FRA

POST
H2 200 / Show response
hb.emxdgt.com/ Frame 814E 7 KB
7 KB 130ms
74ms XHR
application/json 52.28.22.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1668148671754&src=pbjs
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.22.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-22-239.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e0a0b4619fcf6f59324bf94db2257a0bcae91a814b8d4a456b7d874e2e181883

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pobjeda.me
date: Fri, 11 Nov 2022 06:37:51 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type
content-length: 7283
content-type: application/json

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 814E 179 B
529 B 194ms
118ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.pobjeda.me%2F&SafeFrame=true&PublisherDomain=https%3A%2F%2Fwww.pobjeda.me

Requested by

Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

c616c25511d3dce5cb17be3661d7e86614ad988a41017ce20757729192109200

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 89
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 179
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 814E 0
409 B 202ms
109ms XHR
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
mp.4dex.io/ Frame 814E 114 B
190 B 180ms
124ms XHR
application/json 2606:4700:4400::ac40:983f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:983f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bffca5a4cce0f86e2410260aeebe5bc8d1eb75c7323ba0c33d40c7450f1ae48

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:51 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7685058ee8a19207-FRA
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 814E 0
216 B 108ms
47ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=71784058361

Requested by

Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.pobjeda.me
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 814E 241 B
1 KB 210ms
85ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2223108&size_id=15&rp_schain=1.0,1!pobjeda.me,1994551,1,,,&rf=https%3A%2F%2Fwww.pobjeda.me%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=3c07a160-ec6d-4ad4-aaf9-13985da9d5ab&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8730378027083385
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1457df39383263547c1c35662ce75cce551bf500b212a4265a6260828a1e523c

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Nov 2022 06:37:51 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.pobjeda.me
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 814E 0
176 B 98ms
30ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pobjeda.me
date: Fri, 11 Nov 2022 06:37:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 814E 19 B
828 B 94ms
29ms XHR
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Nov 2022 06:37:51 GMT
AN-X-Request-Uuid: 1093358f-b398-4156-bb8e-5505dacf3ade
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.pobjeda.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 814E 0
239 B 103ms
24ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr=0
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3FC1 0
0 61ms
61ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW9IvTs-n45k7rG8zrOYYSkUDSK72euqoDAyOUkyhjEOVz32BbH3KUnrIIaxUMsVPhus0foE8h-sGXWjwGfkgxvXjZp5p6ub6tyqooiDkqeZbWhos2jWU0AqId1UHUYxdnJ51zOHZoPFMI25DBGHYLXVASI0nmSDubw0D72kIkFvvEJgQdoyMzk1tmJQQIz2AzzeVpOowy5JltK1-jyTHUoh4q1SgW3wsnwQtiPRVWhc4ccLot2fb8z6nEyKDAkCPqoZdGUKFIEhKiVnmr1CDqT8XHC2rS1MVXp2R0w2e9CwzgQZsxFrqUDwE0uAycLNituA&sai=AMfl-YRTZCLgfOSq_nQdbzU5yhgDZL0tqLuxnObg9EYIFquvDsF9mNJLLS4pWZrohUhEpIVw5M9r1RDaN42OdPqh_luhFGep-3czlNLW_xrZhsKEvVnPs4e4UEF6URehmwnaog&sig=Cg0ArKJSzDLY7Z4l_XxYEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 368F 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPimD80tcftJAa7cKGrYkEzI6VhccCfcsosdeb-mhAsZQHH84YSuhLisNeuUQ3UfG2iLJzPIk3AQUTnvB9hqpwsLvvPdmwy7s-TJfMtpPVi00qC9AQ71apY8A6gDY991q-n2wzzchgL0NQSsqj4uouNcmrJ5DI7uTgqbUHCXoTx01lzUlT89Jn-Nu5WhhfvhMv6OC9nRD2ovtZVniFaxwPxh-DAxgHCbV8WRZNkvrNEobL6ITAmBSmNXyg9xGYbLPl0R_WWHjRfS6dc8aBpqPvtm46HMcJzTpfox1T-Wp6_xUmZ43Z72VI4BPRmen2Kfni1Q&sai=AMfl-YTyUf8ouOFXM1cRqA3DBKVnfr4QphiM1yFDZMyqEvYqE_gR68xh94kGBFxcIq8BptHipByIrZuA_y5cMH9O5E0LzmkLAs8l0EGPZBJAO-4hbCpKmD6AR5TZKc7iNTeDfQ&sig=Cg0ArKJSzLk_mn3klMIWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 25CF 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQWTkb7wnYxol-tvJuMaeqfsqNKAyan87dDsQhPi-MsFcrcGFOB4B1O1b2N2_aEE_ZTci8Cz_TMJkm-I0zvc1qteTVNQ_2wvrSMQQCk1vWeVTEMODuhdn7Rm0A2Gbp55FKYi6NGgLeWETd41_7gBaSNYk07FFaefdU8Ph2qXcSGO56Xv8dqyMhJykMHpPyoKtwQIqQ7ZDEZB15bJKEPegFiUhRudgVLq8kMoVFx6PLv9F-ktTOrtAxQMd1UFhWyC9rYJocD4ITr1i2TFoHS9tulcoGvi6_RcvdE2hMpsvVq2lnt5Yb7QD6IsWoeSSaZhfxtA&sai=AMfl-YSNdJVZffqa0BDmQ2qiVeXN_eaIBJxDDzGMxF14WRMzZpeheG7Gw9ZNPQPz5Oi1qqFZw1yTFBsGr_mVKzPq2nrTarMdGLNEHOHJwAPV_NOYP9ix77EYOeEVlrfmvxbIpQ&sig=Cg0ArKJSzCxMDh8MmZBNEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:51 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 51ms
42ms Preflight 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pobjeda.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.pobjeda.me
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Fri, 11 Nov 2022 06:37:51 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame ED7B 483 B
548 B 37ms
37ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-amz-version-id: 1666365882701197
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx36ec54edbeb74121a0ef5-006352b9e9
age: 1782741
x-amz-id-2: tx36ec54edbeb74121a0ef5-006352b9e9
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsFHroGznRDHakOsA77wJJFaf2Mcq1XqD42m3eilAQdNxAdPw2Gs1weZrOUUJKpR%2FWH3ElPI3SnOQSeX7s8hL9GHufYpH6RM%2FdVIHQTRI2Mp5Jt9B6XC45wG%2FalQS9BNq09twBxZVJ0t6iFd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7685058f2d3b909c-FRA

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame ED7B 241 B
1 KB 179ms
84ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2223108&size_id=15&rp_schain=1.0,1!pobjeda.me,1994551,1,,,&rf=https%3A%2F%2Fwww.pobjeda.me%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=dbf232c1-8035-42b6-b417-b36f37e99458&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6822444654977609
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0f1a2caedfb142b900feda73f57b55260948747b718115b6a91cdb8f97b9e2a2

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Nov 2022 06:37:52 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.pobjeda.me
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ Frame ED7B 114 B
448 B 43ms
43ms XHR
application/json 2606:4700:4400::ac40:983f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:983f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e4df566f0425f39a12a681e282f3caaaea4cebda3cb1dac5bcc19dcaeb8b48f

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:51 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7685058f38f99207-FRA
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame ED7B 0
408 B 211ms
119ms XHR
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 / Show response
hb.emxdgt.com/ Frame ED7B 7 KB
7 KB 54ms
54ms XHR
application/json 52.28.22.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1668148671866&src=pbjs
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.22.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-22-239.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 043b2d55f920ee9b9176e5b165dace8cd5eb7372276462d6a14b47d3a6c464c7

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pobjeda.me
date: Fri, 11 Nov 2022 06:37:51 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type
content-length: 7283
content-type: application/json

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame ED7B 0
176 B 31ms
31ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pobjeda.me
date: Fri, 11 Nov 2022 06:37:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame ED7B 139 B
949 B 29ms
29ms XHR
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2581c9bf1607b14d1422251a104b8be40c4b75824dd9eea8710c5a35875cb5ac

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Nov 2022 06:37:51 GMT
AN-X-Request-Uuid: bffcb770-c83a-46e9-af76-48a8fd939a4c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.pobjeda.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame ED7B 180 B
231 B 127ms
126ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.pobjeda.me%2F&SafeFrame=true&PublisherDomain=https%3A%2F%2Fwww.pobjeda.me

Requested by

Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

154892bbd146d3726b36021e310d2d1263f023689c47945a10e8af436844cdaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 95
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 180
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame ED7B 0
215 B 47ms
46ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=66392838309

Requested by

Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.pobjeda.me
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame ED7B 0
239 B 25ms
24ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr=0
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
DATA 200
OK truncated
/ Frame 814E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11342ed5a9745d3e7bf36cef68791b0a45c9020829fdfc1fbfa23d014b23368b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4730 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3H-zwcZbY5myLmRSzWa1jfKskxVnzbUUM4_bBvcxtHexCQJI_8f6qpsDrUyY6v6K48oh7y98ycuToPk8CfLM-7h__ik7o6Fzh15tfP3nlU5W6rb_7RhDvhWedW4vJN2bdxmP6W4CJEqiCpSZ3dhjir39wpfibjAhq-u4Nv3_yUpcdUntdXYEtNHLh17BW1Cq3-SPFV0u-XXkBMNmoG0ByH93T5iz4XV1TkR-Jr9PLl4WkSvTVEYGLEukBSpxOrmLhauSoMW4FwdgLdog7CL00oEyyW8czF5hkYXtvEYgDXjpCS_vPmeYNVLz4mnbEtd5X2A&sai=AMfl-YQEgBGzqaBfKJ4litKQSdmskO7dyuhaB2bCBCLCpk0IxSB2NbE_4dXvFi2kiodq93Rvl8S4Cy-34CfOHbQRiBKr2ZQIec6iR31tumzRPk5k_7WwM6HEw4e-P72dHPbEUw&sig=Cg0ArKJSzOEBBooURvLYEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7844 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3JRzOmaugmVPjna2fuYy6wVB2_jGaBVwZwA82OgOXi-ZuXC9Hm_VNc7BDevjd3PYJTXnG1ZK6IflplId6gSvftmyMZOsTi6ntrQnKIM4c-By3iRf4aFVZPmSQ28qYoPSs25pgQ-XLLfNoVzcTroaUaIs5Q38Tg7DMFV5zZjrxsd5bkbwqRz-sOG1OfXPaArlvAlHvzFJesz531Ab415kmx_jg_bY7QjsA8_J7ccpj_ScN5Fgtd5WSOY4kDzJdivT9GZrtizINp3lyv-xvLhveAZDAxfXaevJLxR9OdGhogiocYvdtp9ppGoPH0IuCYblDBQ&sai=AMfl-YQfgkEj_Zl8Mmx1RzVXgUihYMLrIUEVucjiOqHl9jLTlnDuYkOVbFuEcSXpRRnpPnn21kvz_qpbYCd-oCgkY3Q7u9V55i7lfJbRVugu4L5ydGoXe_uOuZEwJXEuvBmKAg&sig=Cg0ArKJSzAVSA6IYwcDwEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6CB4 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPxJoPN3IOlX_e-Pr8IZyRxshs_HG-6dHEBk9Z4B1nBgyNAMAXwWFpW4JcUcWMwkSxFdPLkFYal8NiKwegztZz4m57bg7UFqtcV-fFAnaJbE9nSFmLnFoMfGVSdsgyQJCtw2OEcWIlg37nZuJdZOb0Nn2BKPR8NFMl7aopc4Z1Kevv_enN1Y8mr0EqSu5aeMLU8GJBuXQ7TCh3wYxP6MccL4h6JrfgSyS5mX5XpJrN1mULeMaHZvG8j2FqvOrsjUecq1kd9WVX5u--yKdO-STiZfz-2fSe2I_vwKpPL4XP8YEc9El-fnFmYsT9v9Jj9VdRCw&sai=AMfl-YT2xB4mcrzZBdsn1wOFUW18XPw-b24jNM9m79SAhGZaBuju1ENVpZo9WuZEsmtm0ihl1XWhmklveGOvJzXq_Bv-RrcWhaZX-a_PR6N8IFCQRj58ubPrAH-q20vtDmRDRg&sig=Cg0ArKJSzI-B1Sit1dVNEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:52 GMT

GET
DATA 200
OK truncated
/ Frame ED7B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e43f3249518071bcb3a1f2bb560f70741de87335f123a5a37d6ee49d195f0e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91C3 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVWPyr6RmtRMSZ9KRJ6uLAnan0KYfYJjIzGU4vF0p991ef5SR8qCXwkYBRHtIc5njk5xuJfk9LW2YEQMiJawSl1ZJfqN7HQrQVr0UJXVq42RJmWcXl04X-2RLo3DM_PrMwjKUOROlb9ASg_FPjCelqQYEUpRJl7j7pWdo0XwmYAzum3VWoPehEV-PvBPA05NyUoCVUy-BSdlwoLoRhVvAdK7msbK_B34D7-UTdRP3X3scCW8lh_xrKvx5ug8eeSFrm_SWRsuuaqpq_XJRE33QsKHd6OnNqA98wbIfnfHozAISizztA9Of45hV4vdfv7c8Ae0o&sai=AMfl-YR_N3An3blr0jo4Loq8dSNo4iPNMqhni0DmfaEpRcGWNKkANk1nWjQ-HX0LYNrFfUNVHM6iXWcLai5NTC15tBSWE8X1uPWvot_OIIvizxTxZx3gzuOVi38jinj2xQYQbg&sig=Cg0ArKJSzP5hP7zmVjKrEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:52 GMT

GET
DATA 200
OK truncated
/ Frame B71C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a4cfa8746e69698372bae2f868ea2329d5c878ce1e745d8f3998dd64982134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 72B0 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0EjR5Ii-tBQ5WoQB6QoI2j4mN5VshmzuLLozuf8YwH2-lnOcIcA-0bDF-W5eGOB7suyyZkh_rQVt08gA0aS7V40ULcc2ooZu2A3t7EM72G2XIPOqPUDo_vLtxj-SwRt3N121sP89yervhhKOP_SDl-tugHgYu995eUA21CodtB-8QVVe0EENnYGOSd155IIP7-5aNT1ykja0UrYPEiCRFwCmLTws9q17xm4K3kbZfGCKPLMmMpUTOJl_cpU2i5hDMK_tBGKNB1WK_wm1FegZ3fPnxQim5COO75AxdXtkjdmgPdduT6dfbgS5_AKwClJGrFGo&sai=AMfl-YQJUIwCnUp3MRyiHRMTMLvKaUPAmCrkcSPnK2VnewHPmIEL8OeEKX2lDibEtc8AGr_zy_l1rFQm36eB8sFPkv8z4gB7kEljAYCF1CKvfARR2bkeLXjNyo8yc-XDbv11n2SMng&sig=Cg0ArKJSzEZVzdltLJGYEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A422 0
0 69ms
69ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshjJWFArJveSnarJgR06Zp6dDd9l9QD4uqjKqXkwkXRczoNSOrwhK4E4fwcmNF8JAqjU3i02DnMg1s33v3tJaoX-HZB5X9Mt9TI2Gk6Wj8_wSoKsd8Rhk1z3vY0cLts1HC5RxoZz0vmpJS8JH1Cd-ZJ4SPbmuQI1P6wOwXNvNPpGXhWh7FCh4UDbFvr9H-DPZW2603-aTIETVMftddLTgdpgRY2Gqwc2TCCZ7P69UXor7tGfNilJC-yeUweHCL1EJ4co8PcIyTTdf9yLRpzQjzQhk_naqgohzpuhsCIaFCsTbTuy8GNiH_bHYh-bo_WJVz5g&sai=AMfl-YS_LOLS7YgESh71LeMmw4F-ITrPHPT-Bw85vj_CneTQa5w1RCZNzuDD_1wdOxPbVbLiyEuEO2yjRNiW7l2Iy2YasbaT9ETmykG3D13l9qEDzXFLCF1j5fdkTXdNe61z_aB7SQ&sig=Cg0ArKJSzAyfBj6HL0HuEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:52 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 42ms
42ms Preflight 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pobjeda.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.pobjeda.me
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Fri, 11 Nov 2022 06:37:52 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame B71C 483 B
582 B 34ms
31ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
x-amz-version-id: 1666365882701197
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx36ec54edbeb74121a0ef5-006352b9e9
age: 1782742
x-amz-id-2: tx36ec54edbeb74121a0ef5-006352b9e9
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFdH80eTdn3JoHcThnNc3dgj6tINdSojP%2B8qAF370gJ7sopyGX4OeANgn8SJwi0pejmnymardHxjzj3izQK00N%2FHKLDQo284VKbmsN%2F7FwhLewrRKy0t%2B7%2B91mnArr%2F%2BjYupCSzFZMtxZTwX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 76850591f857909c-FRA

POST
H2 200 prebid Show response
mp.4dex.io/ Frame B71C 114 B
213 B 42ms
42ms XHR
application/json 2606:4700:4400::ac40:983f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:983f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9830c9a2b9362764ce0f808d2668a757b0d71e0afda399999a57a51013836039

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 76850591fc049207-FRA
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B71C 4 KB
3 KB 85ms
84ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2223108&size_id=2&rp_schain=1.0,1!pobjeda.me,1994551,1,,,&rf=https%3A%2F%2Fwww.pobjeda.me%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=b8cf45bf-b377-46fb-a4ed-fdf1d789e4c0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.12639752562312956
Requested by: Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6c9f227c83684ddef8023bab8dc2a3b9284730436324f65d4441d22b6bad35fa

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Nov 2022 06:37:52 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.pobjeda.me
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2736
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame B71C 0
408 B 101ms
101ms XHR
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B71C 19 B
828 B 30ms
30ms XHR
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Nov 2022 06:37:52 GMT
AN-X-Request-Uuid: b4a51f14-757b-463f-96dd-193843650a22
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.pobjeda.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame B71C 0
176 B 31ms
31ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pobjeda.me
date: Fri, 11 Nov 2022 06:37:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame B71C 180 B
254 B 74ms
74ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.pobjeda.me%2F&SafeFrame=true&PublisherDomain=https%3A%2F%2Fwww.pobjeda.me

Requested by

Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

37c95b2ad5de85c97814d109c8313db2141a651f4e9839e4d933d0e6c9164a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pobjeda.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 44
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 180
expires: 0

POST
H2 200 / Show response
hb.emxdgt.com/ Frame B71C 7 KB
7 KB 63ms
63ms XHR
application/json 52.28.22.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1668148672319&src=pbjs
Requested by: Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.22.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-22-239.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 461d533deccbaa7027aaa266d0250f0e82cfc4883af6fa701480dd15caa04694

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pobjeda.me
date: Fri, 11 Nov 2022 06:37:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type
content-length: 7277
content-type: application/json

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame B71C 0
215 B 48ms
48ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=4772681676

Requested by

Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.pobjeda.me
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame B71C 0
239 B 25ms
25ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr=0
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame 78F1
Redirect Chain

https://ghent-aws-fr.bidswitch.net/imp/0.05610/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104560_Qrtbwp_R_I_WAUCTION__PRICE_X-zyirBqH7LG__xVfbESZzFRDP7tIYXQCm10_Qrtbdata_RGXf1Ue3-0HDIrmP9fm...
https://track.adform.net/adfscript/?bn=37104560;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=GXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFv...

954 B
1 KB

78ms
56ms

Script
text/javascript

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=37104560;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=GXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

164e9f51748ce11d492a1dc77cae729b09177bec82daafeb236edb3d0d334f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 817
expires: -1

Redirect headers

Location: https://track.adform.net/adfscript/?bn=37104560;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=GXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Date: Fri, 11 Nov 2022 06:37:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

204

put
e1.emxdgt.com/ Frame 78F1
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=emxdigital&dsp_id=70&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=emxdigital&dsp_id=70&imp=1
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=emxdigital
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=emxdigital
https://x.bidswitch.net/sync?dsp_id=70&user_id=4892233149632719757&ssp=emxdigital
https://e1.emxdgt.com/put?d=d21&uid=65a26055-1651-4a6f-8df9-cc14a7182651&gdpr=&gdpr_consent=

0
22 B

104ms
26ms

Image
text/html

3.75.3.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d21&uid=65a26055-1651-4a6f-8df9-cc14a7182651&gdpr=&gdpr_consent=
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Server: 3.75.3.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-3-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
content-length: 0
content-type: text/html

Redirect headers

Location: //e1.emxdgt.com/put?d=d21&uid=65a26055-1651-4a6f-8df9-cc14a7182651&gdpr=&gdpr_consent=
Date: Fri, 11 Nov 2022 06:37:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

check_gdpr.js Show response
biddr.brealtime.com/ Frame 78F1
Redirect Chain

https://imp-euro.emxdgt.com/imp/?cp=0.05610&ts=1668148672&seat=70&w=300&h=250&pb=0.04488&sid=1132&tid=78589&pid=413&uid=68951668148671827219f1&wid=21&dom=www.pobjeda.me&tp=0.05610&mt=1&dt=2&st=1&os...
https://biddr.brealtime.com/check_gdpr.js

704 B
1000 B

121ms
34ms

Script
application/javascript

104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check_gdpr.js
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: HTTP/1.1
Server: 104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3d8bcb82d61a3c0b87387b4dcdd2493ea09e7190e2980c6167182ad23cd96d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 06:37:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: 7NQA4Q3C5H01T67D
Age: 1126
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: gi64xt4P9CIVuZdeFJizddgdK/QAkP7DQQzS4glM7PiTCmroJXckJOcKTHPMl3WDFxDJWCx/r1E=
Last-Modified: Wed, 19 Aug 2020 01:11:27 GMT
Server: cloudflare
ETag: W/"45fc2df97a85ec1dbd37c6e43e5da119"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
CF-RAY: 76850593abca9b86-FRA
Expires: Fri, 11 Nov 2022 07:37:52 GMT

Redirect headers

location: https://biddr.brealtime.com/check_gdpr.js
date: Fri, 11 Nov 2022 06:37:52 GMT
content-length: 0
content-type: text/html

GET
H2 200 moatad.js Show response
z.moatads.com/emxsspdisplay905071498485/ Frame 78F1 302 KB
104 KB 22ms
21ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/emxsspdisplay905071498485/moatad.js?moatClientLevel1=413&moatClientLevel2=1132&moatClientLevel3=78589&moatClientSlicer1=www.pobjeda.me&moatClientSlicer2=&moatClientSlicer3=
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 972dbe524bff306137cd8b00b4041bab06c98c1ca2707faee0eb1531a6f9a20b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 15:02:51 GMT
server: AmazonS3
x-amz-request-id: 96HDN9HC2M5W0VRQ
etag: "94f2dac15882330711d1ebb418af1c2e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=38119
accept-ranges: bytes
content-length: 105479
x-amz-id-2: CtropHWYzyrM99JHMUWQm/IAwW8q75P/6pPWI63Hb/XChd8n4hUg7137ZbCsH+6Npg4BGZiTWSA=

GET
H/1.1 200
OK openvv.js Show response
js.brealtime.com/ Frame 78F1 25 KB
7 KB 113ms
37ms Script
application/javascript 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.brealtime.com/openvv.js
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eda8191f9ba76f5caac6877916a84ad731e96464925a7f9225d8a78b73d01240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 06:37:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: ERCBPK6FYYZ085N7
Age: 1133
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: LfvK16OMLhxMNpYFuEXMONEqQTcjyGyapkISVW1sG4TTe0xlfpZaY4bOORGAPfZ6eAc9pz/D3Ps=
Last-Modified: Mon, 28 Jan 2019 20:39:00 GMT
Server: cloudflare
ETag: W/"a3f3c6d66a408f8552e62ced6abc6fb4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
CF-RAY: 76850592bd229b1b-FRA
Expires: Fri, 11 Nov 2022 07:37:52 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 814E 74 KB
23 KB 98ms
54ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
x-amz-version-id: 1666365881812584
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00c4996be0ab4161a4921-006352b9ee
age: 1782692
x-amz-id-2: tx00c4996be0ab4161a4921-006352b9ee
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
server: cloudflare
etag: W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJ1Foo4iuZwRtmXnIQWd7wVcpDcQjaGimMYhnAYQxFgBj7LIdJL87Rhl4rJdi4OM2N0MyzLCCHVr%2B%2BfVsj%2BD5n%2F80Ere6nYxar0XQGPUrqC7GC2cdcnFU6uGZpClKzGhC%2FCgG63tt4dgR0Rv"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 768505928b32921a-FRA
access-control-allow-headers: Authorization

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame B90A
Redirect Chain

https://ghent-aws-fr.bidswitch.net/imp/0.05610/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104560_Qrtbwp_R_I_WAUCTION__PRICE_X-zyirBqH7LG__xVfbESZzFRDP7tIYXQCm10_Qrtbdata_RDCHi-SorIr5X0Vv4dD...
https://track.adform.net/adfscript/?bn=37104560;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=DCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFv...

954 B
1 KB

68ms
46ms

Script
text/javascript

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=37104560;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=DCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0fa98f14786db5eaca87a6434943224b0410d64b905ddae3d32a5a8c4016d373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 814
expires: -1

Redirect headers

Location: https://track.adform.net/adfscript/?bn=37104560;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=DCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Date: Fri, 11 Nov 2022 06:37:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

204

put
e1.emxdgt.com/ Frame B90A
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=emxdigital&dsp_id=70&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=emxdigital&dsp_id=70&imp=1
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=emxdigital
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=emxdigital
https://x.bidswitch.net/sync?dsp_id=70&user_id=5254144355316055829&ssp=emxdigital
https://e1.emxdgt.com/put?d=d21&uid=65a26055-1651-4a6f-8df9-cc14a7182651&gdpr=&gdpr_consent=

0
22 B

104ms
27ms

Image
text/html

3.75.3.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d21&uid=65a26055-1651-4a6f-8df9-cc14a7182651&gdpr=&gdpr_consent=
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Server: 3.75.3.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-3-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
content-length: 0
content-type: text/html

Redirect headers

Location: //e1.emxdgt.com/put?d=d21&uid=65a26055-1651-4a6f-8df9-cc14a7182651&gdpr=&gdpr_consent=
Date: Fri, 11 Nov 2022 06:37:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

check_gdpr.js Show response
biddr.brealtime.com/ Frame B90A
Redirect Chain

https://imp-euro.emxdgt.com/imp/?cp=0.05610&ts=1668148672&seat=70&w=300&h=250&pb=0.04488&sid=1132&tid=78589&pid=413&uid=68791668148671877987f1&wid=21&dom=www.pobjeda.me&tp=0.05610&mt=1&dt=2&st=1&os...
https://biddr.brealtime.com/check_gdpr.js

704 B
1000 B

89ms
36ms

Script
application/javascript

104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check_gdpr.js
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: HTTP/1.1
Server: 104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3d8bcb82d61a3c0b87387b4dcdd2493ea09e7190e2980c6167182ad23cd96d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 06:37:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: GNVCHZW4HE4X9QC5
Age: 4522
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: VyZknfC/M49Tz/mYxVaH4VBCiX55jarHGhXekhs6cLl1w1T3dDDHnzB64Iv/ECOhuH5upFSib2c=
Last-Modified: Wed, 19 Aug 2020 01:11:27 GMT
Server: cloudflare
ETag: W/"45fc2df97a85ec1dbd37c6e43e5da119"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
CF-RAY: 76850593acdc91ea-FRA
Expires: Fri, 11 Nov 2022 07:37:52 GMT

Redirect headers

location: https://biddr.brealtime.com/check_gdpr.js
date: Fri, 11 Nov 2022 06:37:52 GMT
content-length: 0
content-type: text/html

GET
H2 200 moatad.js Show response
z.moatads.com/emxsspdisplay905071498485/ Frame B90A 302 KB
104 KB 47ms
46ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/emxsspdisplay905071498485/moatad.js?moatClientLevel1=413&moatClientLevel2=1132&moatClientLevel3=78589&moatClientSlicer1=www.pobjeda.me&moatClientSlicer2=&moatClientSlicer3=
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 972dbe524bff306137cd8b00b4041bab06c98c1ca2707faee0eb1531a6f9a20b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 15:02:51 GMT
server: AmazonS3
x-amz-request-id: 96HDN9HC2M5W0VRQ
etag: "94f2dac15882330711d1ebb418af1c2e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=38119
accept-ranges: bytes
content-length: 105479
x-amz-id-2: CtropHWYzyrM99JHMUWQm/IAwW8q75P/6pPWI63Hb/XChd8n4hUg7137ZbCsH+6Npg4BGZiTWSA=

GET
H/1.1 200
OK openvv.js Show response
js.brealtime.com/ Frame B90A 25 KB
7 KB 86ms
31ms Script
application/javascript 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.brealtime.com/openvv.js
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eda8191f9ba76f5caac6877916a84ad731e96464925a7f9225d8a78b73d01240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 06:37:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: ERCBPK6FYYZ085N7
Age: 1133
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: LfvK16OMLhxMNpYFuEXMONEqQTcjyGyapkISVW1sG4TTe0xlfpZaY4bOORGAPfZ6eAc9pz/D3Ps=
Last-Modified: Mon, 28 Jan 2019 20:39:00 GMT
Server: cloudflare
ETag: W/"a3f3c6d66a408f8552e62ced6abc6fb4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
CF-RAY: 76850592be87692b-FRA
Expires: Fri, 11 Nov 2022 07:37:52 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame ED7B 74 KB
23 KB 57ms
32ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
x-amz-version-id: 1666365881812584
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00c4996be0ab4161a4921-006352b9ee
age: 1782692
x-amz-id-2: tx00c4996be0ab4161a4921-006352b9ee
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
server: cloudflare
etag: W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0SYp0AD2uMpbVwH5ravboXty7TDpNj0KeQdn5Czy0i1%2B7Yok3Jqq739Cye3AoLaGfsUMFeTr0%2B%2BqyjFzttEjyP%2FXEkUkl%2Beg828N6i08sz5eQ2vEB%2FEeaubyRTOhdul34bA5%2B8jvukl%2FVly"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 768505928b35921a-FRA
access-control-allow-headers: Authorization

GET
H2 200 bg.jpg
lupon.media/pobjeda/2022/publish/publish300x250/images/ Frame 8E57 30 KB
30 KB 33ms
32ms Image
image/jpeg 2606:4700:3032::6815:41fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lupon.media/pobjeda/2022/publish/publish300x250/images/bg.jpg
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4afabe26fb0e72c9faf1e55fabe9e5cadf37a96c2cf8b28cc9797d5f426e8291

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lupon.media/pobjeda/2022/publish/publish300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5640
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30751
last-modified: Thu, 27 Oct 2022 18:31:23 GMT
server: cloudflare
etag: "635ace7b-781f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uy8pvSCy5RsMjTFr3rl0gxT5bXnmMBFSfWRKqMl9ihDfz4KcfbHOxJGWHvqpoVnvgxcOXWu1cCGAvsldTdmX7wDicZlQTEwYyPDp5OYS%2BJh526OTL6NjCse4tYU4xCZTEThboffGqupipQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *, *
cache-control: max-age=14400
access-control-allow-credentials: true, true
accept-ranges: bytes
cf-ray: 768505927dc5bb3d-FRA

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame B71C 74 KB
23 KB 30ms
29ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
x-amz-version-id: 1666365881812584
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00c4996be0ab4161a4921-006352b9ee
age: 1782692
x-amz-id-2: tx00c4996be0ab4161a4921-006352b9ee
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
server: cloudflare
etag: W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYuRnGmxMAW2J1fpK2kYxQBnoxDfUdaNvJJX6nLwdGN%2BDzUHAKS7O3Ooau6eDtpuCnj51RHF5xZG%2F2C5Ha%2FMnT%2BK78hXkTkeZF9OdL7Ia9KNnj5z8xHx4wto2FmyqZJkqenhwQhyCwudmXHH"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 768505929b44921a-FRA
access-control-allow-headers: Authorization

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B71C 0
0 72ms
71ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh7aTyitEe9W8zGN0bjv6ewdt1biM87gwnOAjDdgISsT__nVPmDq0ikr-eDWioDz8JxZmBQ3zh7gauPvPYjeRUL-vDHIKalinv8p2Gt_zcFebjPJjwMhmwPLaLLiiAGXL1N9lzTNZ-odvZxrUeAiDzogQeYO3XhDpu0acEooszQwvjL7CjW5iFfSKn5pN_iTMgtKV-j-hpKibbYhQTAfXUEcdD3gUB7Yynm9b-vR_1YCXL2BXQ-Tjbh_rb_jbY-VV-A-EI3cj7DUfhlvdBb7MjwACiS65H7eWmO5dDCpSDgqKN8pNKfLL2n5FyDbav57uBAFg4vMPRLQ&sai=AMfl-YQQoQhDtMCwTvZAHc9XOM2IgneCrksPisZSEiYdkPVpr4WEg5Hg_0Ro2IA-44jEoyrqtSnJraU3mmZ13AVuYnZb66oObkF7g0WzHsG8d8C82DKnSp-zfLR_UfYBMvUDZu_fxw&sig=Cg0ArKJSzIoVP3q3txjFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:52 GMT

GET
H2 200 r1.png
lupon.media/pobjeda/2022/publish/publish300x250/images/ Frame 8E57 564 B
902 B 31ms
30ms Image
image/png 2606:4700:3032::6815:41fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lupon.media/pobjeda/2022/publish/publish300x250/images/r1.png
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 026a7c1e680a9cf407cff8c12849fc397d5168cf7d015f420ff95a8f91375046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lupon.media/pobjeda/2022/publish/publish300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5640
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 564
last-modified: Thu, 27 Oct 2022 18:31:22 GMT
server: cloudflare
etag: "635ace7a-234"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACmMvAjgypTF7YQ4VNqMUGtv1vWEzg5Gd4xDvgmlZIOUikOR0SsPKBVOuCclKZkXR40%2FWYbun3EPwW0IbAlNt2GRcYSK2y48%2F0z1QileWzgwaV6%2B%2FCT1eIRp%2Bpap9dKhjqrWCtT%2FXaAXEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=14400
access-control-allow-credentials: true, true
accept-ranges: bytes
cf-ray: 76850592ce29bb3d-FRA

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame 0CC2
Redirect Chain

https://ghent-aws-fr.bidswitch.net/imp/0.05610/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104562_Qrtbwp_R_I_WAUCTION__PRICE_X-zyirBqH7LG__xVfbESZzFRDP7tIYXQCm10_Qrtbdata_RO-DGEutRE__Bs5RfSN...
https://track.adform.net/adfscript/?bn=37104562;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=O-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFv...

954 B
1 KB

48ms
45ms

Script
text/javascript

37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=37104562;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=O-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D

Requested by

Host: www.pobjeda.me
URL: https://www.pobjeda.me/

Protocol

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

13bb5b64afa4365eead17e9db4afafc1bf7e2c34db54a25b9b3a3d54551abf4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 816
expires: -1

Redirect headers

Location: https://track.adform.net/adfscript/?bn=37104562;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=O-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Date: Fri, 11 Nov 2022 06:37:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

204

put
e1.emxdgt.com/ Frame 0CC2
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=emxdigital&dsp_id=70&imp=1
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=emxdigital
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=emxdigital
https://x.bidswitch.net/sync?dsp_id=70&user_id=780708691027848781&ssp=emxdigital
https://e1.emxdgt.com/put?d=d21&uid=65a26055-1651-4a6f-8df9-cc14a7182651&gdpr=&gdpr_consent=

0
55 B

105ms
26ms

Image
text/html

3.75.3.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d21&uid=65a26055-1651-4a6f-8df9-cc14a7182651&gdpr=&gdpr_consent=
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Server: 3.75.3.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-3-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
content-length: 0
content-type: text/html

Redirect headers

Location: //e1.emxdgt.com/put?d=d21&uid=65a26055-1651-4a6f-8df9-cc14a7182651&gdpr=&gdpr_consent=
Date: Fri, 11 Nov 2022 06:37:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

check_gdpr.js Show response
biddr.brealtime.com/ Frame 0CC2
Redirect Chain

https://imp-euro.emxdgt.com/imp/?cp=0.05610&ts=1668148672&seat=70&w=728&h=90&pb=0.04488&sid=1132&tid=78589&pid=413&uid=68781668148672332013f1&wid=21&dom=www.pobjeda.me&tp=0.05610&mt=1&dt=2&st=1&os=...
https://biddr.brealtime.com/check_gdpr.js

704 B
1000 B

106ms
38ms

Script
application/javascript

104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check_gdpr.js
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: HTTP/1.1
Server: 104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3d8bcb82d61a3c0b87387b4dcdd2493ea09e7190e2980c6167182ad23cd96d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 06:37:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: YN1DQVT42Y5HMWPM
Age: 1141
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: s7H2zqwCGxB+GOp8zIpzC+6vfi0RytlfPSVMAHC80LdB9N9JgPX9Dp0NdR1qx1p28ORyAM8jey8=
Last-Modified: Wed, 19 Aug 2020 01:11:27 GMT
Server: cloudflare
ETag: W/"45fc2df97a85ec1dbd37c6e43e5da119"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
CF-RAY: 76850593aacf5b98-FRA
Expires: Fri, 11 Nov 2022 07:37:52 GMT

Redirect headers

location: https://biddr.brealtime.com/check_gdpr.js
date: Fri, 11 Nov 2022 06:37:52 GMT
content-length: 0
content-type: text/html

GET
H2 200 moatad.js Show response
z.moatads.com/emxsspdisplay905071498485/ Frame 0CC2 302 KB
104 KB 23ms
21ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/emxsspdisplay905071498485/moatad.js?moatClientLevel1=413&moatClientLevel2=1132&moatClientLevel3=78589&moatClientSlicer1=www.pobjeda.me&moatClientSlicer2=&moatClientSlicer3=
Requested by: Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 972dbe524bff306137cd8b00b4041bab06c98c1ca2707faee0eb1531a6f9a20b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 15:02:51 GMT
server: AmazonS3
x-amz-request-id: 96HDN9HC2M5W0VRQ
etag: "94f2dac15882330711d1ebb418af1c2e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=38119
accept-ranges: bytes
content-length: 105479
x-amz-id-2: CtropHWYzyrM99JHMUWQm/IAwW8q75P/6pPWI63Hb/XChd8n4hUg7137ZbCsH+6Npg4BGZiTWSA=

GET
H/1.1 200
OK openvv.js Show response
js.brealtime.com/ Frame 0CC2 25 KB
7 KB 31ms
30ms Script
application/javascript 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.brealtime.com/openvv.js
Requested by: Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eda8191f9ba76f5caac6877916a84ad731e96464925a7f9225d8a78b73d01240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 06:37:52 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: ERCBPK6FYYZ085N7
Age: 1133
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: LfvK16OMLhxMNpYFuEXMONEqQTcjyGyapkISVW1sG4TTe0xlfpZaY4bOORGAPfZ6eAc9pz/D3Ps=
Last-Modified: Mon, 28 Jan 2019 20:39:00 GMT
Server: cloudflare
ETag: W/"a3f3c6d66a408f8552e62ced6abc6fb4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
CF-RAY: 768505930dc09b1b-FRA
Expires: Fri, 11 Nov 2022 07:37:52 GMT

GET
H2 200 r2.png
lupon.media/pobjeda/2022/publish/publish300x250/images/ Frame 8E57 12 KB
12 KB 30ms
30ms Image
image/png 2606:4700:3032::6815:41fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lupon.media/pobjeda/2022/publish/publish300x250/images/r2.png
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad7364f424e6065ee83dcc95fc3fd43986c44716ce983ee00332943554ab6a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lupon.media/pobjeda/2022/publish/publish300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5640
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11964
last-modified: Thu, 27 Oct 2022 18:31:22 GMT
server: cloudflare
etag: "635ace7a-2ebc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMD7%2FdC9TUBI4r6HU%2BKQCfW1zUaBktz9NycnJVV5SuxxUxrbtf4QDRfPAVGXDIj1%2FPi50UvYJ0Eqog94OM4mFZsWI90evaF8bt3mvdTe1tdI%2BvTfDxhFgOHcsXxuP795%2F5MSyI7T2%2BFIUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=14400
access-control-allow-credentials: true, true
accept-ranges: bytes
cf-ray: 768505932ebabb3d-FRA

GET
H2 200 t11.png
lupon.media/pobjeda/2022/publish/publish300x250/images/ Frame 8E57 6 KB
6 KB 31ms
31ms Image
image/png 2606:4700:3032::6815:41fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lupon.media/pobjeda/2022/publish/publish300x250/images/t11.png
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c37ccea01c4da17af79e60619aa9d238aea2e4d2620ae1e9a3436baf2579b21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lupon.media/pobjeda/2022/publish/publish300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5640
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5825
last-modified: Thu, 27 Oct 2022 18:31:22 GMT
server: cloudflare
etag: "635ace7a-16c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9RwvB%2FbEW6F7%2B%2BWnixyUqzr4%2BwzQKDxpu5eL9LyHDoE9ZYByfEhGUX71FqqhTgost4x0UD%2B7wU7lHF%2BGkqv1AujtEVlMS%2BZhr27kTh1a5US%2FonHvGCynTy20DSqoipg%2FuaZh2%2BK4%2BZwWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=14400
access-control-allow-credentials: true, true
accept-ranges: bytes
cf-ray: 768505935f20bb3d-FRA

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6F44 42 B
64 B 101ms
56ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufrihxGZDwcBKkM7v-fa3aLAVB37md6KHXITGrSswb6IQ7Bf9Jw8qBBJEkIu8Q3GYH1sW8M23pdkgCSTwnfBRTgfN2ySuhfon4-9uh1Q42IMuaLbha&sig=Cg0ArKJSzA_LoHlWnCaYEAE&id=lidar2&mcvt=1000&p=996,1136,1246,1436&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221109&bin=7&avms=nio&bs=1600,1200&mc=0.82&vu=1&app=0&itpl=19&adk=2912701653&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668148671204&rpt=334&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame B90A 34 KB
16 KB 152ms
43ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: ghent-aws-fr.bidswitch.net
URL: https://ghent-aws-fr.bidswitch.net/imp/0.05610/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104560_Qrtbwp_R_I_WAUCTION__PRICE_X-zyirBqH7LG__xVfbESZzFRDP7tIYXQCm10_Qrtbdata_RDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn____nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/HWsWpMEN0VneDdwvFfhEWG7OQTpNO41Xt1v0xyf1ApaH9NynYaL7d2BY3J_lMVibhNso-ZikbYOL2-3-oKVXzhI5pvxeKxAxhLyZXw6XmFV-kMvCvKMH6-nGAGiFx7o6v7zwHlHxwly18wQFSe357lotb-yAHopjeUrlW8C8gGF89JqMVsKjKtPbTtw8xb8N6VzRdCFSCfS6_7z0Vib5diFAoatzEadkhvYDpxrSH4FRPf0_VQsj4IjhqI79e0Fu2PvCGV--yfE8mJsLDr_XzbFMZRcf_gsIvkBUinjMf-Kgc4HuyhhAmjXyqinoqtUa1TixUQfqiuzhj3cK7a41lpF_bCtlfrGiMg7-0CNQ9vO3g-tTnr2Oh3nB1bqJB14160cmfNI5ERnN5dcZROtQmoMq8aEf0GjQVzdTrQ_AHl4lThDXPH3pdPBdF-k3hujVJY1EDTuBH7ez1NudzwCY0xL5k5qzJcwOYMPK8x8mE3fDlIPGNHaLCh8CaQL8ef7fiGTG7UDWUcnWYZZdfreiEowhGjtgy2FnjPOhbpqJNeKvZS_EbCVuHFtBlLmOV1Q2mX17W8errrkVijwpV2BTeTFupRfSWN63nvOy9IeGx0dZJirNTvQ_dSoOyHe__bLEEdtnlL7hQj7L0-dFuQCmAzQ5nYmsVQ4SdTtJ-I_jYjaBAvpZDdBPZ3u2dlquhlzHPrqGalu2guSXown9lbPIkTWt2RwCMs5hReY8XxTHWSJptGdLj5jcaBFAB-UCz0NmSVUEaP_-hQv07F9VaML7S0_RjI_zmzlGwnHhtWtsEX7rIf4lqIOK3mN7-YwR6sX6qfQ6hcQw2PwMbEdS_dcySnIWyMefV4Z8YCNBF_Mol4nBI81XDDl51-f1Mgt1Lc_KrGleukDKilSj3HDHy2P-BbawFWyGWuFS5Aw9n0HjIgLHAA3K_cibmCZ1Aw2kBzqqrhMAD7fSIc3nV-Nl6ioAV1SnFO1OFnd5LgYxtB1dgmU-V0D9MaFMpjUU/$%7BCLICK_URL_ENC%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2bc342ab9f4dea0eb0b244afb0e55862e8f8eadf462e36b16c3bdf6b33c0f87d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:33:26 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 07:27:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 12 Nov 2022 10:19:21 GMT

GET
H2 200 t12.png
lupon.media/pobjeda/2022/publish/publish300x250/images/ Frame 8E57 4 KB
4 KB 35ms
34ms Image
image/png 2606:4700:3032::6815:41fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lupon.media/pobjeda/2022/publish/publish300x250/images/t12.png
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493cdfc41887258ba31309cddd047598b0ced35f95bb820e30f3723a81c9072c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lupon.media/pobjeda/2022/publish/publish300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5640
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3870
last-modified: Thu, 27 Oct 2022 18:31:22 GMT
server: cloudflare
etag: "635ace7a-f1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMTV2%2FFEmW1J1iBOf65jk3%2F6Eo%2BxRhWZ%2FPqKpq34Aqq5Mn8pgWIUSooQ1%2FFcc2RvCoVeOvniPHGUj82c%2B2W6C1N2%2BL%2FNo38jdj%2FfQeU7I4tL3NJh4pLp22ZAYa4%2FevQRYNfqTlJ5%2FU%2FjIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=14400
access-control-allow-credentials: true, true
accept-ranges: bytes
cf-ray: 768505938fb9bb3d-FRA

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 0CC2 34 KB
16 KB 216ms
113ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: ghent-aws-fr.bidswitch.net
URL: https://ghent-aws-fr.bidswitch.net/imp/0.05610/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104562_Qrtbwp_R_I_WAUCTION__PRICE_X-zyirBqH7LG__xVfbESZzFRDP7tIYXQCm10_Qrtbdata_RO-DGEutRE__Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi__GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn____nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/qIwF9rwTBtSNF-FLpbowR07yghdYF6d9d_jfAlaDu5I0mzj9VbihfnXBB2RcpOXqqEQU8lOMDINtcWfYB5dNIREOOrOLONK6mtQ4WSTd1ugES6Ygbtl76h72fAF_mWXJm_m6JLPklADXDjhcYczailEwGbRUH03ogWN-CIUPM5y-KM6jv9T1d8unUhvxnSPe17LZ9-Q3SMtIVoT1riEXpkntYCgBX0125_dUtdf55E42rhrOruY2TZt2Z2Vobc3dp2CKqN7XHSRe7zV29i5Dirvdxm19LAjenZnSuqv7HpOU2nUiiqNQb5GE4bW4oqd0hoKEvo-To374VeKZV6b7C7oJvwyDiyAy0FI4wBYLPPT4-G-SkiHSRiNGyC7uNjTgwZO7qP3q3NAPRftSw18J_PgMcYjRmH6VQRJk8xQYJ-N1lJdthJ7iNmRWLeQ96KCwMT9FA7lkg8KCV9RkIXUotkHwNyPXE5B9O3zaj40kRPk49zrub4ZJpRLXk0vMshczlD6Y2P3IuLA2LcsHIcozhoCdXskwsQD_nYk5Ix9jlpc05zTp5jpXjbyp_fs6oBbj7vXWl4l2mOKw9tmiZFK4CO9e9lCyjlJDJLe50elAWzMtnyg73PKbmqfdQmzCzZMLewqyTAy7hiSkhjred3TJpwrgSxljfTE-Ju4ZjrG4di82PGsumYDjgP8nCa_vlw7BUOeqvV1rKr_HGjbnre14RoSiTOAQeDhOjTzwoTTFBiQUhvmUqs0GFl8aAi0DE4xi8T4wLlajA-YtDUjjraaiDtNYskpn-pR4ieheo6aL_FbnBR9gGtWjlDe1cBJrAqn94_XFk5jurc71lImLHZAvpOB4j5jBQW_96mQj_kwnxSJ4SqirzNsjcv560jDjKJuBnHpFo37bDNNvd6JIMrPs8o891Yyk5RFwqdPofdJbulvk-AG65DXkpCLNxI5wXRRDeW6kNCM2o0cNW3bhLrXqv3fcwYDgVmc0eshWW0df6Izl5poL-_bdYUyuNA/$%7BCLICK_URL_ENC%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2bc342ab9f4dea0eb0b244afb0e55862e8f8eadf462e36b16c3bdf6b33c0f87d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:33:26 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 07:27:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 12 Nov 2022 10:19:21 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 78F1 34 KB
16 KB 196ms
99ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: ghent-aws-fr.bidswitch.net
URL: https://ghent-aws-fr.bidswitch.net/imp/0.05610/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104560_Qrtbwp_R_I_WAUCTION__PRICE_X-zyirBqH7LG__xVfbESZzFRDP7tIYXQCm10_Qrtbdata_RGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk__rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn____nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/5lX884c01co6_c4bFUGat-omBIsI4S-ZcWqCTPLZ1NpmozakooFZRhApk4BSMx80PCiIO-qEVu21dUp-TbywsXZBziMEIs523Kun6ZG-5P6Iw0u5uBZ2P6wVSO2wA33go9MOM_aIGd3ZfFnVAWvgAJ4fq75Hh_D8e3_Cgn-4bLhjQUDqyy9F2H26S7UPpKNn_w6rJGPCScFQLtUln-0B4tEHB7qb3PHh_kY7kTY0ex4DKD78iC8SzLugHkUsidyhD4rFH3UQlP1wEE0FTxAmfa31gwouk88L6KiVTVRIjgzOxS3CHq7sc8rn249I7mjYCPZYUjrSZ2ZLuyEssbeRlTNQfrfqWPcejXpiYMYaubTZjk3YTGKAZAsjplNxj_z8eULPYpPSLyjKJ1z0UVkl468X34DPWGn3o5ZL9VrHcrUT3wvXN3CMPe2Zv-gJV1xZy65lCRYjDQT4F59a8PsI9hb7Fl0s-X2saIlfD8o5ioQSKGdXmZ45NjT1aJPzMK7WmKv0TZxAlPW_tFBST_fJvjuiuoLCoKhoYrnkHTpEVHCch6ZtMujLGF4A5lYptrQg64iH_r2xCMyaAzcVEYdCXvxjm2bw0egfhPjniZTQ1zcVSdd-9Ay3o1GREWekBTYBka_ieURvV-vZxhDwy_4xOp4GlPe9fVfUTaoYTQRi1p-KaBez52o65f4dEGWddysuxivllkUONEA6nR1EpGEapZlYA-esFBV3K0NnygmkF1HnTRFFWK4RNaQbpoiNzoA3ewvkH6Wkm3N42RipkHaun9CSeRs3w4nKsQAVcTkzFDg24qZlCGREKq1y6ZzDqGn9Km61VYiyPs3xrR8AE8vqcniKfoWv6YT1ESypDX7yMqIiCu694huwt4X8j8xcHVp2JfL14ES-6lG1_OFZYW4uZiTHeK9vWQZelfmLLx-n0VOrxRGn0eDFCEmwaIGqiCxkLR1sZgjzJvshaXxfmgPQer9GKbwr0Hv6E4MSTRS37lcbZndxfWRGgyMet6Y/$%7BCLICK_URL_ENC%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2bc342ab9f4dea0eb0b244afb0e55862e8f8eadf462e36b16c3bdf6b33c0f87d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:33:26 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 07:27:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 12 Nov 2022 10:19:21 GMT

GET
H2 200 t2.png
lupon.media/pobjeda/2022/publish/publish300x250/images/ Frame 8E57 4 KB
5 KB 34ms
34ms Image
image/png 2606:4700:3032::6815:41fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lupon.media/pobjeda/2022/publish/publish300x250/images/t2.png
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 845a8eaa6e1416c4ee8339e14c93cf4a8d8bd1263054155eac089033e0196188

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lupon.media/pobjeda/2022/publish/publish300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5639
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4399
last-modified: Thu, 27 Oct 2022 18:31:22 GMT
server: cloudflare
etag: "635ace7a-112f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUemVsIwwtXfsSv3gmhRtRIPHjRzQRMfB9p8xJlv8WW3EnzRz312V1cXKwzeDNha2J6n8K4fqrwU4RySVcR6arFFFPLEw%2FXsy7Mrk6ng%2F%2Fz56hYy1P3h5pLfisZmLXE1gvmfdyvchjZOfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=14400
access-control-allow-credentials: true, true
accept-ranges: bytes
cf-ray: 76850593c818bb3d-FRA

GET
H2 200 t3.png
lupon.media/pobjeda/2022/publish/publish300x250/images/ Frame 8E57 3 KB
4 KB 111ms
111ms Image
image/png 2606:4700:3032::6815:41fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lupon.media/pobjeda/2022/publish/publish300x250/images/t3.png
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:41fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 995e03bc5ee30605768b6a59297ed57a1e02e7f552145c2f26d3d04f794a2b90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lupon.media/pobjeda/2022/publish/publish300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5639
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3382
last-modified: Thu, 27 Oct 2022 18:31:22 GMT
server: cloudflare
etag: "635ace7a-d36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQjViKcmswTEJbxCz%2BzB4zxSaUkBzN%2FUh7u0Vm9EPtpdT9afQ%2B1T89UCCqMrCCKF19FXLO57jcd52flvKEha6ieWR30%2BFdJexp7bHDOPWkSCtRNsDXmWqWuY9OulSK869yGtw83C%2FEtG%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=14400
access-control-allow-credentials: true, true
accept-ranges: bytes
cf-ray: 768505940891bb3d-FRA

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame B90A 5 KB
3 KB 53ms
51ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=37104560;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=DCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1;;oobclicktrack=%24%257BCLICK_URL_ENC%257D;js=1;adfxid=1x;3480;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.pobjeda.me%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f3620dff25bb7b71f2f78e8d06fa4af0d575da2f1e91d07f8db1353649afffe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2573
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 78F1 5 KB
3 KB 49ms
48ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=37104560;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=GXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1;;oobclicktrack=%24%257BCLICK_URL_ENC%257D;js=1;adfxid=2x;3690;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.pobjeda.me%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2317b9095f343289c5f76607dbd42da0803ce35dfd9bbd29159d1ee168bef838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2576
expires: -1

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 090F 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurUTWRHFe1If-kXWPpepk9XFPwWtUDJtPXtXiCO8eiVb3aoVY8AxCwDVfNUsj6RvtUzEds5Ru_kYq70BQaHSvM_EhLtMAhhZImhhwD7be0PsoDHd1x&sig=Cg0ArKJSzNUAUIZ7ztVHEAE&id=lidar2&mcvt=1000&p=219,315,469,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221109&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1954915683&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668148671189&rpt=436&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 0CC2 5 KB
3 KB 47ms
47ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=37104562;rtbwp=0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10;rtbdata=O-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1;;oobclicktrack=%24%257BCLICK_URL_ENC%257D;js=1;adfxid=3x;2048;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.pobjeda.me%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6343c52ebbd05bab5ae97ebbc68524df12cda4ddb64fe3cd61403f70ff519e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2582
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame B90A 36 KB
12 KB 94ms
36ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244668
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ML8F6H9yX3B0iDHiJGwxtriWh%2BvUDQqMMMRYCyUHJhdRqtm%2BEz34hAOqGvaDT9gisrk5lCQReW3u54%2BQ2cNMEHaVClN63%2Fo0ZhFvBh4W%2FxSaNOOdYUFpDKI%2BF6RtvhIYuoPMUQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 76850595883d9bb0-FRA
expires: Tue, 01 Nov 2022 10:40:10 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame B90A 35 B
469 B 46ms
45ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=37104560&csi=qsitNquugmK5qnUTF1Ma5bZz0vuwcjTEi3mLmmJrvwkJDwKV3Zer3FVlU4EkGSJUalTllJ-L0GcHDJYr9wF8K2QBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://www.pobjeda.me
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 78F1 36 KB
12 KB 99ms
41ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244668
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=It9KUhV9cSIi%2Bvie4wmviPBV0oope3WIBv82TS8YKIxM0se0GN6Ba6FPdHcqNipYllK10HuDeNNGi9UEGZbyBdl%2BIUfxeMBYIL5uku1pJeSuAQzfJMcqG6IWAyvnIoR9IP6QFFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7685059588409bb0-FRA
expires: Tue, 01 Nov 2022 10:40:10 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 78F1 35 B
469 B 46ms
46ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=37104560&csi=MPY1a_Jph8Ev8p9qS1ELtbNFvmnWdTQSi3mLmmJrvwkJDwKV3Zer3FVlU4EkGSJULYitm7_DApGqeqGXyzN6h2QBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://www.pobjeda.me
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 0CC2 36 KB
13 KB 80ms
34ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244668
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BrLAE%2FJLSLHSOM4DvBsMoEahqCYpH9p%2BQt0DbnN1SebAHI5kgeu8%2Bja%2B47bTmrZm%2Fld2lLHtnr1BfKHqqUJHWNB6bqHMoe3ZCljOqNrodAzLNLgc%2F7TblwYfPECbFD5LAUJOkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7685059588419bb0-FRA
expires: Tue, 01 Nov 2022 10:40:10 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 0CC2 35 B
469 B 46ms
45ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=37104562&csi=3K2zIHkfbcU6GAsizzvWR_2oapUMIwbYi3mLmmJrvwkJDwKV3Zer3FVlU4EkGSJUVruBRgEemp6u-8bP3Bw13WQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://www.pobjeda.me
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame B90A 35 KB
15 KB 50ms
50ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:33:26 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 07:27:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 12 Nov 2022 10:20:53 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 78F1 35 KB
15 KB 54ms
54ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:33:26 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 07:27:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 12 Nov 2022 10:20:53 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 0CC2 35 KB
15 KB 50ms
50ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.223/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:33:26 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 07:27:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 12 Nov 2022 10:20:53 GMT

GET
H2 204 / Show response
e1.emxdgt.com/sync/ Frame 0CC2 0
22 B 25ms
25ms Script
text/html 3.75.3.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.emxdgt.com/sync/
Requested by: Host: imp-euro.emxdgt.com
URL: https://imp-euro.emxdgt.com/imp/?cp=0.05610&ts=1668148672&seat=70&w=728&h=90&pb=0.04488&sid=1132&tid=78589&pid=413&uid=68781668148672332013f1&wid=21&dom=www.pobjeda.me&tp=0.05610&mt=1&dt=2&st=1&os=&ip=217.114.215.132&sz=&country=DE&region=TH&city=Erfurt&zip=&dma=&agency_id=&cluster=euro-hb&browser=chrome&rf=www.pobjeda.me&data_fee_type=&data_fee=0&clstr_nm=header-bidding-euro-4&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.110%20Safari/537.36&make=&ifa=&adom=ad4m.at&cat=3&gdpr=1&crid=70_37104562&burlv2=aHR0cHMlM0ElMkYlMkZnaGVudC1hd3MtZnIuYmlkc3dpdGNoLm5ldCUyRndpbl9ub3RpY2UlMkZlbXhkaWdpdGFsX2JpZCUzRnJpZCUzRHFJd0Y5cndUQnRTTkYtRkxwYm93UjA3eWdoZFlGNmQ5ZF9qZkFsYUR1NUkwbXpqOVZiaWhmblhCQjJSY3BPWHFxRVFVOGxPTURJTnRjV2ZZQjVkTklSRU9Pck9MT05LNm10UTRXU1RkMXVnRVM2WWdidGw3Nmg3MmZBRl9tV1hKbV9tNkpMUGtsQURYRGpoY1ljemFpbEV3R2JSVUgwM29nV04tQ0lVUE01eS1LTTZqdjlUMWQ4dW5VaHZ4blNQZTE3TFo5LVEzU010SVZvVDFyaUVYcGtudFlDZ0JYMDEyNV9kVXRkZjU1RTQycmhyT3J1WTJUWnQyWjJWb2JjM2RwMkNLcU43WEhTUmU3elYyOWk1RGlydmR4bTE5TEFqZW5ablN1cXY3SHBPVTJuVWlpcU5RYjVHRTRiVzRvcWQwaG9LRXZvLVRvMzc0VmVLWlY2YjdDN29Kdnd5RGl5QXkwRkk0d0JZTFBQVDQtRy1Ta2lIU1JpTkd5Qzd1TmpUZ3daTzdxUDNxM05BUFJmdFN3MThKX1BnTWNZalJtSDZWUVJKazh4UVlKLU4xbEpkdGhKN2lObVJXTGVROTZLQ3dNVDlGQTdsa2c4S0NWOVJrSVhVb3RrSHdOeVBYRTVCOU8zemFqNDBrUlBrNDl6cnViNFpKcFJMWGswdk1zaGN6bEQ2WTJQM0l1TEEyTGNzSEljb3pob0NkWHNrd3NRRF9uWWs1SXg5amxwYzA1elRwNWpwWGpieXBfZnM2b0Jiajd2WFdsNGwybU9Ldzl0bWlaRks0Q085ZTlsQ3lqbEpESkxlNTBlbEFXek10bnlnNzNQS2JtcWZkUW16Q3paTUxld3F5VEF5N2hpU2toanJlZDNUSnB3cmdTeGxqZlRFLUp1NFpqckc0ZGk4MlBHc3VtWURqZ1A4bkNhX3ZsdzdCVU9lcXZWMXJLcl9IR2pibnJlMTRSb1NpVE9BUWVEaE9qVHp3b1RURkJpUVVodm1VcXMwR0ZsOGFBaTBERTR4aThUNHdMbGFqQS1ZdERVampyYWFpRHROWXNrcG4tcFI0aWVoZW82YUxfRmJuQlI5Z0d0V2psRGUxY0JKckFxbjk0X1hGazVqdXJjNzFsSW1MSFpBdnBPQjRqNWpCUVdfOTZtUWpfa3dueFNKNFNxaXJ6TnNqY3Y1NjBqRGpLSnVCbkhwRm8zN2JETk52ZDZKSU1yUHM4bzg5MVl5azVSRndxZFBvZmRKYnVsdmstQUc2NURYa3BDTE54STV3WFJSRGVXNmtOQ00ybzBjTlczYmhMclhxdjNmY3dZRGdWbWMwZXNoV1cwZGY2SXpsNXBvTC1fYmRZVXl1TkElMjZwJTNEJTI0JTdCRU1YX0JVUkwlN0QlMjZhaWQlM0Q=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.75.3.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-3-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
content-length: 0
content-type: text/html

GET
H2 204 / Show response
e1.emxdgt.com/sync/ Frame B90A 0
22 B 23ms
23ms Script
text/html 3.75.3.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.emxdgt.com/sync/
Requested by: Host: imp-euro.emxdgt.com
URL: https://imp-euro.emxdgt.com/imp/?cp=0.05610&ts=1668148672&seat=70&w=300&h=250&pb=0.04488&sid=1132&tid=78589&pid=413&uid=68791668148671877987f1&wid=21&dom=www.pobjeda.me&tp=0.05610&mt=1&dt=2&st=1&os=&ip=217.114.215.132&sz=&country=DE&region=TH&city=Erfurt&zip=&dma=&agency_id=&cluster=euro-hb&browser=chrome&rf=www.pobjeda.me&data_fee_type=&data_fee=0&clstr_nm=header-bidding-euro-4&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.110%20Safari/537.36&make=&ifa=&adom=ad4m.at&cat=3&gdpr=1&crid=70_37104560&burlv2=aHR0cHMlM0ElMkYlMkZnaGVudC1hd3MtZnIuYmlkc3dpdGNoLm5ldCUyRndpbl9ub3RpY2UlMkZlbXhkaWdpdGFsX2JpZCUzRnJpZCUzREhXc1dwTUVOMFZuZURkd3ZGZmhFV0c3T1FUcE5PNDFYdDF2MHh5ZjFBcGFIOU55bllhTDdkMkJZM0pfbE1WaWJoTnNvLVppa2JZT0wyLTMtb0tWWHpoSTVwdnhlS3hBeGhMeVpYdzZYbUZWLWtNdkN2S01INi1uR0FHaUZ4N282djd6d0hsSHh3bHkxOHdRRlNlMzU3bG90Yi15QUhvcGplVXJsVzhDOGdHRjg5SnFNVnNLakt0UGJUdHc4eGI4TjZWelJkQ0ZTQ2ZTNl83ejBWaWI1ZGlGQW9hdHpFYWRraHZZRHB4clNINEZSUGYwX1ZRc2o0SWpocUk3OWUwRnUyUHZDR1YtLXlmRThtSnNMRHJfWHpiRk1aUmNmX2dzSXZrQlVpbmpNZi1LZ2M0SHV5aGhBbWpYeXFpbm9xdFVhMVRpeFVRZnFpdXpoajNjSzdhNDFscEZfYkN0bGZyR2lNZzctMENOUTl2TzNnLXRUbnIyT2gzbkIxYnFKQjE0MTYwY21mTkk1RVJuTjVkY1pST3RRbW9NcThhRWYwR2pRVnpkVHJRX0FIbDRsVGhEWFBIM3BkUEJkRi1rM2h1alZKWTFFRFR1Qkg3ZXoxTnVkendDWTB4TDVrNXF6SmN3T1lNUEs4eDhtRTNmRGxJUEdOSGFMQ2g4Q2FRTDhlZjdmaUdURzdVRFdVY25XWVpaZGZyZWlFb3doR2p0Z3kyRm5qUE9oYnBxSk5lS3ZaU19FYkNWdUhGdEJsTG1PVjFRMm1YMTdXOGVycnJrVmlqd3BWMkJUZVRGdXBSZlNXTjYzbnZPeTlJZUd4MGRaSmlyTlR2UV9kU29PeUhlX19iTEVFZHRubEw3aFFqN0wwLWRGdVFDbUF6UTVuWW1zVlE0U2RUdEotSV9qWWphQkF2cFpEZEJQWjN1MmRscXVobHpIUHJxR2FsdTJndVNYb3duOWxiUElrVFd0MlJ3Q01zNWhSZVk4WHhUSFdTSnB0R2RMajVqY2FCRkFCLVVDejBObVNWVUVhUF8taFF2MDdGOVZhTUw3UzBfUmpJX3ptemxHd25IaHRXdHNFWDdySWY0bHFJT0szbU43LVl3UjZzWDZxZlE2aGNRdzJQd01iRWRTX2RjeVNuSVd5TWVmVjRaOFlDTkJGX01vbDRuQkk4MVhERGw1MS1mMU1ndDFMY19LckdsZXVrREtpbFNqM0hESHkyUC1CYmF3Rld5R1d1RlM1QXc5bjBIaklnTEhBQTNLX2NpYm1DWjFBdzJrQnpxcXJoTUFEN2ZTSWMzblYtTmw2aW9BVjFTbkZPMU9GbmQ1TGdZeHRCMWRnbVUtVjBEOU1hRk1walVVJTI2cCUzRCUyNCU3QkVNWF9CVVJMJTdEJTI2YWlkJTNE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.75.3.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-3-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:52 GMT
content-length: 0
content-type: text/html

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 36ms
20ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=EMX_SSP_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=14&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1668148672946&de=162687174701&m=0&ar=48843429bae-clean&iw=ffa0d6e&q=2&cb=0&ym=0&cu=1668148672946&ll=2&lm=0&ln=1&em=0&en=0&d=413%3A1132%3A78589%3Aundefined&bo=www.pobjeda.me&bp=&bd=&zGSRC=1&gu=https%3A%2F%2Fwww.pobjeda.me%2F&id=1&ii=4&zMoatOrigSlicer1=www.pobjeda.me&zMoatOrigSlicer2=N%2FA&gw=emxsspdisplay905071498485&fd=1&it=500&ti=0&ih=2&pe=1%3A291%3A291%3A0%3A456&fs=200871&na=182992561&cs=0
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Nov 2022 06:37:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ED7B 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvI-CGUjErszobdLw_b7DW66qMyw4PlQg_RUllE_NfAGMBZ4fvWohT0-usu22y0DB11wJXg4apOP4eSwbBPpsyL_kXPbg0xoyw7ksWS8qk_MNoeSgddsBfOsg9tADzHeOpwRBg-c7FyETEXF6A6Ay2y-KeBjFnQLg8kcFlgavU2j2SQoqiE3Q7W2KfbBHWb81a9bL0PsDjoVVWOmU5kMzsnNIkxZiIwhDbO-0vcQq8O9Sjyd-HOr414pzcJkV_X9u8tzCLiZtgRb1P48v_hzzsls_1nEKXtj-zoygt3-INgSAOdicbauDPQ7XKaE5CJ-RCQQ8Ljiw&sai=AMfl-YTWzv9prv1Dwtngx1h8RrLqKUyH-myhduOv9b82K_ZfdZ5JUqMDB0XHTrOtoa1nrIl8870CtIbDDYZOmSTqAJGGmWQRtQ61TVn6wcDz2oDzWz6LLlKfqt_8OE_9uktxNg&sig=Cg0ArKJSzE8Awk6jSP_NEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:53 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 5C9A 2 KB
1 KB 70ms
44ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1333960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7685059719f29164-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 11 Nov 2022 06:37:53 GMT
expires: Wed, 26 Oct 2022 21:05:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWDKBf8ZrQ7OOiXV%2Bim2iuaEJqe5wvUCx2DxWixxzkaeiFpbnD13Mrvd%2B4bVOQy1OITRhhPCCILJlnRbBthWoBCsG%2Fr53SD1hDCZQMobmHQE%2BIwjiURNqBgd7gpxjys3E3HIb%2Fc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame A45C 2 KB
1 KB 58ms
37ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1333960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7685059719f49164-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 11 Nov 2022 06:37:53 GMT
expires: Wed, 26 Oct 2022 21:05:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCJ28kW%2B4HIwcslX2P2wrc%2FjLmqmEExFxOphqSukJAarE72H4lQ0tGzlJ05dAP4zya4uuayxobslbyywQ%2FT6lt3ypzyjT7%2BLAPXwtv202MtTFJg85JtBvG0QLBWfyRy9GAkFOL4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 777B 2 KB
1 KB 50ms
36ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1333960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7685059719f09164-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 11 Nov 2022 06:37:53 GMT
expires: Wed, 26 Oct 2022 21:05:13 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWB%2Bgrzo%2F1%2FtdW3kZF3XAPBQLQaF6XC2MCmRfTGw%2BCFMO1yxE8hXFvoiV0e%2F0w8uVzl24RXx%2BmurbDPK04gl%2B5RQ69%2FLcz2L4ivFNy0JAKERVvfANciIoCYJrVHy1VBpyX39clU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 72B0 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHYk2s5R0EQRcC1T_eVjVgH1JW85GcHtAsQCErxIkqyj57SMjOdW-VI3O5Lca31tljz9JvTAyY-gGpYjUkI6dn_9upu8L2rr0cWSo8DXyxvAsWIioy&sig=Cg0ArKJSzEIwR0fbTiY6EAE&id=lidar2&mcvt=1019&p=219,1448,819,1648&mtos=0,1019,1019,1019,1019&tos=0,1019,0,0,0&v=20221109&bin=7&avms=nio&bs=1600,1200&mc=0.76&vu=1&app=0&itpl=3&adk=889116296&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668148671384&rpt=672&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A422 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3zsHZbyz9vvWIQbosQZm9HA1bayRZ6dilMA6TJ2Z9iXu8tqS741LSDYbSHhoY0ASTzAAXdGlFJlpbOGAETyLjK8U6kcOiu24C6wVHG_Q2lmqAssRX&sig=Cg0ArKJSzBJBi_4LFjYuEAE&id=lidar2&mcvt=1022&p=219,-48,819,152&mtos=0,1022,1022,1022,1022&tos=0,1022,0,0,0&v=20221109&bin=7&avms=nio&bs=1600,1200&mc=0.76&vu=1&app=0&itpl=3&adk=3494706769&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668148671373&rpt=705&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=EMX_SSP_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=14&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1668148673042&de=569388066201&m=0&ar=48843429bae-clean&iw=ffa0d6e&q=5&cb=0&ym=0&cu=1668148673042&ll=2&lm=0&ln=1&em=0&en=0&d=413%3A1132%3A78589%3Aundefined&bo=www.pobjeda.me&bp=&bd=&zGSRC=1&gu=https%3A%2F%2Fwww.pobjeda.me%2F&id=1&ii=4&zMoatOrigSlicer1=www.pobjeda.me&zMoatOrigSlicer2=N%2FA&gw=emxsspdisplay905071498485&fd=1&it=500&ti=0&ih=2&pe=1%3A291%3A291%3A0%3A456&fs=200871&na=151133440&cs=0
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Nov 2022 06:37:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=EMX_SSP_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=14&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1668148673052&de=830507484246&m=0&ar=48843429bae-clean&iw=ffa0d6e&q=8&cb=0&ym=0&cu=1668148673052&ll=2&lm=0&ln=1&em=0&en=0&d=413%3A1132%3A78589%3Aundefined&bo=www.pobjeda.me&bp=&bd=&zGSRC=1&gu=https%3A%2F%2Fwww.pobjeda.me%2F&id=1&ii=4&zMoatOrigSlicer1=www.pobjeda.me&zMoatOrigSlicer2=N%2FA&gw=emxsspdisplay905071498485&fd=1&it=500&ti=0&ih=2&pe=1%3A291%3A291%3A0%3A456&fs=200871&na=804088016&cs=0
Requested by: Host: www.pobjeda.me
URL: https://www.pobjeda.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Nov 2022 06:37:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 814E 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstf8SKKMBkcR4d5Lb6AEVAUT9ED73d1kKfFO0HrA8UWyPPJi9h1pgLR9YwpZSw6PDzcF0cMKJU3bZ_N_xEKo0GAi6maMTwuKkvo1qQ7LU2TPWUXvp8ygfXbZ8b2GUKLKyqV5s-Zj0ncTS_1eAiSfO5aHoKT-G4isw0Nm6WvWN06qL1OZZB4z-V10NzWBO9EyZQEpLWdRziEdai-JJjWDGsBqs2tbqVROr9zdB3Ky5BQfuMk_VnT9gNP3JwqpNZw6joowmmjjEgC3j6fL-pmX5XislLujybceXFILUOzj0rSn8FHsJjh2pIb82eRKz9XBSHzXgV9&sai=AMfl-YSnfNgcevCXM6yOE17qJDmsdHONnCalYeArS7oudT1PY0mFsBD8G4Dcq35cHonI7CaASJot3D-rsUe-SMwGX343DzjGsYfNRHaIpm_JSsl9av8VI1l-2wDhhw4b4qRpTg&sig=Cg0ArKJSzATgye2vT3wxEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 06:37:53 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5d9d77bd0446d6e4/ 1 KB
709 B 93ms
92ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5d9d77bd0446d6e4/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 13bc4aa7a223028e807d90cd08fca28dec667454bd8c59d9f8e88665fc509367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
content-encoding: gzip
etag: -395966340--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=51, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 533

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 213ms
193ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=636dedbe6295eb25&bkl=0&bl=1&pdt=488&sid=636dedbe6295eb25&pub=ra-5d9d77bd0446d6e4&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.pobjeda.me&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1668148673210&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22Angular%22%2C%22plugin_name%22%3A%22official-addthis-angularjs%22%2C%22plugin_version%22%3A%221.0.3%22%2C%22plugin_mode%22%3A%22AddThis%22%2C%22cms_version%22%3A%221.5.11%22%7D&jsl=1&uvs=636dedbe44bbb16a000&skipb=1&callback=addthis.cbs.jsonp__57282590557289170
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a965114f6ec4d6ac9b3b3e41aef74f1d28e557290232a3668e3f2ffae0854be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:53 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 3004 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 1F51 71 KB
26 KB 49ms
48ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Fri, 11 Nov 2022 06:37:53 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 50ms
50ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7359cf29957eb0f9c4aff7864d058f50f0469d0603d759412d85727d301a6a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11138
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame B90A 1 KB
1 KB 45ms
44ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 960bbddfa0d9f97885016e28a1423bef975094afeb24d01afec6263443eb25bc

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQoox%2FOBQkwSifHDZ2%2Beux1CF39co2bJ9dpQRpk7R45w5viGhXlQz5YVlo2rqwqeE3YdcQibVh9evjOjvgWkPQARZ519xbZqTGocmoXMC5LZoaf6ZOzQ7lcYuLqHHvk6IPGxeQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://www.pobjeda.me
access-control-allow-credentials: true
cf-ray: 7685059848c9907c-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 84ms
48ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pobjeda.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://www.pobjeda.me
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76850597f84e907c-FRA
content-length: 24
content-type: text/plain
date: Fri, 11 Nov 2022 06:37:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9FxAexsNVsFtYWHMgLSoWN1Iyy0%2Bad%2FdGKOVzDNOLLBBkX0cIyHumzYBZNFByZrxIVvvw8ypFXu4f%2FZiZOURbsAB5rzIfkR%2FuzpvbUVZGnEyw2r0V6IsMH4Yg4%2F4wDP37UyKOY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-r18q

POST
H3 200 rs Show response
ad4m.at/ Frame 0CC2 1 KB
1 KB 48ms
48ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270f63a3a7cb7b0702c8dd6fddf5158400adf970ad478c663c534e66eb6c8821

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlQc8lYd%2FCJlV6YGzqCoMldBXD9DXX3S%2B9Li2Ee%2FKufGn2U%2Biy6POVlhzY1tZrW96PI8c6bVWbCrIVmHPQEZ6%2Fy1mD%2FQ8zwExnBcgxgMSEUblSptMpMafvpoD%2BiiQ%2Ba9iSFyuiI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://www.pobjeda.me
access-control-allow-credentials: true
cf-ray: 7685059838bd907c-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 77ms
44ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pobjeda.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://www.pobjeda.me
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76850597f84b907c-FRA
content-length: 24
content-type: text/plain
date: Fri, 11 Nov 2022 06:37:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cq0%2F4X90GY0NFsbXDdaDsISz%2BqACHUTGzC%2BSIfL6aFLj%2BVmQWQFTA66x9VOrIZlflaNInM7ju8yZgSlSdTL043YB9UR4TdHMpVn3WjBdyi0GKtbG2%2Blgvfnr%2FOyCzM0hguL0U90%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

POST
H3 200 rs Show response
ad4m.at/ Frame 78F1 1 KB
1 KB 47ms
47ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9967222191f5cd06257e86f03e7e40e39b269d0328492a7daa0541d84a1bd43a

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYndlLLprbQ2g8yh6ab%2BPuaSbRG3Fhsmh75aIdJo%2B9JIjcY8xWaZ9dy3FHWnAkiYOax4Uw1ibtSo5QSsJGJNinooBMQuaCTvaQq2pF5%2BdE826xMZYLpGc8mVdPhJxwIAlN0aaq8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://www.pobjeda.me
access-control-allow-credentials: true
cf-ray: 7685059848cb907c-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 83ms
50ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pobjeda.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://www.pobjeda.me
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76850597f84c907c-FRA
content-length: 24
content-type: text/plain
date: Fri, 11 Nov 2022 06:37:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cr%2FZvYBWDo9KsCCJi37R%2Bzb0Y63ie7lz7YWinu1R7ttCfoTuqL%2BDxEMZDWONFuwvXe7EXWnsAjSNZ7zS7yBDmpcfTicKN%2Bm3c9yAilmCLKV2EypdglKU2fcyMHxfPwk2Z%2FJeaKk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-r18q

GET
H2 200 1668118740-jakic-i_600x450.PNG
media.pobjeda.me/media/2022/11/10/ 431 KB
431 KB 33ms
32ms Image
image/png 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pobjeda.me/media/2022/11/10/1668118740-jakic-i_600x450.PNG?cacheControl=1668118766
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5febacbc048524def468ac93b16e7e15f55e97c5ed99a6b3742ecc3a0d3c9b3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1752
content-length: 440869
last-modified: Thu, 10 Nov 2022 22:19:29 GMT
server: cloudflare
etag: "636d78f1-6ba25"
vary: Accept-Encoding
access-control-allow-methods: get
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3773lDnIh2h18P7GtdxqjqBB9SrEahzBxGp%2BUcAcR7Eg44Rr1%2BxN9I6B%2FcJan1lhWPHQO9O%2BYpvdzfpWfYN0lK9qI2VPmLFolB1LBoUMvbPzCX6%2FRphp6YmeWwrdxcV5FrEjPWklc7taKrFNCI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 76850597f9d99bb8-FRA
access-control-allow-headers: content-type,x-requested-with
expires: Sat, 11 Nov 2023 06:08:41 GMT

GET
H2 200 1668118587-janus-bugajski-americki-analiticar-2409-2022-iva-mandic-8-i_600x450.JPG
media.pobjeda.me/media/2022/11/10/ 27 KB
27 KB 39ms
38ms Image
image/jpeg 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pobjeda.me/media/2022/11/10/1668118587-janus-bugajski-americki-analiticar-2409-2022-iva-mandic-8-i_600x450.JPG?cacheControl=1668118614
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbce652354a4aa30fc3d64029058855d51ced4dd3a0e7d165c25b42c19e3ea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1752
content-length: 27589
cf-bgj: h2pri
last-modified: Thu, 10 Nov 2022 22:16:57 GMT
server: cloudflare
etag: "636d7859-6bc5"
vary: Accept-Encoding
access-control-allow-methods: get
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t377QSp%2FPY%2F0hg%2BTu4ZLYgMub9g1O3HoyXi37ifcij8k2jRIolB0C3xfQRjye37G8KdX9hhC4BoSz%2BlAWmRMfGId0aaGCWjUa0FihGj%2BOCFlEBFPjazqNtj2JquFKJQCbZjMgOUNZMnqGHEI66k%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 76850597f9dc9bb8-FRA
access-control-allow-headers: content-type,x-requested-with
expires: Sat, 11 Nov 2023 06:08:41 GMT

GET
H2 200 1592430758-milorad-pustahija-003-2102-2020-stevo-vasiljevic-i_600x450.jpg
media.pobjeda.me/media/ 18 KB
18 KB 45ms
44ms Image
image/jpeg 2606:4700:20::681a:a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.pobjeda.me/media/1592430758-milorad-pustahija-003-2102-2020-stevo-vasiljevic-i_600x450.jpg?cacheControl=1592430770
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63975a110b03a2f378dc3b377cecf5fb97b853bd380935987e7203fed84006ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1075
content-length: 18301
cf-bgj: h2pri
last-modified: Wed, 17 Jun 2020 21:52:39 GMT
server: cloudflare
etag: "5eea90a7-477d"
vary: Accept-Encoding
access-control-allow-methods: get
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcjWDKqYY3%2FeaZdtAS%2Ff1XPj7oEp55vyBWvuLYIocf9gg7qBUepuF40uve4Zizfiw2TqPDiTA2SpMB%2FCeTAtEgCjYCe2vpH6L70F2iH5dsm4w%2FcM9HEYzuek4YGuk5DGKYjJQxYiS5hL4dn5d1c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 76850597f9e19bb8-FRA
access-control-allow-headers: content-type,x-requested-with
expires: Sat, 11 Nov 2023 06:19:58 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Nov 2022 06:37:53 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 27ms
25ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1C66 13 KB
5 KB 23ms
21ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 19:31:54 GMT
expires: Fri, 10 Nov 2023 19:31:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 58AD 783 B
536 B 73ms
72ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2293d1d55b750291f8bf87642ff7d238dbfcbfb67e2f1453f551e9a5d5e2119

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VuXVBf6QLcQqxe4s9tl4Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-VuXVBf6QLcQqxe4s9tl4Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 06:37:53 GMT
expires: Fri, 11 Nov 2022 06:37:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 4139 12 KB
4 KB 42ms
41ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff70f2c7153694b6206d8af9eef26edc85a688d382fd8ac6740ad9f0a88a394e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76850598aec69bb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 06:37:53 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame DD62 12 KB
3 KB 42ms
42ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecfb005d1f50ef89ab67d61f2b2c449ccc40a05fe2900264e68563c6ee8a72e1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76850598aece9bb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 06:37:53 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 9B53 12 KB
3 KB 42ms
42ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

669f204d8b40c0281ba02ce3d77a258b1b59ed739da71c0c3c0705408e715e2c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76850598aed19bb0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 06:37:53 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C66 36 KB
16 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 20:43:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 58AD 0
0 58ms
57ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110801&jk=3894180619877934&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B71C 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukckwXcet0eEoy4VhR-GVUk9mqS5hHAxgHJzji0sWyCUuW4BctecCBpZ_zyx5_jkCHtdl__9yZvxIcLSjJq8ZZ5p8-wbRd3CKAbEMrO1s6SpB8LKU1&sig=Cg0ArKJSzOoJhXw3F-_UEAE&id=lidar2&mcvt=1002&p=6,460,96,1188&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221109&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3523127945&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668148671365&rpt=1038&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 4139 89 KB
11 KB 40ms
40ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 738732
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 17:25:41 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 768505990d369164-FRA
expires: 0

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 4139 127 KB
128 KB 37ms
36ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1580633
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130164
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARDF2Mg3Ft0YHGgHCERZnA6VLcLaf2sAgOxqB%2BZQumb5Sy4mOcx1rujS9%2BsmpL06IKrMK9IheBNu7VTZFYru4BIYN4ip4M2Om%2BKMib44UON7P2YluGNYXyDfUAHW0qBkHUG7c%2BB8kuAU9ZUK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505990f6d9bb0-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 4139 461 KB
462 KB 42ms
40ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1507838
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmJaMqs2SD5W7F%2Fdtg39tStD4vT9kD77BwAM%2FLV1YlkEE3lV6W9IjPgOWtF6MAaDIZxHNjN%2BfHeJrOpE7fVno%2BuI3lnNW56TBxTNnYnDLB1qdBot73h84QCyN9ZTPMtWV7KwKlt0nHg8iLr%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505993fde9bb0-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 4139 38 KB
38 KB 43ms
42ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1509312
cf-polished: origFmt=png, origSize=77267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AR4JgcoBxnXYvuS8D8ZcuT01RIZ7hA3J4pyMXc%2BphLdi21pSLTFkTfmvkpgabQGDv3cakxAd7Z9ozZxs9sAFHG%2BdbDO93Mu2ut0suKMK4wOFC9Gi8V3bvnAm7pDXMjfKKxUajsL4UAzgB26e"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505993fdf9bb0-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 4139 84 KB
84 KB 56ms
55ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 648295
cf-polished: origSize=90165, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGna0qTHYMNaC8%2BdteGPAs5MAUNPcvimom%2B2N16Tni9gvZRrCkwlOcLF1B4WimVd%2FzCyPlfukUyPqNn4QXE0umXAWqTsukbaYqVHyN9fMZBSeUfADjanHgES0CfwJUXFRbsH1EiVAp1wIk%2F4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505993fe09bb0-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H2 200 B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame 4139 5 KB
5 KB 57ms
56ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521419
cf-polished: origFmt=png, origSize=17428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4642
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 Oct 2021 09:58:13 GMT
server: cloudflare
etag: "aa8fff6f6c7d296f039d5bcda00d5257"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbJFmHHcjO8zzv31RRcLK34AmkKaM9i14nlLKqAbPjDcPdWuxhshfVqCadzMo4e%2FNIEdyJtNrwlGbTovgkwgeB9ie%2Fw76vHcYO5FLSHqZ1BwPLfQxXfyB31Fmcls%2FQtaHOyuIQN8DypR8b8y"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505993fe19bb0-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H2 200 B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
assets.ad4m.at/product_image/ Frame 4139 418 KB
419 KB 56ms
56ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e4ffbbf3cfbc0cefa8d24b51f9b0ba175b8303f02507343d8b260160114274

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 740301
cf-polished: origFmt=png, origSize=725824
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 428526
cf-bgj: imgq:85,h2pri
last-modified: Thu, 03 Mar 2022 16:06:29 GMT
server: cloudflare
etag: "4bc7b5f2b8f57f9439aaac8fcacf7e77"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSai3YoIDXSE6ET2SL6AVvd8u%2Fhjnd7%2FbYDQtljVNJjVqRb9XAx2KGFyrw5iN5bLeAIezB%2FUMMPrPxixwsWFMyv8msvCbpkhlC6Vvykx8a8VBEVfPPfdUCDtzhwDp3OwhOi80xDjoOz1shXt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505993fe29bb0-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame DD62 89 KB
11 KB 57ms
56ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 738732
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 17:25:41 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 768505991d3f9164-FRA
expires: 0

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame DD62 127 KB
128 KB 52ms
52ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1580633
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130164
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avg8vEO85vVdTKOnpKvkozCZwSlFVU2S7Td93Tmy7sPHZIX6UXHIXsL1SaNJmWdXOOP0AVHsLp3SbhOK956V4ZNccT6QEIoOTrhpTKsKM6sd8kvIVU1Lk9wiAEQohpj8qPOgPFxW74fJTTFM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505991f859bb0-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame DD62 461 KB
461 KB 71ms
69ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1507838
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkR25W6XdVR7CEtG5dPlMXguIIEDfhR9O1qZ1Ry%2FXqhA0Oa3J5YFluoBOwtyiTwHUHgXesPMQ0YcV6UgSNlwcmzc0c5DI%2BUUmv8spGky%2FgDqytVivqNMofWB%2BtfrlRXm%2FfAZBbEEWgm%2F7%2Ff%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505994dfe9164-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H3 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame DD62 38 KB
38 KB 164ms
162ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1509312
cf-polished: origFmt=png, origSize=77267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10n2sw0r%2F24U%2B21cW3mbB7HVF7BD0%2BcmXiigDtyUhR5PxOpAK%2BcWLKLR5bncHZ9dslxKy8mVdriGbCnL%2BuxZmnP9x8D8BRusH9qD7TFD4z9QCzhxh35XNjBjAby%2B1KfU0K01ZMPW5I9vgFPL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505994e019164-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H3 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame DD62 84 KB
84 KB 47ms
45ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 648295
cf-polished: origSize=90165, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEVLPGvlHINHn9hbJJ5S0%2BKdEeHenB0oLxlu8PBup6KWqOBc1MlATHVnuRJR3snAIZVlVG7XdgnlTJSGpxgv5kR6jPhyTlghRRro4%2BZrf%2B3y2pKq4Tbw7qX7FqRvi7aCHOjfqt%2F4FB0SGwZY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505994e039164-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H3 200 B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame DD62 5 KB
5 KB 167ms
165ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521419
cf-polished: origFmt=png, origSize=17428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4642
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 Oct 2021 09:58:13 GMT
server: cloudflare
etag: "aa8fff6f6c7d296f039d5bcda00d5257"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QY8XnFHVzs2JFQbkhvy2p7L%2FBSNFk4brQQRjW4xathhhgBHptUhFIihY4Hkuws%2FUYatJ%2BCzt7xmFbS%2FvmntlGRQv8Clv97xk1m4Dr4xa1Twt5r6fVEUvcn5VZgF23GZsMBYy1YWMIl8BzzLt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505994e059164-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H3 200 FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
assets.ad4m.at/product_image/ Frame DD62 359 KB
360 KB 169ms
167ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32082
cf-polished: origFmt=png, origSize=565110
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 367856
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 Oct 2021 10:16:19 GMT
server: cloudflare
etag: "d711e4bf72811e8e6e7f50c634dcf690"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Egc%2BSx3gnymyAtTjez2gXVJiWSXDAz2raY72f6ylb1FE9OKkqh2DOUZM7k9ZoT30DGt13Z9mES2d2UFd3qF1l6WlaxugKZbG22o19xlXGsH8v2223JlBZAdokFVteIwf%2BW9oQ1SO3xf%2BwKY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505994e099164-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 9B53 89 KB
11 KB 68ms
68ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 738732
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 02 Nov 2022 17:25:41 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 768505992da39164-FRA
expires: 0

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 9B53 127 KB
128 KB 44ms
44ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1580633
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130164
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BahiMwQCvXxGm%2B4mPOgsnaFQbpu9rmlckwwSO%2FFYkPFPlA1Mn43MixRnSIicbzpH1RNdQK4f9wK3QoHaoKjKMwr1b1Cw%2BLq%2BYK3KuHm%2BtoNUy9kxfFWcHB91DoVD5%2FBV%2BH7Qm9hj00EnqUWD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505992fbc9bb0-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 9B53 461 KB
461 KB 190ms
188ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1507838
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMqwS9JGjPImuCRZ%2Bv%2FDRkA6gVjjvIvgpn92AO4fNRyxbrY34b2dsrnkpQ9nP%2FKxb2Ty2NrJsB5znZPZCjVxWN2qXHhreBcK7J5vkBBCL5jllK0S7HQRwacFRvjop4fbk9v8Rf28jFZ4N%2BCV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505994e0b9164-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H3 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 9B53 38 KB
38 KB 213ms
211ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1509312
cf-polished: origFmt=png, origSize=77267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9CJW%2FY7Gcl0LUPyE1Lg7vI%2FeDz4secS3YUd4Km4GrD9Vsh6b6ECPObXM2QJZkXHfyVVZ3fOm%2FhASqGyOUhFEtHJuUw8ig%2FBj0k3Inf2eKdzjOlTQhBmzbQYfb0L2MAnXfR7%2BUQMhqnBvNKA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505994e0d9164-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H3 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 9B53 84 KB
84 KB 214ms
212ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 648295
cf-polished: origSize=90165, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Hu0jACLn%2FWVIAkdhZ9a5KpB94EphwwoaXST%2B2TuorRNJRnlsjC0SjsWHxh%2FzKNBPOkwElHVLJoH9WMkIK7UpmWotsTEs2EIYVSUY%2FP42PaqruB0Qs9AleBr2R7HR4UcKE%2Fzcvlm8ZWDAzxu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505994e0e9164-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H3 200 B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame 9B53 5 KB
5 KB 216ms
214ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521419
cf-polished: origFmt=png, origSize=17428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4642
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 Oct 2021 09:58:13 GMT
server: cloudflare
etag: "aa8fff6f6c7d296f039d5bcda00d5257"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gzqm8qn7W28ZH0lE8BvM0MsT1XzLk4u5jy%2FDvNO1TM5%2F96Zqv8etHYiSG3CnLlxCXsfzvYSez1AbLMM%2FMXGUokPPTVXPQzXop4F61AQ8yHB%2FOcCYPmuZ%2FEmDpc59EXlta6xuLB%2Fy7Hqwozwn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505994e0f9164-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H3 200 B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
assets.ad4m.at/product_image/ Frame 9B53 418 KB
419 KB 216ms
215ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e4ffbbf3cfbc0cefa8d24b51f9b0ba175b8303f02507343d8b260160114274

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 740301
cf-polished: origFmt=png, origSize=725824
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 428526
cf-bgj: imgq:85,h2pri
last-modified: Thu, 03 Mar 2022 16:06:29 GMT
server: cloudflare
etag: "4bc7b5f2b8f57f9439aaac8fcacf7e77"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16%2F%2Fyf4MMP7b88TtVzO%2BmsdT%2B4KZUhoDbcCWte8v1OG2QmeuXgE1u4AITzUoq4aTCyXhLW%2BxkFTwOeaykAO4BagA3Eb3KIJyw2%2FAlZFm2kzSrzV7aia%2Bb9aIdWZruqXpa2KORSUBHEuLIqPB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 768505994e119164-FRA
expires: Sat, 12 Nov 2022 06:37:53 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 4139 1 KB
2 KB 191ms
104ms Script
text/html 18.130.2.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gm2zfpk62w03g2bb71n2jy7z73avm148sz29kvpew1gtb13kp7fyrx9zdhste7v17b9na6xvwm3cm14trc0fkkf2rjt5p4vycj6t5129e3r11qf7shq26e7j579hxsx2sqgbj22a9rgtb39njytf38h17gxj83e16szh8n5twsa9t2vvhtqhf1gq2nm8x5sgkfpqytyvdgk4pt118vzdcde8x6p656m4k7eenkv2zrr5zsjx7zdzs90p0dektad3v1g%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104562%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneid6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.2.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-2-144.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 4059a9152d258689d46811498ab4edbef7ccf4c088933949631604f65c9c7e48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 11 Nov 2022 06:37:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 11 Nov 2022 06:38:53 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 4139 2 KB
2 KB 148ms
71ms Script
text/html 18.130.2.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h67pnj8tzej543ykgj6vyxxa9pexwdyb4terdndx82f4n10kv8r6aj7n16pmaegabnr6c43drxe8h31n1fv5wb89fqmhzctr5b3bad8x7r6zpthcnn33p2a8ffyypharb3gws0fng164b5jf7hgrzqpemxgtggtxrvq531rqwpqtjgvgnqgcxyqjxj3qwvnge548rcf1gxf4s1t0hav68jx7p09nnkjfwgbxeceybjg4437h8en590k2wvgzjy7fw%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104562%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhVoneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.2.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-2-144.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: ad4e6f6abb016da81b3b9430601c26137033e87f5246fc5b1bae8e8fe6221489

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 11 Nov 2022 06:37:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 11 Nov 2022 06:38:53 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 4139 2 KB
2 KB 151ms
75ms Script
text/html 18.130.2.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k10xmsx7fbwemmb67d031yphk28ccj7f9amxyjdb8r6jper1r6bcm00q95rs14b1nmtk7k39x58daye6wxgcvyq2hnn4qf9qandnnver9tpz734s1fx7hf7st0z02re968cwaatwpw45cb195k9nxyxhn1qv1fq24x89nrq3s6jqvjvt07j4vp8tk306q89nra7s1v4qasd129cr8gev959g3ggskzy2tyxmc0244e0x67m9qjfyptp9h6039wrncpg%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104562%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneid1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcAoneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.2.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-2-144.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 3039634518f56805172e12346bf3493710d23cdb247a1ba4fc480ff08db8a728

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 11 Nov 2022 06:37:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 11 Nov 2022 06:38:53 GMT

GET
H/1.1 200
OK f5bfe45bb2 Show response
tm.simptrack.com/tm/a/channel/tracker/ Frame 9823 44 B
879 B 90ms
30ms Document
image/gif 46.4.250.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.4.250.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.26.250.4.46.clients.your-server.de
Software: nginx /
Resource Hash: e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 44
Content-Type: image/gif
Date: Fri, 11 Nov 2022 06:37:53 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx

GET
H2 200 link.html Show response
track.webgains.com/ Frame DD62 1 KB
2 KB 171ms
104ms Script
text/html 18.130.2.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h7tzq5egdn116c5s0dn867zfvy3vmnhfvaem9npr6j23yrvma2x4w9xkcrggzfx06xfm7gg5c1yn4e2c3ymqk0y2rk3r2asvrqnk7877nw5629x6x1341ahwg7rr8721fz5x1rh8wfa2qgr6jecrcgjx4a1qwkbxhfrw9x0qhtxder0faa08qfm3711pxrnw7qd20y26y0dxz3b0ascqnt8dvk99scr833tg130y7e88yvnw7xsajqcw3atmsjwmx1g%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneid6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.2.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-2-144.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 5adff909ec66432d9fdac0f836fa413ad8d7923b3864d92b04a07b4410e56571

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 11 Nov 2022 06:37:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 11 Nov 2022 06:38:53 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame DD62 2 KB
2 KB 139ms
80ms Script
text/html 18.130.2.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k4ggc7k0v6cdc1adt09zfkh32w7w8gy7tbbxm0kmg1qt06smm8dwc5jpdhm81n9zpnm0v5a207dssz0edfja2q4msgm1tnjj8att1nj3z7t71ryy2c09j08fp234yseckqfmd73t7w3sgqx4pfvp2qafqycvfx1a9sppbm7tq763snveqb20war3jq9ydvtszhd2rzhsha5qhdxb8t7d9f4kzf55hbss9adk1yftahwxwzt517g72rgn2c5exg74c%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhVoneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.2.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-2-144.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 6f05bbd1e0e92797fa1afa5bb507c5fb13cc7c70d35f7689923228fd94b7a7a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 11 Nov 2022 06:37:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 11 Nov 2022 06:38:53 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame DD62 2 KB
2 KB 164ms
106ms Script
text/html 18.130.2.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3766811&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gsss25nktgfxarg2k210ezajdbd66chyc6qjghz2v01057df5aaybtqqk3kxbjk4h19ve52381y8yj4g98y7a71m9edfzsh5fx7g6y363a2thwc91btszq10ch41ycz87s5epparhn2dss963r52f7wjn17kkmnjf9kkheqd4wj14cxk54sr7pnrmcm39f67ax2mfmnh0h1h5b0edhvt52yzpx8rm3ctt9ceevfxbw5ekq846rh5n9t4kk796vmadbg%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidY97Frf3f555ktVH9HetgC6JEEHkS1TbJUroneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaAoneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.2.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-2-144.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: ddb937b2f3d78fd6adcd11c5d7e7c6a838193c000e6d49905fe563d96b9d7b26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 11 Nov 2022 06:37:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 11 Nov 2022 06:38:53 GMT

GET
H/1.1 200
OK f5bfe45bb2 Show response
tm.simptrack.com/tm/a/channel/tracker/ Frame 82C4 44 B
915 B 89ms
32ms Document
image/gif 46.4.250.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.4.250.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.26.250.4.46.clients.your-server.de
Software: nginx /
Resource Hash: e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 44
Content-Type: image/gif
Date: Fri, 11 Nov 2022 06:37:53 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=14&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fas.ad4m.at%2Fad%2Frar%3Fa%3D183975%252C24673%252C182475%26b%3DM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%252CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%252C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA%26f%3D6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%252CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%252Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5%26c%3D300%26d%3D250%26e%3D%26g%3D3f76381b0be995eab548cae49a9c12b8%252F1702084953489414600%26i%3D20597%252C20430%252C65760%26j%3D21%252C21%252C21%26k%3D0%26l%3D0%26m%3D0%26n%3D%26p%3D%26q%3D%26o%3Dadf_Netmix_Reach09_Mweb_KreiselDeal%26r%3D1668148673345%26h%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D%26y%3D1%26s%3D%26z%3D0&i=EMX_SSP_DISPLAY1&ol=2910664716&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAvw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-TQhCXLleOfQ59g%3D%3D&sc=1&os=1-mg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=8&gp=8&zGSRC=1&gu=https%3A%2F%2Fwww.pobjeda.me%2F&id=1&ii=4&f=0&j=&t=1668148672946&de=162687174701&cu=1668148672946&m=607&ar=48843429bae-clean&iw=ffa0d6e&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=8&lb=8973&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A291%3A291%3A3592%3A456&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=167&cd=0&ah=167&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=413%3A1132%3A78589%3Aundefined&bo=www.pobjeda.me&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=www.pobjeda.me&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200871&na=1176231195&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Nov 2022 06:37:53 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9B53 1 KB
2 KB 107ms
105ms Script
text/html 18.130.2.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kv081c4287184g3c1brrhpp9aeztkk4vzqxgd46xvxz0pdcddxb22wew6g76qw27tttekxqeqh18q6jqb5npvxpdk4r9h800wj7jj3qknv4067ve2y279r1bbq5bef4rwwtb9gzhex8beyhkm812gkz2kxtrnev78wsenxsx2hxaeztz1k4vnc72nmfj4dhr7v8j38rrrr5tqfvdwq1c8b2vvqy65ek8fxxfmtzgffvwr9pjzmpm4c45ggdj6c7sgng%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneid6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.2.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-2-144.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: c2b2ec88f4f3cb71b9474b5a10477bf0f1923e803a04bd45e711d923e22d1e71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 11 Nov 2022 06:37:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 11 Nov 2022 06:38:53 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9B53 2 KB
2 KB 86ms
85ms Script
text/html 18.130.2.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h7dwz8hhbgw1jy3wv2xa6pceyf5mfjwnte0fcs5nk6q6jn6880m5ajhgs35jz46pd4etgwrkrrk1g36f3vc25rhp444b0sqqxhy7jszfx3wvs7x2cvp00xeysr0jqff7mfv7xz0m4adnbshvaahc49e471rte94t7nwnmz6yng3q7xt22mggrwd5yz40scmpgvn6xdchd9p5t01bnvnx8yb2mr5tqeq0vg4bmrafm6e2faq6awb8m6c6b3pm9bm4r%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhVoneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.2.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-2-144.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 08662bb8f01e12cd8bdbe8da382e023d3e5091e4b7ee1860cd1078324c69f187

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 11 Nov 2022 06:37:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 11 Nov 2022 06:38:53 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9B53 2 KB
2 KB 99ms
98ms Script
text/html 18.130.2.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jgmc1dp7s3m2v635qjhzj4gfdap4yabafjcgynpb5h5va03e8vh11ykx3qya7j3gfgttr89v8ssq09q1d4zj9xfdtjpqfkyn5szn3mhfk62a26mhmgj9q6a6xw2haht33t6rc4e7fjb2qj0zxzg4dm9y3vb8dt4ezgf8147mcry3g3g2671w2dwrfrr7te6cdjcmqgrv6csze494npcex8yf6n5nexdzba4an7m3fba3yy9541pswkhekvc4f0r8cb0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneid1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcAoneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.2.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-2-144.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 5ce7ad12ee7bfa1a259f64fead263725a0bf2cdec8a47875d9d49d311b4e84ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 11 Nov 2022 06:37:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 11 Nov 2022 06:38:53 GMT

GET
H/1.1 200
OK f5bfe45bb2 Show response
tm.simptrack.com/tm/a/channel/tracker/ Frame B02D 44 B
915 B 86ms
29ms Document
image/gif 46.4.250.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=250&e=&g=3f76381b0be995eab548cae49a9c12b8%2F1702084953489414600&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673345&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.4.250.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.26.250.4.46.clients.your-server.de
Software: nginx /
Resource Hash: e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 44
Content-Type: image/gif
Date: Fri, 11 Nov 2022 06:37:53 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1C66 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8jCuKg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=14&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fas.ad4m.at%2Fad%2Frar%3Fa%3D183975%252C24673%252C182475%26b%3DM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%252CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%252C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA%26f%3D6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%252CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%252Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5%26c%3D728%26d%3D90%26e%3D%26g%3D9bdb81f5297425a6cb2ea8cfe856da52%252F7454189024538477661%26i%3D20597%252C20430%252C65760%26j%3D21%252C21%252C21%26k%3D0%26l%3D0%26m%3D0%26n%3D%26p%3D%26q%3D%26o%3Dadf_Netmix_Reach09_Mweb_KreiselDeal%26r%3D1668148673338%26h%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104562%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D%26y%3D1%26s%3D%26z%3D0&i=EMX_SSP_DISPLAY1&ol=2910664716&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAvw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-TQhCXLleOfQ59g%3D%3D&sc=1&os=1-mg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=8&gp=8&zGSRC=1&gu=https%3A%2F%2Fwww.pobjeda.me%2F&id=1&ii=4&f=0&j=&t=1668148673042&de=569388066201&cu=1668148673042&m=532&ar=48843429bae-clean&iw=ffa0d6e&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=8&lb=8973&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=90&vx=90%3A-%3A-&pe=1%3A291%3A291%3A3592%3A456&as=0&ag=46&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=90&pf=0&ib=0&cc=0&bw=46&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=91&cd=0&ah=91&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=413%3A1132%3A78589%3Aundefined&bo=www.pobjeda.me&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=www.pobjeda.me&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200871&na=325233989&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Nov 2022 06:37:53 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=14&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fas.ad4m.at%2Fad%2Frar%3Fa%3D183975%252C24673%252C169080%26b%3DM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%252CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%252CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA%26f%3D6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%252CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%252CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr%26c%3D300%26d%3D250%26e%3D%26g%3Dfe281ffa4e324aeff30391056aafd815%252F2936293249811309992%26i%3D20597%252C20430%252C65760%26j%3D21%252C21%252C21%26k%3D0%26l%3D0%26m%3D0%26n%3D%26p%3D%26q%3D%26o%3Dadf_Netmix_Reach09_Mweb_KreiselDeal%26r%3D1668148673342%26h%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D%26y%3D1%26s%3D%26z%3D0&i=EMX_SSP_DISPLAY1&ol=2910664716&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAvw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-TQhCXLleOfQ59g%3D%3D&sc=1&os=1-mg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=8&gp=8&zGSRC=1&gu=https%3A%2F%2Fwww.pobjeda.me%2F&id=1&ii=4&f=0&j=&t=1668148673052&de=830507484246&cu=1668148673052&m=536&ar=48843429bae-clean&iw=ffa0d6e&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=8&lb=8973&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A291%3A291%3A3592%3A456&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=104&cd=0&ah=104&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=413%3A1132%3A78589%3Aundefined&bo=www.pobjeda.me&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=www.pobjeda.me&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200871&na=1119740858&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Nov 2022 06:37:53 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 4139 85 KB
31 KB 82ms
24ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h67pnj8tzej543ykgj6vyxxa9pexwdyb4terdndx82f4n10kv8r6aj7n16pmaegabnr6c43drxe8h31n1fv5wb89fqmhzctr5b3bad8x7r6zpthcnn33p2a8ffyypharb3gws0fng164b5jf7hgrzqpemxgtggtxrvq531rqwpqtjgvgnqgcxyqjxj3qwvnge548rcf1gxf4s1t0hav68jx7p09nnkjfwgbxeceybjg4437h8en590k2wvgzjy7fw%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104562%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhVoneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 05:43:29 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3265
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: G8Swq_M1Oq_CIXvlUvvA7ch2LfbBlL2zw0_-M8JgpI_NXsuXFSOkMQ==

GET
H2 200 Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame 4139 85 KB
85 KB 83ms
25ms Image
image/png 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1668148973&Signature=hZF9M~3uo1KDRcfUeb2VVDhE~AsPLxtnKz4M5aEGJZuG1xMb3-1AUFFtvmslkVyn8TeoQX8LHhVBNjIdzmAIYPJf4SwK~4pDAcCMnVCumagGju4pf9e9eZebFpIhji0eRQLFRRzYJOo6IXkU6bqVUQwXmK~EeQX-eIzqPj2O3TKsVR2RsBS5uowEdIJvVWAmKl1c4hOyO~iZXL03m4HgfVb10DjAxLvgluBOqsp11Z81uwORx2VDQyKiTGKRfMA4v2UNETjecuR6ttIHXwQCs72dpYLJPbLdHs0c8k3HszbjToFM7a6ZBedgsmbGdtAgDfyKjL1OhadyLhQ9mpSOYg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:45:08 GMT
x-amz-version-id: null
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 09:41:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 78766
etag: "92f323c42d6018008b4cf82e90ac9639"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 86991
x-amz-cf-id: k5YgbZdsEVTnizomPYIlyLSHFy82L97cr7PAf0ahIKzhEbkSpZGqyg==

GET
H2 200 1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg
cdn.track.production.webgains.team/287405/ Frame 4139 55 KB
56 KB 139ms
81ms Image
image/jpeg 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/287405/1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg?Expires=1668148973&Signature=cwdwPIshVgBmOlq8N88cKc1Kg00X2af94BDAruHQGHgkEr8zrEGrJSqunISi3CC0c1eBdKAEOCqeBymdkbkT2vMUkObEhtrOzcZM9gbT1YCh3Z4FvAHnSi0jSY8V1k8uE41NadY~sQoAZdJGNhWwr6bOAPMgPl5ESKhn59i7X-vfaUjWLS28cReK-J-Sdlqui99tRAjDQceV4fQwx7NXETxI8Lgbgn85PWFhfaW85hhZ4ND8tIErpFEaaYrKudLRMYnGM5maalPPYikjfFpM~KuvX7ogqkA8KrJ7wHE1h4cvB5Gmm~7bI9o9hF4STHsXJTofe25XBCohze98nW6OUQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 11 Nov 2022 06:16:56 GMT
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:42:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 1258
etag: "4e56b45a1411ee8d71fc40bc011df5b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 56674
x-amz-cf-id: ps1fP120aea4ZLjk9UpYBi254bmBgkOv5D8zonn9-bdi-TWigA_n1g==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame DD62 85 KB
31 KB 99ms
41ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k4ggc7k0v6cdc1adt09zfkh32w7w8gy7tbbxm0kmg1qt06smm8dwc5jpdhm81n9zpnm0v5a207dssz0edfja2q4msgm1tnjj8att1nj3z7t71ryy2c09j08fp234yseckqfmd73t7w3sgqx4pfvp2qafqycvfx1a9sppbm7tq763snveqb20war3jq9ydvtszhd2rzhsha5qhdxb8t7d9f4kzf55hbss9adk1yftahwxwzt517g72rgn2c5exg74c%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhVoneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 05:43:29 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3265
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: V0x4L6bGu1r2RpI0nBI5FVqeaL6gZ-if2w86odzcIkvl7Nmthil3sg==

GET
H2 200 Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame DD62 85 KB
85 KB 144ms
86ms Image
image/png 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1668148973&Signature=hZF9M~3uo1KDRcfUeb2VVDhE~AsPLxtnKz4M5aEGJZuG1xMb3-1AUFFtvmslkVyn8TeoQX8LHhVBNjIdzmAIYPJf4SwK~4pDAcCMnVCumagGju4pf9e9eZebFpIhji0eRQLFRRzYJOo6IXkU6bqVUQwXmK~EeQX-eIzqPj2O3TKsVR2RsBS5uowEdIJvVWAmKl1c4hOyO~iZXL03m4HgfVb10DjAxLvgluBOqsp11Z81uwORx2VDQyKiTGKRfMA4v2UNETjecuR6ttIHXwQCs72dpYLJPbLdHs0c8k3HszbjToFM7a6ZBedgsmbGdtAgDfyKjL1OhadyLhQ9mpSOYg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k4ggc7k0v6cdc1adt09zfkh32w7w8gy7tbbxm0kmg1qt06smm8dwc5jpdhm81n9zpnm0v5a207dssz0edfja2q4msgm1tnjj8att1nj3z7t71ryy2c09j08fp234yseckqfmd73t7w3sgqx4pfvp2qafqycvfx1a9sppbm7tq763snveqb20war3jq9ydvtszhd2rzhsha5qhdxb8t7d9f4kzf55hbss9adk1yftahwxwzt517g72rgn2c5exg74c%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhVoneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:45:08 GMT
x-amz-version-id: null
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 09:41:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 78766
etag: "92f323c42d6018008b4cf82e90ac9639"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 86991
x-amz-cf-id: fceVInt6D3LF8UTW1y19yPdPLRmNLaAS--HicH6Sv4vJs8AfkTUDJw==

GET
H2 200 link.html
track.webgains.com/ Frame 4139 48 KB
49 KB 82ms
80ms Image
image/gif 18.130.2.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=728&d=90&e=&g=9bdb81f5297425a6cb2ea8cfe856da52%2F7454189024538477661&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673338&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104562%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DO-DGEutRE_Bs5RfSNWxYSFt1A8Y1ug0uKzxpxi_GUBGs86AQxaM1OuLBRSupQnmhtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqjyFHsnNGMCimHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3DuTUMTIKLg7ASc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9ElIiP0CR8-7sgHIsF43yUnopHxmeEG6km4XDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTuPDObXMBx20PTfnFVSI5yy0NI7QVhWQPhKpahA2c0IEYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.2.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-2-144.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 11 Nov 2022 06:37:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 11 Nov 2022 06:38:53 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9B53 85 KB
31 KB 91ms
48ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kv081c4287184g3c1brrhpp9aeztkk4vzqxgd46xvxz0pdcddxb22wew6g76qw27tttekxqeqh18q6jqb5npvxpdk4r9h800wj7jj3qknv4067ve2y279r1bbq5bef4rwwtb9gzhex8beyhkm812gkz2kxtrnev78wsenxsx2hxaeztz1k4vnc72nmfj4dhr7v8j38rrrr5tqfvdwq1c8b2vvqy65ek8fxxfmtzgffvwr9pjzmpm4c45ggdj6c7sgng%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneid6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 05:43:29 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3265
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: _oI9ImvJES8lNlYFAsmSGoffgZ6nKxtXcFOP-zqLm4-MNKKzi0lV0g==

GET
H2 200 link.html
track.webgains.com/ Frame 9B53 48 KB
49 KB 113ms
113ms Image
image/gif 18.130.2.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&wglinkid=2194035
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kv081c4287184g3c1brrhpp9aeztkk4vzqxgd46xvxz0pdcddxb22wew6g76qw27tttekxqeqh18q6jqb5npvxpdk4r9h800wj7jj3qknv4067ve2y279r1bbq5bef4rwwtb9gzhex8beyhkm812gkz2kxtrnev78wsenxsx2hxaeztz1k4vnc72nmfj4dhr7v8j38rrrr5tqfvdwq1c8b2vvqy65ek8fxxfmtzgffvwr9pjzmpm4c45ggdj6c7sgng%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneid6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.2.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-2-144.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 11 Nov 2022 06:37:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 11 Nov 2022 06:38:53 GMT

GET
H2 200 Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame 9B53 85 KB
85 KB 104ms
61ms Image
image/png 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1668148973&Signature=hZF9M~3uo1KDRcfUeb2VVDhE~AsPLxtnKz4M5aEGJZuG1xMb3-1AUFFtvmslkVyn8TeoQX8LHhVBNjIdzmAIYPJf4SwK~4pDAcCMnVCumagGju4pf9e9eZebFpIhji0eRQLFRRzYJOo6IXkU6bqVUQwXmK~EeQX-eIzqPj2O3TKsVR2RsBS5uowEdIJvVWAmKl1c4hOyO~iZXL03m4HgfVb10DjAxLvgluBOqsp11Z81uwORx2VDQyKiTGKRfMA4v2UNETjecuR6ttIHXwQCs72dpYLJPbLdHs0c8k3HszbjToFM7a6ZBedgsmbGdtAgDfyKjL1OhadyLhQ9mpSOYg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h7dwz8hhbgw1jy3wv2xa6pceyf5mfjwnte0fcs5nk6q6jn6880m5ajhgs35jz46pd4etgwrkrrk1g36f3vc25rhp444b0sqqxhy7jszfx3wvs7x2cvp00xeysr0jqff7mfv7xz0m4adnbshvaahc49e471rte94t7nwnmz6yng3q7xt22mggrwd5yz40scmpgvn6xdchd9p5t01bnvnx8yb2mr5tqeq0vg4bmrafm6e2faq6awb8m6c6b3pm9bm4r%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhVoneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:45:08 GMT
x-amz-version-id: null
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 09:41:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 78766
etag: "92f323c42d6018008b4cf82e90ac9639"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 86991
x-amz-cf-id: g5vbx9TVkDRzCmeuQRiYfVI9K6LU_q1EPWhAmp2l53EVSKc7lSw8eA==

GET
H2 200 1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png
cdn.track.production.webgains.team/287405/ Frame DD62 5 KB
5 KB 94ms
52ms Image
image/png 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/287405/1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png?Expires=1668148973&Signature=Y8G254eWUPNpxUv~y6Xl~BW1-QhM9W0Pi2865Cz4LdDnPqc0OAKzipgtGMsm1PjEYuQIVkmnkWcTIgDYIfanyvyti~Vvyc35Y9ZFv3TOYT02Tey9apYNLYv6QYJweb6Jt1VoL-GpMTdrKfZzZFRxQWVlAtzqySJFFzI79xp~vQPvk5O6-T3VKO33732sGhiXqhvbjfbr7hFvu2QOOAgtVH1bm55gbPzuPdLE6Q5f9g8sJdgWvcVDGbm2nU8~SSRMJR5U52eU~INxZsIHGjURvQw9s4t9wPveRbd5bsZr~4X2DlXpYVMRnFiUmI6L-3idbb3TYA8aMgKQUZ8fVB0kCg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24673%2C169080&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CRY9fgfQfMGmskHwH3tQtdM9S9SzTWbf7%2CxM7tQfAfEEE9FPHdHztQtmjDDu7S6TgxaA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CQq1t4fjfqPktxH5HYt9CZgzs6S4TkBhV%2CY97Frf3f555ktVH9HetgC6JEEHkS1TbJUr&c=300&d=250&e=&g=fe281ffa4e324aeff30391056aafd815%2F2936293249811309992&i=20597%2C20430%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1668148673342&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104560%3Bcrtbwp%3D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%3Bcrtbdata%3DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%3Badfibeg%3D0%3Bcdata%3D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.pobjeda.me%252f%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 10 Nov 2022 19:57:39 GMT
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:42:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 38415
etag: "252bcf3942798a64e6a899b7c6e034d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 5216
x-amz-cf-id: 5Gi6YiyjPuNgLTe213kehhKGXQwkZKE3X2t3N_AJ4zlspm0Y1klCoQ==

GET
H2 200 link.html
track.webgains.com/ Frame DD62 48 KB
49 KB 145ms
141ms Image
image/gif 18.130.2.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&wglinkid=2194035
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h7tzq5egdn116c5s0dn867zfvy3vmnhfvaem9npr6j23yrvma2x4w9xkcrggzfx06xfm7gg5c1yn4e2c3ymqk0y2rk3r2asvrqnk7877nw5629x6x1341ahwg7rr8721fz5x1rh8wfa2qgr6jecrcgjx4a1qwkbxhfrw9x0qhtxder0faa08qfm3711pxrnw7qd20y26y0dxz3b0ascqnt8dvk99scr833tg130y7e88yvnw7xsajqcw3atmsjwmx1g%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DDCHi-SorIr5X0Vv4dDH4zxwg0jAyu6vowgyUbEHv5Uxn6s1y7OeXIMfn1KeoC1uYtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqiWLyxIIWUC9WHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdhbOlwUy738tZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9Ejh8Sj2dBjoFPZ3GteqaPqRex3r6tqyq-7uhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAdrTOLaLSyHmtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneid6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.130.2.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-130-2-144.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:53 GMT
last-modified: Fri, 11 Nov 2022 06:37:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 11 Nov 2022 06:38:53 GMT

GET
H2 200 1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg
cdn.track.production.webgains.team/287405/ Frame 9B53 55 KB
56 KB 80ms
73ms Image
image/jpeg 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/287405/1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg?Expires=1668148973&Signature=cwdwPIshVgBmOlq8N88cKc1Kg00X2af94BDAruHQGHgkEr8zrEGrJSqunISi3CC0c1eBdKAEOCqeBymdkbkT2vMUkObEhtrOzcZM9gbT1YCh3Z4FvAHnSi0jSY8V1k8uE41NadY~sQoAZdJGNhWwr6bOAPMgPl5ESKhn59i7X-vfaUjWLS28cReK-J-Sdlqui99tRAjDQceV4fQwx7NXETxI8Lgbgn85PWFhfaW85hhZ4ND8tIErpFEaaYrKudLRMYnGM5maalPPYikjfFpM~KuvX7ogqkA8KrJ7wHE1h4cvB5Gmm~7bI9o9hF4STHsXJTofe25XBCohze98nW6OUQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jgmc1dp7s3m2v635qjhzj4gfdap4yabafjcgynpb5h5va03e8vh11ykx3qya7j3gfgttr89v8ssq09q1d4zj9xfdtjpqfkyn5szn3mhfk62a26mhmgj9q6a6xw2haht33t6rc4e7fjb2qj0zxzg4dm9y3vb8dt4ezgf8147mcry3g3g2671w2dwrfrr7te6cdjcmqgrv6csze494npcex8yf6n5nexdzba4an7m3fba3yy9541pswkhekvc4f0r8cb0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104560%253Bcrtbwp%253D0.060322-zyirBqH7LG_xVfbESZzFRDP7tIYXQCm10%253Bcrtbdata%253DGXf1Ue3-0HDIrmP9fmRvKlKrwkMzLDyYNRIHJZmFQuwAk_rurWAH43wuqxat7VJCtPHFlwWVWwSqmbLCZEn__nE-HbFvLy2G09ozZztfyqgP1mzlaqNt8mHWpYGjks5VXnpSwmSxFfgexR5bUXfDEVi3OHUN7iyfphNozywoWtZY3EnckVaAdo2iWHCKmfaGZPSVCRcBPzE1%253Badfibeg%253D0%253Bcdata%253D63-p2tdVSH8Sc5x_H_hRK9NsrEmeQv7dQCm7E4z9CyEhWii60LA9EjjPl1WwYhq5KHmU-Sgr7jJjjYqjexDZ6Luhve9idF1jfvjXkLPlOtGpTefaqNO5NCnf4dx0c636fCqQqkGf7-2DK1x49tndVniHlCldGViAYOPl2OypEOGtpieO7AU0KsTj-xBkZCCo0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fwww.pobjeda.me%25252f%253BC%253D1%253Bcpdir%253D&clickref=oneidw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneid1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcAoneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 11 Nov 2022 06:16:56 GMT
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:42:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 1258
etag: "4e56b45a1411ee8d71fc40bc011df5b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 56674
x-amz-cf-id: UfhZEie8Bge2a61ZEqdOgu3sGwHglX-cj4HMyaFcHdqZWsk109Fktw==

GET
H/1.1 200
OK /
imp.emxdgt.com/view/ Frame 0CC2 0
129 B 481ms
114ms Image
text/javscript 44.209.187.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imp.emxdgt.com/view/?cp=0.05610&ts=1668148672&seat=70&w=728&h=90&pb=0.04488&sid=1132&tid=78589&pid=413&uid=68781668148672332013f1&wid=21&dom=www.pobjeda.me&tp=0.05610&mt=1&dt=2&st=1&os=&ip=217.114.215.132&sz=&country=DE&region=TH&city=Erfurt&zip=&dma=&agency_id=&cluster=euro-hb&browser=chrome&rf=www.pobjeda.me&data_fee_type=&data_fee=0&clstr_nm=header-bidding-euro-4&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/107.0.5304.110%20Safari/537.36&make=&ifa=&adom=ad4m.at&cat=3&gdpr=1&crid=70_37104562&burlv2=aHR0cHMlM0ElMkYlMkZnaGVudC1hd3MtZnIuYmlkc3dpdGNoLm5ldCUyRndpbl9ub3RpY2UlMkZlbXhkaWdpdGFsX2JpZCUzRnJpZCUzRHFJd0Y5cndUQnRTTkYtRkxwYm93UjA3eWdoZFlGNmQ5ZF9qZkFsYUR1NUkwbXpqOVZiaWhmblhCQjJSY3BPWHFxRVFVOGxPTURJTnRjV2ZZQjVkTklSRU9Pck9MT05LNm10UTRXU1RkMXVnRVM2WWdidGw3Nmg3MmZBRl9tV1hKbV9tNkpMUGtsQURYRGpoY1ljemFpbEV3R2JSVUgwM29nV04tQ0lVUE01eS1LTTZqdjlUMWQ4dW5VaHZ4blNQZTE3TFo5LVEzU010SVZvVDFyaUVYcGtudFlDZ0JYMDEyNV9kVXRkZjU1RTQycmhyT3J1WTJUWnQyWjJWb2JjM2RwMkNLcU43WEhTUmU3elYyOWk1RGlydmR4bTE5TEFqZW5ablN1cXY3SHBPVTJuVWlpcU5RYjVHRTRiVzRvcWQwaG9LRXZvLVRvMzc0VmVLWlY2YjdDN29Kdnd5RGl5QXkwRkk0d0JZTFBQVDQtRy1Ta2lIU1JpTkd5Qzd1TmpUZ3daTzdxUDNxM05BUFJmdFN3MThKX1BnTWNZalJtSDZWUVJKazh4UVlKLU4xbEpkdGhKN2lObVJXTGVROTZLQ3dNVDlGQTdsa2c4S0NWOVJrSVhVb3RrSHdOeVBYRTVCOU8zemFqNDBrUlBrNDl6cnViNFpKcFJMWGswdk1zaGN6bEQ2WTJQM0l1TEEyTGNzSEljb3pob0NkWHNrd3NRRF9uWWs1SXg5amxwYzA1elRwNWpwWGpieXBfZnM2b0Jiajd2WFdsNGwybU9Ldzl0bWlaRks0Q085ZTlsQ3lqbEpESkxlNTBlbEFXek10bnlnNzNQS2JtcWZkUW16Q3paTUxld3F5VEF5N2hpU2toanJlZDNUSnB3cmdTeGxqZlRFLUp1NFpqckc0ZGk4MlBHc3VtWURqZ1A4bkNhX3ZsdzdCVU9lcXZWMXJLcl9IR2pibnJlMTRSb1NpVE9BUWVEaE9qVHp3b1RURkJpUVVodm1VcXMwR0ZsOGFBaTBERTR4aThUNHdMbGFqQS1ZdERVampyYWFpRHROWXNrcG4tcFI0aWVoZW82YUxfRmJuQlI5Z0d0V2psRGUxY0JKckFxbjk0X1hGazVqdXJjNzFsSW1MSFpBdnBPQjRqNWpCUVdfOTZtUWpfa3dueFNKNFNxaXJ6TnNqY3Y1NjBqRGpLSnVCbkhwRm8zN2JETk52ZDZKSU1yUHM4bzg5MVl5azVSRndxZFBvZmRKYnVsdmstQUc2NURYa3BDTE54STV3WFJSRGVXNmtOQ00ybzBjTlczYmhMclhxdjNmY3dZRGdWbWMwZXNoV1cwZGY2SXpsNXBvTC1fYmRZVXl1TkElMjZwJTNEJTI0JTdCRU1YX0JVUkwlN0QlMjZhaWQlM0Q=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 44.209.187.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-187-139.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 06:37:54 GMT
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/javscript

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110801&jk=3894180619877934&bg=!Q0ClQATNAAbvMpMzzzI7ACkAdvg8Wuz4o7BrLbypc-bD1dOEOzh_jZxk3hOsy6fMyMPTDp0-L_jmVAIAAADxUgAAAAJoAQcKAJRivSEusnIoN3_rCrcXRBex5J6cSx4VO_sYZvNuPmJ1nF6DZsTT4ehmSZwlXSqhq1uNCuW9TQcAEHmGGEGFS5W9JkCbo3BNBtlb9RDTaEHU1shteDRFWNXQuVUEqznZU-GltSdTFyjQQwNFfEejG7la9i2124FqixMys_czC2muAXeGxWW9o1x3OwK7ELvh3sK1IhkRmQKYuK-Akb6Gi3g2UHorkcHrslItClkM8a-F-tWzqBTcFSsyoEH68Xzo_ewdGGmRuU8Jt6MKB-8d64syv5NiiQTb0EIoegIEJxZS2fN8JMLT5_5syDatEgxNseBufzHnUMnY3o7uq3J_i34TG_62Gf5-7hzMgIL4ndCGWRE9rjrptR0OMxaBcFi7EOe6uLD1owFis2Mc-wTuR9POsTdXwJAX5F2rMjq9EYpE6uaJhQExGIpb4ySR4k07Jt08g7QIztJTZkDfvdZw55Q6N_uJLq6nk2Of1eb4JpLOQdbPGE5kt4vgvYJbdnVsjrVk5IAVskZXAernoDxxS9xlFGpgyqb5z67Lgd6UCHV_ahsR4oME0ILv2xiJhSmMB8SRurs3KBnlLwsHZ6x4S_yCknnFNPFpFOfjuZOZOcNRccyRprWQH4vBo-oN0l9vIOO4uamCUXE5zxxMbzF4GFaDh9iA4DiotkvPwRR3TlHaNgOxF8G_CAotFCZjfNl7pPJ_8PzjXTCKNPQCapkRKclVOe7PDaCox-I33203cex-nH8Ge44hxusi1mzH1bNCodheKDGplkrr7p6hCcXtCOAkV6pIf_wspgNKXwSI08nDYtTdEhHtnk5LcBvU5O2iDT9SnYroPe33JxytXHre-gkqMC-Gvm9CXcF60kg3Ul3jngRDV8M_bVgghf3IW2Am-eKgwp_hjMXndPUTmVIoYmVPYjJXpTcR2zs0Cuy-CmbY7A63V_H12_AX-g2G7qt-7DpkE6lQYyynN5NDt4Hr4O-FPmgj_0J4R7uWLeBDhPEYSWeaDsLMZO7ENWAdSZZpBAQYVbFbVlHmZRoWtUAUJjTBq9d0A0bq3bibQWoAn8Ljix33uZSZm1qJM749qZ0waA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=14&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=EMX_SSP_DISPLAY1&ol=2910664716&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAvw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-TQhCXLleOfQ59g%3D%3D&sc=1&os=1-mg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=8&gp=8&zGSRC=1&gu=https%3A%2F%2Fwww.pobjeda.me%2F&id=1&ii=4&f=0&j=&t=1668148673042&de=569388066201&cu=1668148673042&m=1523&ar=48843429bae-clean&iw=ffa0d6e&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=8&lb=8973&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=90&vx=90%3A90%3A-&pe=1%3A291%3A291%3A3592%3A456&as=1&ag=1041&an=46&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1041&kw=605&aj=1&pg=90&pf=90&ib=0&cc=1&bw=1041&bx=46&ci=1041&jz=605&dj=1&aa=0&ad=940&cn=0&gk=0&gl=0&ik=0&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=605&cd=91&ah=605&am=91&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=413%3A1132%3A78589%3Aundefined&bo=www.pobjeda.me&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=www.pobjeda.me&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200871&na=643461462&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 11 Nov 2022 06:37:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Nov 2022 06:37:54 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 0CC2 35 B
469 B 46ms
46ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4892233149632719757@@37104562,6930241743528004979,90|1700|0|8|8|0|0|0|0||52|0|||||1|0|0|sf_Z6kZLdR648M5tcwHHbQ9N-cVVIjnLLQ0jtBWFZA-EqlqEDZzQgRhpnBRkvb3lA7z_uuw_WOM1|||11|0|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://www.pobjeda.me
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H/1.1 200
OK graphql Show response
s333.adxpremium.services/ Frame 814E 84 B
533 B 36ms
34ms XHR
application/json 152.228.222.122
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s333.adxpremium.services/graphql
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3189334.ip-152-228-222.eu
Software: /
Resource Hash: 7905a3c2ef93ba3864aabd6527274a9c69a73d67e20caecf3e30cfe42ba927c3

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:55 GMT
access-control-allow-methods: HEAD, GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-GraphQL-Event-Stream
x-graphql-event-stream: /graphql/stream
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
content-length: 84

OPTIONS
H/1.1 200
OK graphql
s333.adxpremium.services/ Frame 0
0 194ms
34ms Preflight 152.228.222.122
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s333.adxpremium.services/graphql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3189334.ip-152-228-222.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pobjeda.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-allow-methods: HEAD, GET, POST
access-control-allow-origin: *
access-control-expose-headers: X-GraphQL-Event-Stream
content-length: 0
date: Fri, 11 Nov 2022 06:37:55 GMT
x-graphql-event-stream: /graphql/stream

POST
H/1.1 200
OK graphql Show response
s333.adxpremium.services/ Frame ED7B 84 B
533 B 35ms
35ms XHR
application/json 152.228.222.122
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s333.adxpremium.services/graphql
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3189334.ip-152-228-222.eu
Software: /
Resource Hash: 4ca7fc1aeb6b86b1dab59e5e0316e98a4a03b9640bbb651019b44a37dfdf27fe

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:55 GMT
access-control-allow-methods: HEAD, GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-GraphQL-Event-Stream
x-graphql-event-stream: /graphql/stream
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
content-length: 84

OPTIONS
H/1.1 200
OK graphql
s333.adxpremium.services/ Frame 0
0 194ms
35ms Preflight 152.228.222.122
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s333.adxpremium.services/graphql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3189334.ip-152-228-222.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pobjeda.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-allow-methods: HEAD, GET, POST
access-control-allow-origin: *
access-control-expose-headers: X-GraphQL-Event-Stream
content-length: 0
date: Fri, 11 Nov 2022 06:37:55 GMT
x-graphql-event-stream: /graphql/stream

POST
H/1.1 200
OK graphql Show response
s333.adxpremium.services/ Frame B71C 84 B
533 B 34ms
34ms XHR
application/json 152.228.222.122
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s333.adxpremium.services/graphql
Requested by: Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3189334.ip-152-228-222.eu
Software: /
Resource Hash: 91dc5b9fe44facdf6bd8b2c2a6229a2c3fe0b8f4a2694ad000ee52b44750a565

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:55 GMT
access-control-allow-methods: HEAD, GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-GraphQL-Event-Stream
x-graphql-event-stream: /graphql/stream
access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
content-length: 84

OPTIONS
H/1.1 200
OK graphql
s333.adxpremium.services/ Frame 0
0 142ms
36ms Preflight 152.228.222.122
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s333.adxpremium.services/graphql
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3189334.ip-152-228-222.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pobjeda.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-allow-methods: HEAD, GET, POST
access-control-allow-origin: *
access-control-expose-headers: X-GraphQL-Event-Stream
content-length: 0
date: Fri, 11 Nov 2022 06:37:55 GMT
x-graphql-event-stream: /graphql/stream

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 814E 87 KB
28 KB 163ms
84ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Nov 2022 06:37:55 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame ED7B 87 KB
28 KB 77ms
44ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Nov 2022 06:37:55 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame B71C 87 KB
28 KB 47ms
47ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Nov 2022 06:37:55 GMT

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame B8EE 926 B
1 KB 31ms
31ms Document
text/html 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 1145
CF-Cache-Status: HIT
CF-RAY: 768505a75b6d5b98-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 11 Nov 2022 06:37:55 GMT
Expires: Fri, 11 Nov 2022 07:37:55 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C638 281 B
554 B 75ms
22ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_7_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 11 Nov 2022 06:37:55 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
20ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&sgs=3&vb=14&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=EMX_SSP_DISPLAY1&ol=2910664716&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAvw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-TQhCXLleOfQ59g%3D%3D&sc=1&os=1-mg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=8&gp=8&zGSRC=1&gu=https%3A%2F%2Fwww.pobjeda.me%2F&id=1&ii=4&f=0&j=&t=1668148673042&de=569388066201&cu=1668148673042&m=2417&ar=48843429bae-clean&iw=ffa0d6e&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=8&lb=8973&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=90&vx=90%3A90%3A-&pe=1%3A291%3A291%3A3592%3A456&as=1&ag=1935&an=1041&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1041&kw=605&aj=1&pg=90&pf=90&ib=0&cc=1&bw=1935&bx=1041&ci=1041&jz=605&dj=1&aa=1&ad=1834&cn=940&gk=0&gl=0&ik=0&co=1834&cp=1086&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1086&cd=605&ah=1086&am=605&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=413%3A1132%3A78589%3Aundefined&bo=www.pobjeda.me&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=www.pobjeda.me&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200871&na=2110027394&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 11 Nov 2022 06:37:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Nov 2022 06:37:55 GMT

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame DDAD 926 B
1 KB 28ms
28ms Document
text/html 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 4769
CF-Cache-Status: HIT
CF-RAY: 768505a7686a91ea-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 11 Nov 2022 06:37:55 GMT
Expires: Fri, 11 Nov 2022 07:37:55 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: ozLLefD0knKZ2yMzZ7EA3qLK8cSPeKdEpQT28HMOVUE2s5XW77p+1QkMqhU1tUmLZbb1zAjl4MU=
x-amz-request-id: GNVBWB8PQV5H0AVC

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FC9B 281 B
554 B 73ms
26ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: adxbid.info
URL: https://adxbid.info/Pozicija_10_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 11 Nov 2022 06:37:55 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 30A4 926 B
1 KB 29ms
28ms Document
text/html 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 1145
CF-Cache-Status: HIT
CF-RAY: 768505a79bb35b98-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 11 Nov 2022 06:37:55 GMT
Expires: Fri, 11 Nov 2022 07:37:55 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A8BD 281 B
554 B 65ms
22ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: adxbid.info
URL: https://adxbid.info/header_728x90_pobjeda.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 11 Nov 2022 06:37:55 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C638 33 KB
10 KB 22ms
22ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d45913932c033bca22970f472b9f26904bbe5c4a182ea70ffd90034e140ec284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 06:37:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Nov 2022 03:19:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=74489
Connection: keep-alive
Content-Length: 9881
Expires: Sat, 12 Nov 2022 03:19:24 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FC9B 33 KB
10 KB 22ms
22ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d45913932c033bca22970f472b9f26904bbe5c4a182ea70ffd90034e140ec284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 06:37:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Nov 2022 03:19:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=74489
Connection: keep-alive
Content-Length: 9881
Expires: Sat, 12 Nov 2022 03:19:24 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A8BD 33 KB
10 KB 23ms
22ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d45913932c033bca22970f472b9f26904bbe5c4a182ea70ffd90034e140ec284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 06:37:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Nov 2022 03:19:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=74489
Connection: keep-alive
Content-Length: 9881
Expires: Sat, 12 Nov 2022 03:19:24 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 251C 15 KB
6 KB 152ms
51ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.pobjeda.me

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.pobjeda.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 06:37:55 GMT
server: Kestrel
server-processing-duration-in-ticks: 1072271
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame B71C 89 KB
29 KB 258ms
159ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Nov 2022 06:37:55 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame DD62 16 B
232 B 88ms
86ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 130ms
38ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 11 Nov 2022 06:37:55 GMT
server: nginx

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame ED7B 89 KB
29 KB 171ms
96ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Nov 2022 06:37:55 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 814E 89 KB
29 KB 123ms
52ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Nov 2022 06:37:55 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4139 16 B
232 B 103ms
100ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 72ms
38ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 11 Nov 2022 06:37:55 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4139 16 B
232 B 79ms
77ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 65ms
39ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 11 Nov 2022 06:37:55 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4139 16 B
232 B 92ms
90ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 62ms
39ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 11 Nov 2022 06:37:55 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame DD62 16 B
232 B 103ms
102ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 56ms
39ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 11 Nov 2022 06:37:55 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame DD62 16 B
232 B 85ms
80ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 39ms
38ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 11 Nov 2022 06:37:55 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9B53 16 B
232 B 96ms
94ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 38ms
38ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 11 Nov 2022 06:37:56 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9B53 16 B
232 B 100ms
100ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 38ms
38ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 11 Nov 2022 06:37:56 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9B53 16 B
232 B 91ms
90ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 06:37:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 48ms
47ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 11 Nov 2022 06:37:56 GMT
server: nginx

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C638
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Km-lSrmNTjyyjtE1nhE6ww&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Km-lSrmNTjyyjtE1nhE6ww

43 B
479 B

114ms
114ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Km-lSrmNTjyyjtE1nhE6ww

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Nov 2022 06:37:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2N8V8TA6HHJ52MT8APVS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Km-lSrmNTjyyjtE1nhE6ww
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C638
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFDNE5EMkItMTktQ0lNWQ==

170 B
188 B

83ms
40ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFDNE5EMkItMTktQ0lNWQ==

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFDNE5EMkItMTktQ0lNWQ==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C638
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/fIuJxH8rglX8AFf9N2aaqMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5033346967806502393

0
239 B

24ms
23ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5033346967806502393
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 11 Nov 2022 06:37:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5033346967806502393
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame C638
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=c9G4ywPfTwGMPhUqTbm5tw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=c9G4ywPfTwGMPhUqTbm5tw

43 B
479 B

48ms
48ms

Image
image/gif

52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=c9G4ywPfTwGMPhUqTbm5tw

Protocol

HTTP/1.1

Server

52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Nov 2022 06:37:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 62HHA57Y0Y4AGCK12TT8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=c9G4ywPfTwGMPhUqTbm5tw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame C638 70 B
265 B 146ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 11 Nov 2022 06:37:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame C638
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAC4ND2B-19-CIMY

0
710 B

199ms
127ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAC4ND2B-19-CIMY
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:37:55 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: EF85B1EF47FA40FCAF069D2B563BAF70 Ref B: DUS30EDGE0707 Ref C: 2022-11-11T06:37:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXtLCFIFpuHT5dWXMb0yw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAC4ND2B-19-CIMY
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C638
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAwFzDZ9JOpjBCwYBS1sjz8&google_cver=1

0
239 B

24ms
24ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAwFzDZ9JOpjBCwYBS1sjz8&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAwFzDZ9JOpjBCwYBS1sjz8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C638
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGIwNDk2OTRjYTEwZjRmZDJhMWYwODg0NTU1MDZmMzk4YTA2Y2I5Zg

170 B
188 B

82ms
40ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGIwNDk2OTRjYTEwZjRmZDJhMWYwODg0NTU1MDZmMzk4YTA2Y2I5Zg

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGIwNDk2OTRjYTEwZjRmZDJhMWYwODg0NTU1MDZmMzk4YTA2Y2I5Zg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sid Show response
mug.criteo.com/ Frame 251C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=pobjeda.me&sn=ChromeSyncframe&so=0&topUrl=www.pobjeda.me&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=pD7aKXxOWUxDdEx0eXFXQjQvcGhwbzEvRjB4QjJ4T2loSG1WWGxVdlhHWE9uUHVwQXFjQlRsWm90S2lRTkFkTzAwZmhVeGpzcFZ0RUpBWHEveTFDVVJ2VVFLNGQrR1NPRWY3M28rM1djOUFJR1E0MXJSVWhwaTlUcmsvQj...

441 B
658 B

106ms
30ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pD7aKXxOWUxDdEx0eXFXQjQvcGhwbzEvRjB4QjJ4T2loSG1WWGxVdlhHWE9uUHVwQXFjQlRsWm90S2lRTkFkTzAwZmhVeGpzcFZ0RUpBWHEveTFDVVJ2VVFLNGQrR1NPRWY3M28rM1djOUFJR1E0MXJSVWhwaTlUcmsvQjhJaGdmVWRLQWxUYVpFY2JNTzZncFJ3TjlCdldib2l5ekdHUzVvN25FWXl1OTlMUnFMeDBNUEtGNWh3MGdqaHQ5RWFKOEpHNFErWDFHMzc5aitNK0VlR1VlVk45VjVCamZDM0gxUytacVdORzd4b3FqQmY3MkZpeDlWOEpPL3hLMElnZjVQU1lyT0YzMzVWR1FtZjZKNUZkemozQVcvdz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

430dd1436dfe78d3d79a65ff4a29e9a7bbbeba71feced5e71c158c048feb276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2028039
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=pD7aKXxOWUxDdEx0eXFXQjQvcGhwbzEvRjB4QjJ4T2loSG1WWGxVdlhHWE9uUHVwQXFjQlRsWm90S2lRTkFkTzAwZmhVeGpzcFZ0RUpBWHEveTFDVVJ2VVFLNGQrR1NPRWY3M28rM1djOUFJR1E0MXJSVWhwaTlUcmsvQjhJaGdmVWRLQWxUYVpFY2JNTzZncFJ3TjlCdldib2l5ekdHUzVvN25FWXl1OTlMUnFMeDBNUEtGNWh3MGdqaHQ5RWFKOEpHNFErWDFHMzc5aitNK0VlR1VlVk45VjVCamZDM0gxUytacVdORzd4b3FqQmY3MkZpeDlWOEpPL3hLMElnZjVQU1lyT0YzMzVWR1FtZjZKNUZkemozQVcvdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 737461
content-length: 0
expires: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame B90A 35 B
469 B 47ms
47ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4892233149632719757@@37104560,5521499706358555413,0|0|0|8|8|0|0|0|0||0|0|||||1|0|0|1GK7t0-NZKS48M5tcwHHbQ9N-cVVIjnLLQ0jtBWFZA_3iID6MYvb0hhpnBRkvb3lA7z_uuw_WOM1|||11|0|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://www.pobjeda.me
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 0CC2 35 B
469 B 46ms
46ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=4892233149632719757@@37104560,8287360512506895067,0|0|0|8|8|0|0|0|0||0|0|||||1|0|0|1GK7t0-NZKS48M5tcwHHbQ9N-cVVIjnLLQ0jtBWFZA_CUL8RFW4oqBhpnBRkvb3lA7z_uuw_WOM1|||11|0|0@@37104562,6930241743528004979,90|4591|0|8|8|0|0|0|0||141|0|||||1|0|0|sf_Z6kZLdR648M5tcwHHbQ9N-cVVIjnLLQ0jtBWFZA-EqlqEDZzQgRhpnBRkvb3lA7z_uuw_WOM1|||01|0|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pobjeda.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 06:37:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://www.pobjeda.me
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=14&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=EMX_SSP_DISPLAY1&ol=2910664716&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAvw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-TQhCXLleOfQ59g%3D%3D&sc=1&os=1-mg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=8&gp=8&zGSRC=1&gu=https%3A%2F%2Fwww.pobjeda.me%2F&id=1&ii=4&f=0&j=&t=1668148672946&de=162687174701&cu=1668148672946&m=5638&ar=48843429bae-clean&iw=ffa0d6e&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=8&lb=8973&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A291%3A291%3A3592%3A456&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5008&cd=167&ah=5008&am=167&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=413%3A1132%3A78589%3Aundefined&bo=www.pobjeda.me&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=www.pobjeda.me&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200871&na=479806730&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 11 Nov 2022 06:37:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Nov 2022 06:37:58 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=14&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=EMX_SSP_DISPLAY1&ol=2910664716&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAvw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-TQhCXLleOfQ59g%3D%3D&sc=1&os=1-mg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=8&gp=8&zGSRC=1&gu=https%3A%2F%2Fwww.pobjeda.me%2F&id=1&ii=4&f=0&j=&t=1668148673042&de=569388066201&cu=1668148673042&m=5582&ar=48843429bae-clean&iw=ffa0d6e&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=8&lb=8973&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=90&vx=90%3A90%3A-&pe=1%3A291%3A291%3A3592%3A456&as=1&ag=5101&an=1935&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1041&kw=605&aj=1&pg=90&pf=90&ib=0&cc=1&bw=5101&bx=1935&ci=1041&jz=605&dj=1&aa=1&ad=5000&cn=1834&gk=0&gl=0&ik=0&co=1834&cp=1086&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4945&cd=1086&ah=4945&am=1086&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=413%3A1132%3A78589%3Aundefined&bo=www.pobjeda.me&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=www.pobjeda.me&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200871&na=527071152&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 11 Nov 2022 06:37:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Nov 2022 06:37:58 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=14&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=EMX_SSP_DISPLAY1&ol=2910664716&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAvw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-TQhCXLleOfQ59g%3D%3D&sc=1&os=1-mg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=8&gp=8&zGSRC=1&gu=https%3A%2F%2Fwww.pobjeda.me%2F&id=1&ii=4&f=0&j=&t=1668148673052&de=830507484246&cu=1668148673052&m=5729&ar=48843429bae-clean&iw=ffa0d6e&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=8&lb=8973&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A291%3A291%3A3592%3A456&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5099&cd=104&ah=5099&am=104&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=413%3A1132%3A78589%3Aundefined&bo=www.pobjeda.me&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=www.pobjeda.me&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200871&na=1858187502&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pobjeda.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 11 Nov 2022 06:37:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Nov 2022 06:37:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: h8aHqbGIejE
.youtube.com/	1970-01-20 11:41:40	Name: VISITOR_INFO1_LIVE Value: mMPCqOq9oO0
.pobjeda.me/	1970-01-20 16:58:28	Name: _ga_BPRBRMW9X3 Value: GS1.1.1668148670.1.0.1668148670.0.0.0
.pobjeda.me/	1970-01-20 16:58:28	Name: _ga Value: GA1.2.614322669.1668148670
.pobjeda.me/	1970-01-20 07:23:55	Name: _gid Value: GA1.2.2109198799.1668148670
.pobjeda.me/	1970-01-20 07:22:28	Name: _gat_gtag_UA_147158618_1 Value: 1
.pobjeda.me/	1970-01-20 09:32:04	Name: _fbp Value: fb.1.1668148670297.2139732741
.doubleclick.net/	1970-01-20 16:44:04	Name: IDE Value: AHWqTUkeeN3yPJSBZHDQV0DHwmPml1geVthEjrU6hN8mPf_XKPQiVCATIi0ip3cV5As
.pobjeda.me/	1970-01-20 16:08:04	Name: _hjSessionUser_1554296 Value: eyJpZCI6IjRiZTRlMTU0LWNjNDYtNTA3Ni04YzgxLWQ3MzgxZGRiMWE4OSIsImNyZWF0ZWQiOjE2NjgxNDg2NzEwNzgsImV4aXN0aW5nIjpmYWxzZX0=
.pobjeda.me/	1970-01-20 07:22:30	Name: _hjFirstSeen Value: 1
www.pobjeda.me/	1970-01-20 07:22:28	Name: _hjIncludedInSessionSample Value: 0
.pobjeda.me/	1970-01-20 07:22:30	Name: _hjSession_1554296 Value: eyJpZCI6IjJmOWQ3MTg2LWI5NDctNGMxYy1iMWE0LTBiZTM1NmZiNjNiMiIsImNyZWF0ZWQiOjE2NjgxNDg2NzE1NjgsImluU2FtcGxlIjpmYWxzZX0=
www.pobjeda.me/	1970-01-20 07:22:28	Name: _hjIncludedInPageviewSample Value: 1
.pobjeda.me/	1970-01-20 07:22:30	Name: _hjAbsoluteSessionInProgress Value: 1
.pobjeda.me/	1970-01-20 16:44:04	Name: __gads Value: ID=ecdd32df7aec70c2-220b1f051cd8000f:T=1668148671:RT=1668148671:S=ALNI_Mb22bsHnVgLB6T59u6liERTxTM-oQ
.pobjeda.me/	1970-01-20 16:44:04	Name: __gpi Value: UID=00000b7fa89a76c9:T=1668148671:RT=1668148671:S=ALNI_MbilVPdgcj_Zgvwb2wq-Bq2qBkolA
.rubiconproject.com/	1970-01-20 16:08:04	Name: khaos Value: LAC4ND2B-19-CIMY
.rubiconproject.com/	1970-01-20 16:08:04	Name: audit Value: 1\|naVuGyos1qpTXmnz2IkEIczzH/SUMvpGs1wMD2ZZQDK4dorU8DsKfXiNdCcd2y00JjFIy01aPFlPN8tY4Bws5Rwcea/b3NSzQ8gcjdrR8dE=
.bidswitch.net/	1970-01-20 16:08:04	Name: c Value: 1668148672
.bidswitch.net/	1970-01-20 16:08:04	Name: tuuid_lu Value: 1668148672
.bidswitch.net/	1970-01-20 16:08:04	Name: tuuid Value: 65a26055-1651-4a6f-8df9-cc14a7182651
.adform.net/	1970-01-20 08:05:40	Name: C Value: 1
.adform.net/	1970-01-20 08:48:52	Name: uid Value: 4892233149632719757
.adform.net/	1970-01-20 07:32:33	Name: TPC Value: 1668148672792
www.pobjeda.me/	1969-12-31 23:59:59	Name: dt Value: Fri Nov 11 2022
www.pobjeda.me/	1970-01-20 16:51:16	Name: __atuvc Value: 1%7C45
www.pobjeda.me/	1970-01-20 07:22:30	Name: __atuvs Value: 636dedbe44bbb16a000
.addthis.com/	1970-01-20 16:51:16	Name: uvc Value: 1%7C45
.addthis.com/	1970-01-20 16:51:16	Name: loc Value: MDAwMDBFVURFTkkyMzMzMTg4NTAwMTAwMDBDSA==
.simptrack.com/	1970-01-20 09:32:04	Name: ntm_tps__4011 Value: NNtNZ0RA52eDN_vrwa1H3f0oX_1qocga-Xd_H2ezHlEdc4Vxq8zlpNaJMFnY9Sejz5F6Q3mM1TKXFQ_HyRcV-UWaHTdRfSXqC6Gk2CarSmsVuxTv-aghgLZ85Gv1W7i5Ah5u7JD4M30KoIgt21hbc4DMXp8XjoZhTJAGyUwO357nr-ATucFZrL_60VjEtfr7ds0-VslPWARIKhm7IuhtDasdIMMVRHBfN7SRCH2j5LfdDp31Yj6BAVsvi7ZrBSCGES1TVFIAa3yiIVBlRkZ87DfmXwt6XbuxRDpVF9aCVdK2_SOOZR70hC2ZNNNNNNNNNVf4U
.simptrack.com/	1970-01-20 09:32:04	Name: v0rur7gqspb3_uid Value: 74ed812c4ec26f7e
.criteo.com/	1970-01-20 16:44:04	Name: uid Value: b18c6bea-c3d6-460a-a73a-ba3231344480
.pobjeda.me/	1970-01-20 16:44:04	Name: cto_bundle Value: XzkrxF84aHpCRFIyQSUyQkU2WHJqc1lXcWc1RVklMkZTbDFIeU9JcXp2TG84OW1GJTJGWmlpd0FqZG0yaTJtdks3dmJGJTJGNFYwdEp6JTJCTlVlRWdINVN0Q1JyWGtUeUxEcnAwZWpMWVJ1d3BkUnFKN2RzS2pWVHVkQjVHNDlmWTNoUHV1S29yQXAwS1AzZVg2RVJRdW1JJTJCdlI3dVFFUlBrJTJCZyUzRCUzRA
.yahoo.com/	1970-01-20 16:08:26	Name: A3 Value: d=AQABBMTtbWMCEB0rW8vPH2qONTDJNzdcf2gFEgEBAQE_b2N3YwAAAAAA_eMAAA&S=AQAAAqgdWVIbGQC1EUc1nSb6How
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:08:04	Name: bcookie Value: "v=2&06f536ed-33e6-472a-8a8b-b0b843527216"
.linkedin.com/	1970-01-20 11:41:40	Name: li_gc Value: MTswOzE2NjgxNDg2NzY7MjswMjHV9hl9DCR53VTAX5bn749BGtjN3LccBVZYQSvZHBClTw==
.linkedin.com/	1970-01-20 07:23:55	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2730:u=1:x=1:i=1668148676:t=1668235076:v=2:sig=AQHs36puk8alIZ_ke_iOTwORAG4w_GfS"
.amazon-adsystem.com/	1970-01-20 16:58:28	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 12:56:33	Name: ad-id Value: AzaDcMVy10BrjGENs5RClGQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad4m.at
adservice.google.com
adservice.google.de
adx.adform.net
adxbid.info
analytics.webgains.io
api.pobjeda.me
api.webgains.io
as.ad4m.at
assets.ad4m.at
aws-fr-sync.bidswitch.net
bidder.criteo.com
biddr.brealtime.com
c1.adform.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
e1.emxdgt.com
eus.rubiconproject.com
fastlane.rubiconproject.com
ffd259c51ee25b834de944bba428f30d.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
ghent-aws-fr.bidswitch.net
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb.emxdgt.com
ib.adnxs.com
imp-euro.emxdgt.com
imp.emxdgt.com
in.hotjar.com
js.brealtime.com
lupon.media
m.addthis.com
match.adsrvr.org
media.pobjeda.me
mp.4dex.io
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
px.ads.linkedin.com
px.moatads.com
region1.google-analytics.com
s.amazon-adsystem.com
s1.adform.net
s333.adxpremium.services
s7.addthis.com
script.4dex.io
script.hotjar.com
securepubads.g.doubleclick.net
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
tm.simptrack.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
v1.addthisedge.com
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.pobjeda.me
www.youtube.com
x.bidswitch.net
z.moatads.com
s7.addthis.com
104.17.120.107
104.75.88.126
108.138.17.79
108.138.7.127
13.32.121.66
142.250.184.194
15.197.193.217
152.228.222.122
178.250.2.146
18.130.2.144
18.156.31.28
18.66.112.110
18.66.147.113
18.66.147.41
185.184.8.90
185.255.84.151
185.89.210.82
2001:4860:4802:34::36
23.205.235.133
23.35.237.151
2602:803:c003:200::41
2606:4700:20::681a:9a9
2606:4700:20::681a:a53
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a6d
2606:4700:3032::6815:41fa
2606:4700:3036::6815:4f16
2606:4700:4400::ac40:983f
2606:4700::6811:190e
2620:1ec:21::14
2a00:1450:4001:800::200a
2a00:1450:4001:801::2004
2a00:1450:4001:803::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9a
2a02:2638:1::13
2a02:2638:1::3
2a02:2638::24
2a02:26f0:3500:11::215:14dc
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3601:d55e:b03e:2f7a:ba8e
3.11.224.13
3.123.45.72
3.125.60.173
3.127.121.199
3.75.3.113
37.157.2.249
37.157.4.29
37.157.5.142
44.209.187.139
46.4.250.26
52.28.22.239
52.30.44.244
52.46.128.147
52.95.115.255
69.173.144.139
69.173.144.165
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
026a7c1e680a9cf407cff8c12849fc397d5168cf7d015f420ff95a8f91375046
043b2d55f920ee9b9176e5b165dace8cd5eb7372276462d6a14b47d3a6c464c7
04feb3ad30df7c5bffa9a73841181ddd6c1bf40e97d8a719c3f8eec28492c2a5
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
083d09cbfa6407248bc36c575ac13e17f792bdb5abd83fa9ada82057314e0106
08662bb8f01e12cd8bdbe8da382e023d3e5091e4b7ee1860cd1078324c69f187
08c4bac1911b3376bbc0e223f89698b70536f43965c6a2afb77f49fecebe9d35
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0f1a2caedfb142b900feda73f57b55260948747b718115b6a91cdb8f97b9e2a2
0fa98f14786db5eaca87a6434943224b0410d64b905ddae3d32a5a8c4016d373
11342ed5a9745d3e7bf36cef68791b0a45c9020829fdfc1fbfa23d014b23368b
12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b
13bb5b64afa4365eead17e9db4afafc1bf7e2c34db54a25b9b3a3d54551abf4e
13bc4aa7a223028e807d90cd08fca28dec667454bd8c59d9f8e88665fc509367
1457df39383263547c1c35662ce75cce551bf500b212a4265a6260828a1e523c
1488e66f7a0392302bd84c3dddcdd7f3cc88140aa3965067b28c5831917774c2
14996648bbca198cc25c9dc87e08d07cefab0c8102ca044cdef3edc26c842468
154892bbd146d3726b36021e310d2d1263f023689c47945a10e8af436844cdaf
164e9f51748ce11d492a1dc77cae729b09177bec82daafeb236edb3d0d334f6e
17dd8a0c0cd221b87a63fdbdd2163adf55a8dcb0d66a3368d4bdb85704f713c4
183de4c76efd3e951d6a4d35a46978712baaaf65bbae4c4f887f3c365f5fded6
1bd03a57b54967bbf3c8a7e0a40028716062b4ae32c4df0cec2b718fa1c7586a
1f2b776271f48be10ac3b9f1d78c9b80c8906c19dbccbf8a1f27ec12aa2d8278
2317b9095f343289c5f76607dbd42da0803ce35dfd9bbd29159d1ee168bef838
2581c9bf1607b14d1422251a104b8be40c4b75824dd9eea8710c5a35875cb5ac
270f63a3a7cb7b0702c8dd6fddf5158400adf970ad478c663c534e66eb6c8821
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2bc342ab9f4dea0eb0b244afb0e55862e8f8eadf462e36b16c3bdf6b33c0f87d
2c37ccea01c4da17af79e60619aa9d238aea2e4d2620ae1e9a3436baf2579b21
2e8a56f2584b0d4e2f22b2ade46a8a9b02cc15430d94b08a5a1195058da74643
3039634518f56805172e12346bf3493710d23cdb247a1ba4fc480ff08db8a728
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
348ed6c258020358bbf38e5e66b76d6b04973468391cd212a786c4ad3c62bbfe
355c8da1f3f06a7d8b9043d7c43bb039dcccdcf1e0574d6d167053f3b3ec10e0
373aa2c7d81474ba28bfbf062f754331a446090bab86a1032116fa62fb11aa27
37c95b2ad5de85c97814d109c8313db2141a651f4e9839e4d933d0e6c9164a52
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
3ad7364f424e6065ee83dcc95fc3fd43986c44716ce983ee00332943554ab6a2
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3dbce652354a4aa30fc3d64029058855d51ced4dd3a0e7d165c25b42c19e3ea1
3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2
3f35f1c7530f7024e1bfe728071e547c04bdfff8955d0bfc9a514f10c6dcb6ce
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4059a9152d258689d46811498ab4edbef7ccf4c088933949631604f65c9c7e48
430dd1436dfe78d3d79a65ff4a29e9a7bbbeba71feced5e71c158c048feb276a
461d533deccbaa7027aaa266d0250f0e82cfc4883af6fa701480dd15caa04694
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
493cdfc41887258ba31309cddd047598b0ced35f95bb820e30f3723a81c9072c
49620cc9b47b11f899dcaa72fe40ef3c7a21e8951ab8b07487c21a4cef26af5e
4afabe26fb0e72c9faf1e55fabe9e5cadf37a96c2cf8b28cc9797d5f426e8291
4ca7fc1aeb6b86b1dab59e5e0316e98a4a03b9640bbb651019b44a37dfdf27fe
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977
4e4df566f0425f39a12a681e282f3caaaea4cebda3cb1dac5bcc19dcaeb8b48f
52e9779aa23669f58f3c3b46608b9c220dee7c25d8fdac95b4f27b6fd55212b3
54594b76f0c3091acebab2bf1f45a347ea71fe0ade5d2b3549635027c006e426
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5adff909ec66432d9fdac0f836fa413ad8d7923b3864d92b04a07b4410e56571
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5ce7ad12ee7bfa1a259f64fead263725a0bf2cdec8a47875d9d49d311b4e84ab
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
5febacbc048524def468ac93b16e7e15f55e97c5ed99a6b3742ecc3a0d3c9b3b
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6135f5f513d9a30f33ded4967eee8bf11ae6c444573b48cf60124dabec1c6613
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6343c52ebbd05bab5ae97ebbc68524df12cda4ddb64fe3cd61403f70ff519e70
63975a110b03a2f378dc3b377cecf5fb97b853bd380935987e7203fed84006ca
6675d9c8d29926adc68dc569da2871057ab374c4de08f4e098b95d69d543f30b
669f204d8b40c0281ba02ce3d77a258b1b59ed739da71c0c3c0705408e715e2c
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6c64fcbaf5909fcab9ad263ef654d029a486aac70414f6504a0c7d3f04a93fcb
6c9f227c83684ddef8023bab8dc2a3b9284730436324f65d4441d22b6bad35fa
6eedf7e6d72d844f2c64732129b7112906137772ef9e5654d6f668295ce816a7
6f05bbd1e0e92797fa1afa5bb507c5fb13cc7c70d35f7689923228fd94b7a7a1
6f4ad34e736a0227aabb0e4c05db656857cd951be7c3af379e2dd473721b9e72
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
757f774f3f4eee76182bc5f7f096c9ae01a6f01b59cb556caeca279402429f91
7905a3c2ef93ba3864aabd6527274a9c69a73d67e20caecf3e30cfe42ba927c3
7a4cfa8746e69698372bae2f868ea2329d5c878ce1e745d8f3998dd64982134e
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7ba8de580137c15b453183bdeacb94ee00ced53fd2c638a884bf3da3406158a7
7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845a8eaa6e1416c4ee8339e14c93cf4a8d8bd1263054155eac089033e0196188
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fd546c645b59fd37fe279dad317df63fb7b3e2acec2fc7c740afdc94945f1f
85341bad680f57c6d24ef2b103809761e91d08b08750b128368fff6be558cbe8
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85db1f2725a2a4229dcdb182f8c98227d50767d3cb461d4498f6abfc7b2e3309
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
874e87fa935e7bccb5fa562bb4796cb9016ffda5fe036c748cd6458de421bf67
877c0e9df01342ec3e3a93b0fdb4a536bd1bd08c628a8d5a62847619676df8f4
878ae9787dc9d444c4fa3b9fdfbfc2d7e2b3582ec1cfebb66a8247a9c87ac00b
87aa3f4cb8cdc96f816d7d734d8cd26393b580a8bc26e882623efc6c37348297
8bf57208ab09b3aacbe65b30cb337af2e20d0849772e52d901c0d21dd10cf857
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de2abd8e82f7a629f8ada95fae62ebb62e006231c77bfe9eedb33b5903ccfd1
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8ed5d7be15105e58b524a46815e2d4747fbe77b29d3e405079355ba287523d25
8fdb5cdb66c0374491a20498218d2691fdeece6b310f5bbbfabf8d376e4ce76f
90ad1584922bc3162caefe9ed22163de4a7a7e213a44a84596c9065ab7d27e65
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90ebbbbaded0b3957104970c5523090c52c7863ad78cce4f9258f576e154397e
91dc5b9fe44facdf6bd8b2c2a6229a2c3fe0b8f4a2694ad000ee52b44750a565
960bbddfa0d9f97885016e28a1423bef975094afeb24d01afec6263443eb25bc
972dbe524bff306137cd8b00b4041bab06c98c1ca2707faee0eb1531a6f9a20b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
9830c9a2b9362764ce0f808d2668a757b0d71e0afda399999a57a51013836039
995e03bc5ee30605768b6a59297ed57a1e02e7f552145c2f26d3d04f794a2b90
9967222191f5cd06257e86f03e7e40e39b269d0328492a7daa0541d84a1bd43a
9bffca5a4cce0f86e2410260aeebe5bc8d1eb75c7323ba0c33d40c7450f1ae48
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27
a2293d1d55b750291f8bf87642ff7d238dbfcbfb67e2f1453f551e9a5d5e2119
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a965114f6ec4d6ac9b3b3e41aef74f1d28e557290232a3668e3f2ffae0854be6
a9696e1dee70d8ef324156199ca801bb7acf97fb4c1ea0d9524930197aa2e3d1
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad4e6f6abb016da81b3b9430601c26137033e87f5246fc5b1bae8e8fe6221489
ae2abb18d0a40333c0c56747e9610ce32ddc690e0bb13f06768c0b7076df3a8c
af19bbef2659e37e94f84cd4eaeeb6f2c2b308181aabde34145d6ae01e19276a
b2652c1c0fc51035f1d32cdf41e334c3f649b1826cbef6bb0f6dd52338cb74d5
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60
b3d8bcb82d61a3c0b87387b4dcdd2493ea09e7190e2980c6167182ad23cd96d3
b40aec8051325c42f92eb30db8838c574fdb9c13b0db1a9655a8081d09b29e66
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b49ddfd376cdae2f41526985dc9133498a4620a9fc5f9ad25373a6362b2a3ae8
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
bdcbc89391aa102582b534556887a7e27efb13b0025724e914f5308a20448e18
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b2ec88f4f3cb71b9474b5a10477bf0f1923e803a04bd45e711d923e22d1e71
c2e206ee7e9084cc935c38feba78f472076937381b99babb960617d688f145ea
c616c25511d3dce5cb17be3661d7e86614ad988a41017ce20757729192109200
c62e27e1c85bc201dc895f5907d6edbe6f1e986467ead6f0d6f112630e9aa8f3
c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca16d28f8926a6f3fe073723f473e227955d934d3d8a37401206f484a243fba2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa79c4c023cce91d4414ed5701f2472f6e00737cc48b42e1ec60e6ab549ed15
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d45913932c033bca22970f472b9f26904bbe5c4a182ea70ffd90034e140ec284
d4ed0839be16207fbd4007e1c413b78e552a25512a5075605c0ba57297d84add
d54b20ff199d0bbe8de24a41733a2a30176c4a0764f7c127b1ca0a2ec9631bfe
d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2
d735696648ff5008276f6e1694901772d6ef471af79127281948202d16dd7dd4
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
ddb937b2f3d78fd6adcd11c5d7e7c6a838193c000e6d49905fe563d96b9d7b26
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0a0b4619fcf6f59324bf94db2257a0bcae91a814b8d4a456b7d874e2e181883
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e6769f945dd5f4d3fbe19ffa567b55eb3b72d9e94e8868ac8dbf1f152ff54e
e43f3249518071bcb3a1f2bb560f70741de87335f123a5a37d6ee49d195f0e4a
e4a167f4eb93edab47c821c6b1c31cc48f38765d1607cf0b8c149dd9158f657d
e5e4ffbbf3cfbc0cefa8d24b51f9b0ba175b8303f02507343d8b260160114274
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e96aa0b33182cc05f49f6308f2db4cbea0b6f9cd47e79b8dd15735d6b13bdc80
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ec76b25a60cd277b0a327a216586a5c2ee4e71fd72944ff98df3c0d55319105f
ecfb005d1f50ef89ab67d61f2b2c449ccc40a05fe2900264e68563c6ee8a72e1
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eda8191f9ba76f5caac6877916a84ad731e96464925a7f9225d8a78b73d01240
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19291c55ffeacf962bbc77a8f01303798a53387554aec7343bd45980846747b
f331a420fa57ca77f49e427fabe4df104dce493d96bd8246002847fb3e5a9862
f3620dff25bb7b71f2f78e8d06fa4af0d575da2f1e91d07f8db1353649afffe2
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
f7359cf29957eb0f9c4aff7864d058f50f0469d0603d759412d85727d301a6a0
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
f93d903c5e237bdfea596f6a87f49505b1106bb036cdcbf9bdb88b33910a37d3
ff70f2c7153694b6206d8af9eef26edc85a688d382fd8ac6740ad9f0a88a394e
ffc13506790967240d4fe880058b37f674e314b795a2d5190ed3ed0a4038a646

www.pobjeda.me Open in urlscan Pro 2606:4700:20::681a:a53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

366 Requests

95 %HTTPS

49 %IPv6

44 Domains

78 Subdomains

63 IPs

9 Countries

9957 kBTransfer

17976 kBSize

40 Cookies

7 Outgoing links

Page URL History

Redirected requests

366 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.pobjeda.me Open in urlscan Pro
2606:4700:20::681a:a53 Public Scan

Screenshot
Live screenshot

Full Image

366
Requests

95 %
HTTPS

49 %
IPv6

44
Domains

78
Subdomains

63
IPs

9
Countries

9957 kB
Transfer

17976 kB
Size

40
Cookies

366 HTTP transactions
14 data transactions