urlscan.io logo urlscan.io
SecurityTrails logo

gdz.fun Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://gdz.fun/
Submission Tags: analytics-framework
Submission: On April 26 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 7 countries across 54 domains to perform 313 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is gdz.fun.
TLS certificate: Issued by E1 on April 10th 2023. Valid for: 3 months.
This is the only time gdz.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 2a06:98c1:312... 13335 (CLOUDFLAR...)
11 87.240.132.67 47541 (VKONTAKTE...)
22 2a00:1450:400... 15169 (GOOGLE)
5 185.129.100.122 57724 (DDOS-GUARD)
18 2a00:1450:400... 15169 (GOOGLE)
2 4 88.212.201.204 39134 (UNITEDNET)
1 185.191.197.56 42244 (ESERVER)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 217.20.155.208 47764 (VK-AS)
1 94.100.180.54 47764 (VK-AS)
2 178.218.210.133 42244 (ESERVER)
3 9 2a02:6b8::1:119 208722 (GLOBAL_DC)
3 2a00:1450:400... 15169 (GOOGLE)
31 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 178.218.213.168 42244 (ESERVER)
3 178.218.213.170 42244 (ESERVER)
2 178.218.212.115 42244 (ESERVER)
1 2 154.47.36.202 174 (COGENT-174)
5 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
3 4 142.250.185.98 15169 (GOOGLE)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
2 3 185.83.142.19 29990 (ASN-APPNEX)
7 2a00:1450:400... 15169 (GOOGLE)
7 172.217.18.2 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 178.218.223.43 42244 (ESERVER)
2 195.201.152.107 24940 (HETZNER-AS)
12 92.223.106.21 210756 (EDGECENTE...)
5 81.19.89.16 24638 (RAMBLER-T...)
3 91.218.228.87 210079 (EUROBYTE ...)
1 92.223.103.67 210756 (EDGECENTE...)
8 94.26.230.47 49505 (SELECTEL)
6 92.223.103.32 210756 (EDGECENTE...)
1 5.188.150.107 210756 (EDGECENTE...)
4 83.229.25.244 210756 (EDGECENTE...)
2 2a00:1450:400... 15169 (GOOGLE)
29 2a00:1148:db0... 47764 (VK-AS)
8 95.163.43.46 47764 (VK-AS)
2 5 195.209.108.49 52007 (ADRIVER-AS)
1 1 188.72.107.156 208677 (SBERCLOUD-AS)
1 94.26.231.116 49505 (SELECTEL)
1 37.230.131.22 200197 (HYBRID-PO...)
1 2 193.232.150.43 48061 (UMA-TECH-AS)
1 2 31.172.81.160 44066 (DE-FIRSTC...)
1 1 176.9.81.69 24940 (HETZNER-AS)
2 2 148.251.236.115 24940 (HETZNER-AS)
1 83.222.114.190 42632 (MNOGOBYTE...)
2 2 188.42.191.196 7979 (SERVERS-COM)
2 3 34.111.205.194 396982 (GOOGLE-CL...)
3 3 35.190.24.218 15169 (GOOGLE)
1 1 217.65.2.150 29076 (CITYTELEC...)
1 1 146.0.227.110 20773 (GODADDY)
1 193.200.65.6 6681 (GIVEME-CLOUD)
2 2 89.108.108.11 197695 (AS-REG)
5 5 217.66.147.35 29209 (SPBMTS-AS...)
2 2 213.87.44.187 13174 (MTSNET Mo...)
1 2a02:6b8::90 208722 (GLOBAL_DC)
1 185.40.31.214 61400 (NETRACK-AS)
1 1 130.193.58.13 200350 (YANDEXCLOUD)
2 2a00:1148:db0... 47764 (VK-AS)
2 83.222.105.70 42632 (MNOGOBYTE...)
2 87.240.129.181 47541 (VKONTAKTE...)
22 95.142.206.0 ()
313 58
22    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
gdz.fun
11    87.240.132.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-132-240-87.vk.com
vk.com
22    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    185.129.100.122 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
usocial.pro
18    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.nl
4    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
1    185.191.197.56 (Russian Federation)

ASN42244 (ESERVER, SK)
mc.gdz.work
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
adservice.google.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    217.20.155.208 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: ip208.155.odnoklassniki.ru
connect.ok.ru
1    94.100.180.54 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: connect.mail.ru
connect.mail.ru
2    178.218.210.133 (Moscow Oblast, Russian Federation)

ASN42244 (ESERVER, SK)
PTR: dcw-unknown.maxhost.ru
cdn.advideo.ru
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
3    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
31    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    178.218.213.168 (Russian Federation)

ASN42244 (ESERVER, SK)
PTR: mail.small-games.info
stat.advideo.ru
3    178.218.213.170 (Russian Federation)

ASN42244 (ESERVER, SK)
PTR: space1.unassigned.ru.eserver.net
faststat.advideo.ru
2    178.218.212.115 (Russian Federation)

ASN42244 (ESERVER, SK)
PTR: cdn.bazr.ru
bazr.ru
2    154.47.36.202 (United States)

ASN174 (COGENT-174, US)
mc.webvisor.org
5    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    185.83.142.19 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
7    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
7    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    178.218.223.43 (Russian Federation)

ASN42244 (ESERVER, SK)
PTR: space1.unassigned.ru.eserver.net
cdn.bazr.ru
2    195.201.152.107 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.107.152.201.195.clients.your-server.de
sync.dmp.otm-r.com
12    92.223.106.21 (Moscow, Russian Federation)

ASN210756 (EDGECENTERLLC, RU)
PTR: f61.moevideo.net
moevideo.biz
5    81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
st.top100.ru
kraken.rambler.ru
3    91.218.228.87 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: hosted-by.ihc.ru
adverdata.net
204.adverdata.net
1    92.223.103.67 (Moscow, Russian Federation)

ASN210756 (EDGECENTERLLC, RU)
PTR: f52.moevideo.net
playreplay.me
8    94.26.230.47 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
thesame.tv
moe.video
6    92.223.103.32 (Moscow, Russian Federation)

ASN210756 (EDGECENTERLLC, RU)
PTR: f26.moevideo.net
cs-0.moevideo.biz
1    5.188.150.107 (Moscow, Russian Federation)

ASN210756 (EDGECENTERLLC, RU)
playreplay.net
4    83.229.25.244 (Moscow, Russian Federation)

ASN210756 (EDGECENTERLLC, RU)
PTR: fvm15.moevideo.net
am-0.moevideo.biz
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
29    2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)
ad.mail.ru
8    95.163.43.46 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: relap.io
relap.mail.ru
5    195.209.108.49 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
1    188.72.107.156 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr09.segmento.ru
moevideo-sync.rutarget.ru
1    94.26.231.116 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
rtb.moe.video
1    37.230.131.22 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)
dm-eu.hybrid.ai
2    193.232.150.43 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net
px.adhigh.net
2    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
1    176.9.81.69 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.69.81.9.176.clients.your-server.de
exchange.buzzoola.com
2    148.251.236.115 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-5.community.moscow
sync.upravel.com
1    83.222.114.190 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    34.111.205.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.205.111.34.bc.googleusercontent.com
dx.frontend.weborama.com
3    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
rd.frontend.weborama.fr
redirect.frontend.weborama.fr
1    217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)
match.new-programmatic.com
1    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
1    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
2    89.108.108.11 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: srv5.kimberlite.io
kimberlite.io
5    217.66.147.35 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-35-147-66-217.spbmts.ru
sm.rtb.mts.ru
2    213.87.44.187 (Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
1    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
1    185.40.31.214 (Tula, Russian Federation)

ASN61400 (NETRACK-AS, RU)
sync.dsp.solta.io
1    130.193.58.13 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
pixel.konnektu.ru
2    2a00:1148:db00::28 (Russian Federation)

ASN47764 (VK-AS, RU)
r.mradx.net
2    83.222.105.70 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
adx.com.ru
2    87.240.129.181 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv181-129-240-87.vk.com
login.vk.com
22    95.142.206.0 (None, )

ASN- ()
st6-20.vk.com
Apex Domain
Subdomains		 Transfer
58 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
678 KB
38 mail.ru
connect.mail.ru — Cisco Umbrella Rank: 67565
ad.mail.ru — Cisco Umbrella Rank: 6673
relap.mail.ru — Cisco Umbrella Rank: 42303
top-fwz1.mail.ru Failed
20 KB
35 vk.com
vk.com — Cisco Umbrella Rank: 3288
login.vk.com — Cisco Umbrella Rank: 12393
st6-20.vk.com
718 KB
23 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
263 KB
22 moevideo.biz
moevideo.biz — Cisco Umbrella Rank: 39262
cs-0.moevideo.biz — Cisco Umbrella Rank: 54834
am-0.moevideo.biz — Cisco Umbrella Rank: 55205
449 KB
22 gdz.fun
gdz.fun
517 KB
10 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2437
an.yandex.ru — Cisco Umbrella Rank: 4140
78 KB
8 moe.video
moe.video — Cisco Umbrella Rank: 55672
rtb.moe.video
45 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
107 KB
7 mts.ru
sm.rtb.mts.ru — Cisco Umbrella Rank: 28352
tech.rtb.mts.ru — Cisco Umbrella Rank: 34642
4 KB
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 322
134 KB
7 advideo.ru
cdn.advideo.ru
stat.advideo.ru
faststat.advideo.ru
24 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
1 KB
5 adriver.ru
ad.adriver.ru — Cisco Umbrella Rank: 13737
4 KB
5 bazr.ru
bazr.ru
cdn.bazr.ru
52 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
243 KB
5 usocial.pro
usocial.pro — Cisco Umbrella Rank: 108374
46 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
3 KB
4 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 7108
2 KB
3 weborama.fr
rd.frontend.weborama.fr — Cisco Umbrella Rank: 17662
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12112
717 B
3 weborama.com
dx.frontend.weborama.com — Cisco Umbrella Rank: 34338
705 B
3 com.ru
rtb.com.ru — Cisco Umbrella Rank: 37651
adx.com.ru — Cisco Umbrella Rank: 31715
926 B
3 rambler.ru
kraken.rambler.ru — Cisco Umbrella Rank: 26829
1 KB
3 adverdata.net
adverdata.net — Cisco Umbrella Rank: 423571
204.adverdata.net — Cisco Umbrella Rank: 732241
9 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
3 KB
3 google.nl
adservice.google.nl — Cisco Umbrella Rank: 11490
818 B
2 mradx.net
r.mradx.net — Cisco Umbrella Rank: 15259
115 KB
2 kimberlite.io
kimberlite.io — Cisco Umbrella Rank: 26430
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2547
1 KB
2 upravel.com
sync.upravel.com — Cisco Umbrella Rank: 29910
1 KB
2 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 5978
1 KB
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 13391
729 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
41 KB
2 top100.ru
st.top100.ru — Cisco Umbrella Rank: 30778
38 KB
2 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 16445
137 B
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 20504
864 B
1 konnektu.ru
pixel.konnektu.ru — Cisco Umbrella Rank: 58324
214 B
1 solta.io
sync.dsp.solta.io — Cisco Umbrella Rank: 46135
158 B
1 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 119866
351 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 3435
327 B
1 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 29877
264 B
1 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 15169
176 B
1 hybrid.ai
dm-eu.hybrid.ai — Cisco Umbrella Rank: 12469
280 B
1 rutarget.ru
moevideo-sync.rutarget.ru — Cisco Umbrella Rank: 194505
402 B
1 playreplay.net
playreplay.net — Cisco Umbrella Rank: 70187
332 B
1 thesame.tv
thesame.tv — Cisco Umbrella Rank: 63971
332 B
1 playreplay.me
playreplay.me — Cisco Umbrella Rank: 57003
332 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
31 KB
1 ok.ru
connect.ok.ru — Cisco Umbrella Rank: 32851
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
86 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1132
601 B
1 gdz.work
mc.gdz.work — Cisco Umbrella Rank: 286675
295 B
0 userapi.com Failed
sun6-21.userapi.com Failed
sun6-23.userapi.com Failed
sun6-22.userapi.com Failed
sun6-20.userapi.com Failed
313 54
Domain Requested by
31 tpc.googlesyndication.com googleads.g.doubleclick.net
gdz.fun
tpc.googlesyndication.com
pagead2.googlesyndication.com
29 ad.mail.ru moevideo.biz
adverdata.net
r.mradx.net
27 pagead2.googlesyndication.com gdz.fun
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
22 st6-20.vk.com vk.com
22 gdz.fun gdz.fun
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
gdz.fun
12 moevideo.biz cdn.bazr.ru
moevideo.biz
11 vk.com gdz.fun
usocial.pro
ad.mail.ru
vk.com
9 mc.yandex.ru 3 redirects gdz.fun
bazr.ru
mc.yandex.ru
8 relap.mail.ru moevideo.biz
7 moe.video moevideo.biz
7 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
6 cs-0.moevideo.biz moevideo.biz
5 sm.rtb.mts.ru 5 redirects
5 ad.adriver.ru 2 redirects moevideo.biz
5 fonts.gstatic.com fonts.googleapis.com
5 www.googletagservices.com googleads.g.doubleclick.net
5 usocial.pro gdz.fun
usocial.pro
4 am-0.moevideo.biz moevideo.biz
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 counter.yadro.ru 2 redirects gdz.fun
bazr.ru
3 dx.frontend.weborama.com 2 redirects
3 kraken.rambler.ru st.top100.ru
bazr.ru
3 cdn.bazr.ru bazr.ru
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 faststat.advideo.ru gdz.fun
cdn.bazr.ru
3 www.gstatic.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.nl pagead2.googlesyndication.com
2 login.vk.com vk.com
2 adx.com.ru moevideo.biz
2 r.mradx.net ad.mail.ru
2 tech.rtb.mts.ru 2 redirects
2 kimberlite.io 2 redirects
2 rd.frontend.weborama.fr 2 redirects
2 ads.betweendigital.com 2 redirects
2 sync.upravel.com 2 redirects
2 sync.bumlam.com 1 redirects
2 px.adhigh.net 1 redirects
2 www.google-analytics.com moevideo.biz
2 204.adverdata.net adverdata.net
2 st.top100.ru bazr.ru
st.top100.ru
2 sync.dmp.otm-r.com bazr.ru
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 mc.webvisor.org 1 redirects gdz.fun
2 bazr.ru gdz.fun
cdn.advideo.ru
2 stat.advideo.ru gdz.fun
cdn.bazr.ru
2 cdn.advideo.ru gdz.fun
cdn.advideo.ru
1 pixel.konnektu.ru 1 redirects
1 sync.dsp.solta.io
1 an.yandex.ru
1 redirect.frontend.weborama.fr 1 redirects
1 m.trafmag.com
1 inv-nets.admixer.net 1 redirects
1 match.new-programmatic.com 1 redirects
1 rtb.com.ru
1 exchange.buzzoola.com 1 redirects
1 dm-eu.hybrid.ai
1 rtb.moe.video
1 moevideo-sync.rutarget.ru 1 redirects
1 playreplay.net moevideo.biz
1 thesame.tv moevideo.biz
1 playreplay.me moevideo.biz
1 adverdata.net bazr.ru
1 s0.2mdn.net googleads.g.doubleclick.net
1 connect.mail.ru usocial.pro
1 connect.ok.ru gdz.fun
1 cdn.jsdelivr.net usocial.pro
1 partner.googleadservices.com pagead2.googlesyndication.com
1 mc.gdz.work gdz.fun
0 top-fwz1.mail.ru Failed vk.com
0 sun6-20.userapi.com Failed vk.com
0 sun6-22.userapi.com Failed vk.com
0 sun6-23.userapi.com Failed vk.com
0 sun6-21.userapi.com Failed vk.com
313 78

This site contains no links.

Subject Issuer Validity Valid
*.gdz.fun
E1		 2023-04-10 -
2023-07-09		 3 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2023-03-16 -
2024-02-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
usocial.pro
GoGetSSL RSA DV CA		 2023-02-16 -
2024-03-17		 a year crt.sh
mc.gdz.work
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.ok.ru
GlobalSign RSA OV SSL CA 2018		 2022-10-11 -
2023-11-12		 a year crt.sh
*.mail.ru
GlobalSign RSA OV SSL CA 2018		 2022-10-20 -
2023-11-21		 a year crt.sh
cdn.advideo.ru
R3		 2023-04-09 -
2023-07-08		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
stat.advideo.ru
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh
faststat.advideo.ru
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
bazr.ru
R3		 2023-04-20 -
2023-07-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2		 2022-05-27 -
2023-06-28		 a year crt.sh
*.moevideo.biz
AlphaSSL CA - SHA256 - G4		 2023-04-04 -
2024-05-05		 a year crt.sh
*.top100.ru
GlobalSign GCC R3 DV TLS CA 2020		 2023-02-08 -
2024-03-11		 a year crt.sh
*.adverdata.net
AlphaSSL CA - SHA256 - G2		 2022-05-05 -
2023-06-06		 a year crt.sh
*.rambler.ru
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-17 -
2024-05-18		 a year crt.sh
*.playreplay.me
AlphaSSL CA - SHA256 - G4		 2023-01-11 -
2024-02-12		 a year crt.sh
*.thesame.tv
AlphaSSL CA - SHA256 - G2		 2022-06-06 -
2023-07-08		 a year crt.sh
*.playreplay.net
AlphaSSL CA - SHA256 - G2		 2022-10-13 -
2023-11-14		 a year crt.sh
*.moe.video
AlphaSSL CA - SHA256 - G4		 2023-01-11 -
2024-02-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.relap.mail.ru
GlobalSign RSA OV SSL CA 2018		 2023-01-31 -
2024-03-03		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2022-09-26 -
2023-09-26		 a year crt.sh
rtb.com.ru
R3		 2023-04-24 -
2023-07-23		 3 months crt.sh
*.dsp.solta.io
AlphaSSL CA - SHA256 - G2		 2022-08-02 -
2023-09-03		 a year crt.sh
*.mradx.net
GlobalSign RSA OV SSL CA 2018		 2022-07-14 -
2023-08-15		 a year crt.sh
*.adx.com.ru
AlphaSSL CA - SHA256 - G2		 2022-05-21 -
2023-06-22		 a year crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020		 2023-03-07 -
2024-04-07		 a year crt.sh

This page contains 32 frames:

Primary Page: https://gdz.fun/
Frame ID: 182051A2C5340529C23800643EAA00CE
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html
Frame ID: D1401D2CB1FA95187CFA7A200EA07662
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&adk=1812271804&adf=3025194257&lmt=1682474395&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_r&format=0x0&url=https%3A%2F%2Fgdz.fun%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394924&bpp=5&bdt=221&idt=110&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1432878275718&frm=20&pv=2&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=128
Frame ID: F88634C4622C3848BBC793FB46D47C0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394929&bpp=2&bdt=225&idt=137&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w8zK71kQ0u&p=https%3A//gdz.fun&dtd=140
Frame ID: 53158BFEFB6DBCE3EBF0530E69B4BAFD
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=475&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n9dsm1Cj9l&p=https%3A//gdz.fun&dtd=6
Frame ID: 7626BD11C436A3E2092F6213D37C4221
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Frame ID: 95492A9FB53E5881CD58754EDEFC316C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
Frame ID: 6E16D3422F767BF5A3B60973D57AA0A2
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Frame ID: 66DC75778BA4074E58946CD7F1DA1EC4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9AFB686350C059F101BD6668000EAFF6
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: 86D0241150045DF1F31439EEA63459B3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: C2B592E13E25C0D7AD4C0664131BA7F2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: DC9E07DBA3E5C6A3CEF7DF9B54D7B889
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLmOyQEQ35zRARiDjrTiATAB&v=APEucNWnTeTrYdOCALGBZMMDAtBXD5q2gakPbALcbmMpPfQNtcSycg_OJJTb1emeU6j8t2JKp2nxbNvTWQ5wzGYuNjAvqEClgW8hGXZBMmgOVTC7IE_A4lckWxI4LM6LPY7WbFfN1O8mLlmj7W_0-3ZBf-Br0eRMivkULPyeUyH_0z49KEaDYkg
Frame ID: 510949150F48EEEB743E4DED7E4E547A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2EAB13A21B6C0824F472301A57DA2630
Requests: 2 HTTP requests in this frame

Frame: https://bazr.ru/player?playlistId=35603&v1.0.1.1
Frame ID: 36A9BC9B3E272770242D834BAC4691AE
Requests: 23 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Frame ID: 148EA406D3760A7D2E7F4B89AB4233E6
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: 5F56FA1851C28D1F0C08F431716C5C21
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7BF0E4748A249365670576C4F8193D39
Requests: 3 HTTP requests in this frame

Frame: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Frame ID: E32CAFC8F4BFF649A56EBB7C8EA46E2C
Requests: 76 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: A7D6672CE92EBA3528E6C0CF2B587D9C
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 28FF57B553C869C1A3B58EBDD8870ABF
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 843FA5BB2724827F0B8DA63B0803F690
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 36BB296131D63C3F9216ACA8228AE972
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 584363F0E64DE68BFC10504A53DAABDC
Requests: 2 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 1471E4701BC7D3E1DFF892D76C2138A5
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: 5794B45E1D1B8631D25A33F2F2613280
Requests: 3 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 3E69FF82681BF743168E6FC8A870221C
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 73AA8A16B31795C8F234F8341B22F5D5
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 6B0847DA2A700A6EE044BA24ECD348ED
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: 682F7413A4098ADAC8C0F8635FB29214
Requests: 3 HTTP requests in this frame

Frame: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Frame ID: 9FC72E572392B3D7BD270F5567BAA64C
Requests: 31 HTTP requests in this frame

Frame: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Frame ID: B861ACEB07749A72331ADA8DCA91A3C1
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ГДЗ - решение домашних заданий с 1 по 11 класс онлайн

Detected technologies

Overall confidence: 100%
Detected patterns
  • react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • (?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

313
Requests

88 %
HTTPS

28 %
IPv6

54
Domains

78
Subdomains

58
IPs

7
Countries

3709 kB
Transfer

12775 kB
Size

70
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//gdz.fun/;0.46614029271528534 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//gdz.fun/;0.46614029271528534
Request Chain 47
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A0%3Als%3A692608824490%3Ahid%3A40051811%3Az%3A0%3Ai%3A20230426015955%3Aet%3A1682474395%3Ac%3A1%3Arn%3A132894317%3Arqn%3A1%3Au%3A1682474395665542776%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A12%2C37%2C148%2C1%2C0%2C0%2C%2C304%2C2%2C%2C%2C%2C503%3Aco%3A0%3Acpf%3A1%3Ans%3A1682474394504%3Ast%3A1682474395&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A0%3Als%3A692608824490%3Ahid%3A40051811%3Az%3A0%3Ai%3A20230426015955%3Aet%3A1682474395%3Ac%3A1%3Arn%3A132894317%3Arqn%3A1%3Au%3A1682474395665542776%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A12%2C37%2C148%2C1%2C0%2C0%2C%2C304%2C2%2C%2C%2C%2C503%3Aco%3A0%3Acpf%3A1%3Ans%3A1682474394504%3Ast%3A1682474395&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 49
  • https://mc.yandex.ru/watch/53858797?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1046595670496%3Ahid%3A40051811%3Az%3A0%3Ai%3A20230426015955%3Aet%3A1682474395%3Ac%3A1%3Arn%3A213384196%3Arqn%3A1%3Au%3A1682474395665542776%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A12%2C37%2C148%2C1%2C0%2C0%2C%2C304%2C2%2C%2C%2C%2C503%3Aco%3A0%3Acpf%3A1%3Ans%3A1682474394504%3Arqnl%3A1%3Ast%3A1682474395%3At%3A%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/53858797/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1046595670496%3Ahid%3A40051811%3Az%3A0%3Ai%3A20230426015955%3Aet%3A1682474395%3Ac%3A1%3Arn%3A213384196%3Arqn%3A1%3Au%3A1682474395665542776%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A12%2C37%2C148%2C1%2C0%2C0%2C%2C304%2C2%2C%2C%2C%2C503%3Aco%3A0%3Acpf%3A1%3Ans%3A1682474394504%3Arqnl%3A1%3Ast%3A1682474395%3At%3A%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 85
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9984.5cdiqFwcQ_OlImp11D5Fi2JlADjxdJQp_wpzUB7tQ6NGfLfpCxSz7KakCD3oTLQM.TwKvTG1L0pKvE0_2YORVPqXzWNk%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9984.4PS5xaj0_IKDr1jm1ohpHwQJWZecZA7ZTiWdAd5JypbPUJ7crcNJMovFbkjW6VgSvZCCZEIHQ6IHwaH5NlR8U50iO5AwsBawWEwXlLxEi4WeGZlhlgMFjscir3rD9Xu-CjjVxn2cnGpgDW-mu66fedFF4QonpPOiWNq1X4KbUd7igZHH5wa1opP88LM7skFbkOjomwl0VZmSaS-x6yvpThU2XBEICjJDs3XE9Bqw9vw%2C.qdQ7n-FSGLeooOKFjZRQZh_rRYc%2C
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyixxKzcVHdNQwF5clOyF8&google_cver=1
Request Chain 121
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEiFm-rg8uU.BYE1v7uTdQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyixxKzcVHdNQwF5clOyF8&google_cver=1&google_hm=2
Request Chain 122
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGdbdxVsSHHmRqfx3yooBRU&google_cver=1
Request Chain 123
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyMTI5MDE0ODA1OTY1OTYxMQ%3D%3D
Request Chain 138
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 159
  • https://counter.yadro.ru/hit?t44.1;rhttps%3A//gdz.fun/;s1600*1200*24;uhttps%3A//bazr.ru/player%3FplaylistId%3D35603%26v1.0.1.1;h%u041F%u043B%u0435%u0435%u04403;0.8035960889552596 HTTP 302
  • https://counter.yadro.ru/hit?q;t44.1;rhttps%3A//gdz.fun/;s1600*1200*24;uhttps%3A//bazr.ru/player%3FplaylistId%3D35603%26v1.0.1.1;h%u041F%u043B%u0435%u0435%u04403;0.8035960889552596
Request Chain 200
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=223687&bt=61&pz=0&target=top&rnd=5910054&tail256=bazr.ru HTTP 302
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=223687&bt=61&pz=0&target=top&rnd=5910054&tail256=bazr.ru&tuid=-5449494913
Request Chain 204
  • https://moevideo-sync.rutarget.ru/sync HTTP 302
  • https://rtb.moe.video/cs?b=qoUqskRR8rC4&d=1
Request Chain 206
  • https://px.adhigh.net/p/cm/moevideo HTTP 302
  • https://px.adhigh.net/p/cm/moevideo?bounced=1
Request Chain 207
  • https://sync.bumlam.com/?src=moe2&uid=4a9d457a2c4f3e03c0aa HTTP 302
  • https://sync.bumlam.com/?src=moe2&s_data=CAIQARidi6KiBmIUNGE5ZDQ1N2EyYzRmM2UwM2MwYWGiARALvjjM49YR7YbgACWQwGR8
Request Chain 208
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570 HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5119460416
Request Chain 209
  • https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D HTTP 301
  • https://cs-0.moevideo.biz/ssp/cs?d=81&b=60c42c3a-c8f1-44a3-527b-a86bab635537
Request Chain 210
  • https://sync.upravel.com/moevideo/sync HTTP 302
  • https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ HTTP 302
  • https://cs-0.moevideo.biz/ssp/cs?d=91&b=15cc1fdf-0467-43bc-9687-1699f698a072
Request Chain 213
  • https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://cs-0.moevideo.biz/ssp/cs?d=161&b=2e75db16-a375-5274-aa61-1ba4ce299e39
Request Chain 214
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//moevideo.biz/native%3Fid%3Dmv-content-roll-3091%26slot%3Dcontent%26api%3D2.0%26ref%3Dbazr.ru%26frp%3DaHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x%26instream%3D HTTP 307
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-3091%26slot%3Dcontent%26api%3D2.0%26ref%3Dbazr.ru%26frp%3DaHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x%26instream%3D&bounce=1&random=1271540658 HTTP 302
  • https://rd.frontend.weborama.fr/rd?key=wamsync HTTP 307
  • https://rd.frontend.weborama.fr/rd?key=wamsync&bounce=1&random=2126419909 HTTP 302
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=jKRPg4Jl7VCM
Request Chain 215
  • https://match.new-programmatic.com/userbind?src=moevideo&id=4a9d457a2c4f3e03c0aa HTTP 302
  • https://cs-0.moevideo.biz/ssp/cs?d=111&b==
Request Chain 216
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=03012A8F-9C5C-4F0A-B5C5-EF2E17D61EBD&id=4a9d457a2c4f3e03c0aa HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=5626e3653a714e89acec515bcc4e6aa3
Request Chain 217
  • https://kimberlite.io/rtb/sync/moevideo?u=4a9d457a2c4f3e03c0aa HTTP 307
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fweborama%3Fu%3D%7BWEBO_CID%7D%26f%3Dhttps%253A%252F%252Fcs-0.moevideo.biz%252Fssp%252Fcs%253Fd%253D201%2526b%253DZEiFntWg960%26n%3D1 HTTP 302
  • https://kimberlite.io/rtb/sync/weborama?u=a9EM90n71itZKM/KOxZHWu&f=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D201%26b%3DZEiFntWg960&n=1 HTTP 307
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZEiFntWg960 HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZEiFntWg960 HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=cf038cd2-7f7f-4fe9-a655-fb20cff69005&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FzwOM0n9_T-mmVfsgz_aQBQ%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D59%2526em%253D0%26sign%3D1430119235 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/zwOM0n9_T-mmVfsgz_aQBQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1430119235
Request Chain 219
  • https://sm.rtb.mts.ru/p?ssp=moevideo&id=4a9d457a2c4f3e03c0aa HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=22&exu=4a9d457a2c4f3e03c0aa HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=cf038cd2-7f7f-4fe9-a655-fb20cff69005&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D22%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
  • https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D22%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
  • https://sm.rtb.mts.ru/em?next=22&em=1&ssp=konnektu&id= HTTP 301
  • https://cs-0.moevideo.biz/ssp/cs?d=121&b=cf038cd2-7f7f-4fe9-a655-fb20cff69005

313 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gdz.fun/ 		173 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gdz.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
4059d8dac76ffba6a886a8993e62e832eb1dd9742ec7ea254862e2277bde40fc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://gdz.fun https://bazr.ru https://advideo.ru
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bdb3aa5f998b96f-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 26 Apr 2023 01:59:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OiTPdGqpMcZ5QSKetCks7RFOCoI7r90LrwG5bnc0Zoln6BU7b5lfuRtQ6eiN20FoTWr0b61ot6AwEXHHeQMoCLIvfo4WbFR4xeLhG%2FodaK78%2B50353n7QkEmptUimZiHHuILYkI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
openapi.js
vk.com/js/api/ 		104 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?150
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-132-240-87.vk.com
Software
kittenx /
Resource Hash
2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
content-encoding
br
x-frontend
front224005
last-modified
Fri, 02 Dec 2022 07:14:40 GMT
server
kittenx
etag
"6389a5e0-5b16"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
23318
expires
Sun, 30 Apr 2023 01:59:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1709833d4c156cffe2876d15348dfc393bfd1b3e064afa62c9d64fdf586d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47435
x-xss-protection
0
server
cafe
etag
18231463431960942684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 26 Apr 2023 01:59:54 GMT
index.d3d43097f717f714f44a.css
gdz.fun/build/assets/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e8cf0daec45bbf1afbf1adadbe44daac2d00c46223cca1db8b3f31ad328763

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1956923
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:14 GMT
server
cloudflare
etag
W/"63fca86e-5cb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHu4RCMqKS4wOIlMSQFYPMyPvEPgtxpdU1Nl8rqwMtbibz0tPiQkllYKCSC%2BMZJoxfIv7dv2Z%2BAxklK4OsmSptjSxWJLEjI7ZK0NmoQwn%2Famy0ZOjuqQTe4dcn7GaHupUEy10N39"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7bdb3aa6fa0eb96f-AMS
expires
Wed, 03 May 2023 10:24:31 GMT
1.png
gdz.fun/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdz.fun/img/1.png
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ccd99b4d8efb07f1583526b52bd05a10f55a4aa4826f1d77c416e435a6321a5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
999571
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1675
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-68b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTiQ8adlfsLhulfbTVuzDh0njZmxmOOFj8Ty2PzV8FG3w%2BQog4ioxlgSAisWVgxKfMHgH9egFjAyDDHUQfF19TpUO4386tqsCPgRI1QQ%2BBUcN%2Bqjp0%2F%2B%2F4J6TL%2FU7mvSvtihjqIw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa82a711c8a-AMS
expires
Sun, 14 May 2023 12:20:23 GMT
2.png
gdz.fun/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdz.fun/img/2.png
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5621b1145fb2f42e5c394f47d3446150e5f463c38f90727c5aba4652000e503

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
723081
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2433
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEgFg6FPqYbzQuVAvwkmZ2eb7yDI1lnkg30P8pd6UxPTfpFUe8UrxrbcS%2F1o%2BstV5vC5DbsuEchajDNnlD7h2nuysXHERMRmpQjDOWk0EZajy%2Fy3NeZTLZP7BQaO4bAsL5zi%2FcZr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa82a731c8a-AMS
expires
Wed, 17 May 2023 17:08:33 GMT
3.png
gdz.fun/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdz.fun/img/3.png
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf8f6fc480553227663d734086fe1d999aabc7e7a3e1df3437b5607a8b58beff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
723081
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2489
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-9b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMX4syNBcjATAydHgb4mcCb49AD47BcL4qtiSWGcMOcZqVR6aQnVMcSzJEiFT1xGkYs2qz3t3oBur2W5zQeAujWJxxR1GR3r6Vf8SHDRm6bfKK3PPyZo2%2BA%2Fumu7d5zapxU6RE%2F5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa82a741c8a-AMS
expires
Wed, 17 May 2023 17:08:33 GMT
4.png
gdz.fun/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdz.fun/img/4.png
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6a0f1bd5c9d4d922b7abd16111f803453855e93927c1a52bd6b977856189b75

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1590673
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2176
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-880"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBJqJop87lzAz3lslEaWMV5zoA6kwTMTyjt3%2FmeLRx2Pqu19ROdrP8wO1ff99oGiS86BgIIwaWE5MMi1Y4%2FEepgbCOTVDc2hJom6h6xY%2B8THxEUtuJbtMvEp45walX1NcPolJ8qO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa82a751c8a-AMS
expires
Sun, 07 May 2023 16:08:41 GMT
5.png
gdz.fun/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdz.fun/img/5.png
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15068ce173b5f59720a278d34c5d8bf34ea304f9f07749c10f07773dfecdc116

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
723081
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2500
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-9c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASRww0inAe%2FpqPa3jpRg2xMF1lWnvHuah5gOhHEqlDYU2VbQBSqfFcmIXK%2Fg2jTP4EUh2J%2Fx8urPQ16GYDVCl3Y4w88%2Bs0zEX0e7ib42%2FnI%2FnAmoOQk7w2y4UKqYe6naG%2FcIL714"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa82a761c8a-AMS
expires
Wed, 17 May 2023 17:08:33 GMT
6.png
gdz.fun/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdz.fun/img/6.png
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d61c7a0eb55637e24d168b7c74fe513992fbaa34b91b5567ee81f6f6e6e3687

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1498767
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2390
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-956"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIJPxiCMdhswQj6TXcbYKbl%2B%2FtsVQVQf4lzzXszHYVSF3ChXK7XIK4NAw1PrElZQOtahWMWBkLo%2FJnsOLuQthsOlXalUdMtQ0TkSyqkoCN7GvQNWMIHQQpZd%2BIhrDQ3LDTU34U6T"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa82a771c8a-AMS
expires
Mon, 08 May 2023 17:40:27 GMT
7.png
gdz.fun/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdz.fun/img/7.png
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f1f89123032d9a70ff9f5d98480062f69ac1a9e580a2bf6ac0eb3e38ac7e8c6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1498767
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2107
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-83b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GR1lVvDokblDhbIxB42pz2gGfWQpfSXUkh9qBIz6KqqoeGyo6n8gpVbtEq0bZ3xgaLL7IyvPFVQwwZLsj2%2BGqlA99EmbbZEiAwLZWR7L4s9o46G11BjepgQJrOCZpJL5hwN%2BRP0p"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa82a791c8a-AMS
expires
Mon, 08 May 2023 17:40:27 GMT
8.png
gdz.fun/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdz.fun/img/8.png
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d989782ba2e619a35b3379f514bcc66a773e09212318f126a688fa59f42c5852

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1498767
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2518
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-9d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNRoq9wCIpWweZ0PrMYku01NaZFq44i8whNkvkcY%2BKj3vlOWLmNHO7hq7xcjlauOOHN09uE3we9pavz0Z6CgLDMOBwO3gRlF26wC5xJdnA3Vlnrp4GTeoEalYTSzj9NdjVbRY0FE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa82a7a1c8a-AMS
expires
Mon, 08 May 2023 17:40:27 GMT
9.png
gdz.fun/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdz.fun/img/9.png
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9874a79199dea3848fa76aa85191a10bc396746b6f83b696038de72842bc7990

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1500907
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2346
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-92a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cf64tCotDlJTtpk4BWfE7C1%2BPXYBslO1WKTSggGUoIeHjnURQ1AWKJqJzs%2Bc8vJSBwJEA44WvwPVVvewFfghhtvGBwEo5q1wer3SCDHGodWazd1DjGahZvUlkbw9CR6zIharBNW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa82a7b1c8a-AMS
expires
Mon, 08 May 2023 17:04:47 GMT
10.png
gdz.fun/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdz.fun/img/10.png
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c3ed18d67e4991eab66a6c94eb46f9f5642770e6a63c3d9d8e8b93b554a721

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1498767
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3113
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-c29"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4tkgcKdXWrgx93%2B%2F64yU2AR1AgVuSmsSxTdPrq4ODHCGzHzFTp2CE%2BfXmbqDly8xxWNRlAnK7JdP1Skned910zUFel24MYAEoEFKUVkMhnPdtL4%2F3MueND69yeAhi5Hn8Pz8L2n"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa82a7c1c8a-AMS
expires
Mon, 08 May 2023 17:40:27 GMT
11.png
gdz.fun/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdz.fun/img/11.png
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db5d533abb20cd17fe6323f4202b9cf83b063ad023310bd3d88c5cbda077cd1b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1500907
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2290
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-8f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn1Vzqva9yXTv9s4pJOof%2Bos8KGCY0T3FoTQBC5y9vRkOHWiogmahv1j3QsgFKf9SLg2G2Y8BJUJfZEM7B6k%2FEmXD3LflwRGsv5errP0AdJL%2FNE74jW8OYTZgyQbslpjtlA7kLKu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa82a7e1c8a-AMS
expires
Mon, 08 May 2023 17:04:47 GMT
usocial.js
usocial.pro/usocial/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usocial.pro/usocial/usocial.js?v=6.1.4
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard / PHP/7.4.24
Resource Hash
b6cb38e7943cacaac857705ddf6e9534d8e60bf86006feea8a1737ddfa148ef9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Wed, 26 Apr 2023 01:59:54 GMT
content-encoding
br
server
ddos-guard
age
0
x-powered-by
PHP/7.4.24
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
ddg-cache-status
MISS
email-decode.min.js
gdz.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdz.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Apr 2023 16:29:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"643ec584-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRKJvDJsQhrHuEwTTBSB%2FbXd15q873Lej7bL6%2BBtumog5wn%2F5IJJTJpgGakdcjOFafQvzEMsI3ktoim5nQvvPHVZpHpsuPMOoLxjFYMJak2hBLw6RIXjgiTmqkkaofBM3gmpSpFc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7bdb3aa80a551c8a-AMS
expires
Fri, 28 Apr 2023 01:59:54 GMT
vendors.68325d94f2ede5da7840.js
gdz.fun/build/assets/js/ 		193 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9166fe3447219848f248c3bb9b052a948baf8b10713be00b9e1e89ebae15720

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
157207
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:14 GMT
server
cloudflare
etag
W/"63fca86e-3044d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlgpuzaIXGXjqyUK1m2X33xdS2%2B%2F8pNXeFJ%2F5JsC1UoN8wIdpbhtAHEjcxDwVjzZg5lpEXUHAPtpzlzygtAaZgfDugru%2BHMfeQEMw7fw5bDItJLKfoM%2B8CbyAs0ynz%2BvrEWBL5tE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7bdb3aa81a6b1c8a-AMS
expires
Wed, 24 May 2023 06:19:47 GMT
index.e4be5bb18d2ebbe3d3ec.js
gdz.fun/build/assets/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdz.fun/build/assets/js/index.e4be5bb18d2ebbe3d3ec.js
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eaec0b5d43c86d9c734fdbb6f6d2e393e0ee6905950396c37e30e84b915c277

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
157207
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:14 GMT
server
cloudflare
etag
W/"63fca86e-53dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meAmSC0H%2BJmKAFQ6bB48Fr8XOFiCrh2b%2Fu5sL0iIgYstrUrhv1z97aMTl3cjU9T0H0dE4CTgM0TlMgqRUN9Eycko6JGRkUcDsTy1ztWhpVp6awpJ5aozcqrHFdk3y0ARd8dRlnKx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7bdb3aa82a6d1c8a-AMS
expires
Wed, 24 May 2023 06:19:47 GMT
bg.png
gdz.fun/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdz.fun/img/bg.png
Requested by
Host: gdz.fun
URL: https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfcd684d3ded36f1cb5e4993cfd81df93dbdc969ac2540eb8257e30d33aaac4d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1023020
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7609
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-1db9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8sYa9gPGIaYinfSmu937GaYi5QLBjIxfFcSYshBwkfeqiqxXDjEfRrZvyLqDaIo80xb7Vsm%2B6QTG5eMlzQHdkRcOLAmREzp3pipkpQwK7cXCszgVhF79c10Q9AtTnbNAXmZ9c5X"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa83a7f1c8a-AMS
expires
Sun, 14 May 2023 05:49:34 GMT
arrow.png
gdz.fun/img/ 		215 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdz.fun/img/arrow.png
Requested by
Host: gdz.fun
URL: https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db1c23ec42a6bc60d10989af067dd619ca65f356f06d649b3cd4365abb59f4a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
150930
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
215
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqcmUDztX7%2FRsDa5rlQLEHEGX%2Bg7fJw2Ib2jW4pZ95QJkh1j%2Bx1qJwK3hc9T3ClJXiBtxwUSJS5O7bS5IhwCpU6qPMsVIrflgcIpCrPZ%2B%2FIR1uYNSMcsJHRyYU3%2BCPU5d9zzY5ze"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa83a811c8a-AMS
expires
Wed, 24 May 2023 08:04:24 GMT
PT_Sans-Narrow-Web-Regular.ttf
gdz.fun/build/assets/fonts/ 		217 KB
218 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdz.fun/build/assets/fonts/PT_Sans-Narrow-Web-Regular.ttf
Requested by
Host: gdz.fun
URL: https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7953b4c69887d13b8242512869243830ac5dd9f64d521736ec46b0f5e6208d1

Request headers

Referer
https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css
Origin
https://gdz.fun
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
157164
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
222568
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-36568"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o23%2Fqeon51A9ShabFZKY%2BJDgnXBRuYPgw0UdQdQd4xUYQrhKZIw2IjyltCUTpbPseXiVxM6C%2FnQdgmtbVevb80aj0P9kyVxBGW3fcFncYG2p7rSXqHmKhhaUpDTRTK56pyY0b6Ve"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa83a821c8a-AMS
expires
Wed, 24 May 2023 06:20:30 GMT
Roboto-Bold.ttf
gdz.fun/build/assets/fonts/ 		167 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gdz.fun/build/assets/fonts/Roboto-Bold.ttf
Requested by
Host: gdz.fun
URL: https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86

Request headers

Referer
https://gdz.fun/build/assets/css/index.d3d43097f717f714f44a.css
Origin
https://gdz.fun
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
157164
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
170760
pragma
public
last-modified
Mon, 27 Feb 2023 12:56:15 GMT
server
cloudflare
etag
"63fca86f-29b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDA%2FcyE6jhVih0y0wY0vmmsUsnlXZ9ES%2BO3%2BEbzuVFayJWq3H0E6%2FgskGnJ88OtFzZq3riNgqDqmup0XmzBsuaeMtJWsD%2FHB8RPCyZj6Mr0ql5mW5%2Bnk1MFFfu6bexd%2FNul%2FfxRP"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bdb3aa83a831c8a-AMS
expires
Wed, 24 May 2023 06:20:30 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/ 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19a908879f3864fd314b86f1f0f3492f1c128b4a81d0b12a84d5759940a1584b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121803
x-xss-protection
0
server
cafe
etag
2569155654931419017
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 26 Apr 2023 01:59:54 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/ Frame D140 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gdz.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
27482
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:21:52 GMT
etag
2378337311435320485
expires
Tue, 09 May 2023 18:21:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.js
gdz.fun/media/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdz.fun/media/index.js?1677502575
Requested by
Host: gdz.fun
URL: https://gdz.fun/build/assets/js/index.e4be5bb18d2ebbe3d3ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d031f464130ac6bd181b343bbcf8df9aa8bfd843b65946f8f34a3b8c1e63ef19

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1101
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Tue, 07 Sep 2021 06:24:27 GMT
server
cloudflare
etag
W/"6137059b-124c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5idGIepOfSnlAcGVkQTJIP4YLlGl7L0aVj%2FqnzZWRz5I13%2BV9LxC81gx4oaqmgDeYIk7IogQ37Fq7xp%2FgqrSU6dY7nXg%2FoiTFwIng0g7Ywoz91RLZtx4Ku%2FlhW52Jc2W8Nr6BC0%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
https://gdz.fun https://bazr.ru https://advideo.ru
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7bdb3aa8cac61c8a-AMS
expires
Wed, 26 Apr 2023 02:03:21 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//gdz.fun/;0.46614029271528534
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//gdz.fun/;0.46614029271528534
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//gdz.fun/;0.46614029271528534
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:55 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Mon, 25 Apr 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:55 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//gdz.fun/;0.46614029271528534
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Mon, 25 Apr 2022 21:00:00 GMT
0.8511791347442892
mc.gdz.work/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.gdz.work/0.8511791347442892?e=eyJ0eXBlIjoiaGl0IiwiZGF0YSI6W119&u=https%3A%2F%2Fgdz.fun%2F
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.191.197.56 , Russian Federation, ASN42244 (ESERVER, SK),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:55 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usocial.share.js
usocial.pro/usocial/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usocial.pro/usocial/usocial.share.js?js=7.1.5
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/usocial.js?v=6.1.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
334cda11e7aa1e23faad3fb7eb37ec5a54c98e54291f4faa30aa4bd97db88e15
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Wed, 26 Apr 2023 01:59:14 GMT
content-encoding
br
age
41
content-length
10816
last-modified
Fri, 29 Jan 2021 14:35:50 GMT
server
ddos-guard
etag
"60141d46-9c68"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
ddg-cache-status
HIT
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=300, public
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cookie.js
partner.googleadservices.com/gampad/ 		381 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=gdz.fun&callback=_gfp_s_&client=ca-pub-2891046647766967
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
667ac755297c00a4569a9fd997711e6e6089f5d655c89d09ac1d51221cac4d65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=gdz.fun
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gdz.fun
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F886 		250 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&adk=1812271804&adf=3025194257&lmt=1682474395&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_r&format=0x0&url=https%3A%2F%2Fgdz.fun%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394924&bpp=5&bdt=221&idt=110&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1432878275718&frm=20&pv=2&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=128
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb5d3f03e20e79e5bc85d05308a0e1be2aa18ac84b79348ed5817a01587598ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gdz.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
56237
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 01:59:55 GMT
expires
Wed, 26 Apr 2023 01:59:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
data.json
gdz.fun/media/ 		17 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gdz.fun/media/data.json
Requested by
Host: gdz.fun
URL: https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
a9c404b6b915758ccf256401134c07f48b7cd818f9dccf7518daf98dc2df535e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://gdz.fun/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.0.33
x-ratelimit-remaining
59
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D20QKVRpqv%2B0FSLQmBql1MQKwSgFyrOMNFSZ8CcQ0kXd%2Fjg9DvruA%2BulTaCSLdIsoR4K0fLGy2ZUfjhTseZAyWuSlfz56s0tE8DhZeEnreYi364rDbzPN1%2FP5U6%2B4byVx9xIZNn8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
max-age=1800, public
x-ratelimit-limit
60
cf-ray
7bdb3aa92b041c8a-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 26 Apr 2023 02:29:55 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5315 		88 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394929&bpp=2&bdt=225&idt=137&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w8zK71kQ0u&p=https%3A//gdz.fun&dtd=140
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce8c122f3d6499c8a07b5b0ba900e95a13f1399a11c5af87102a152a033a8e41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gdz.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
32557
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 01:59:55 GMT
expires
Wed, 26 Apr 2023 01:59:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
uscl.css
usocial.pro/usocial/css/ 		397 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://usocial.pro/usocial/css/uscl.css?v=7.1.5
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
1a875e0abd8b4a044ca48094a7e067a52388c0d022efbe77d995af2f1b26bce8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Wed, 26 Apr 2023 01:57:51 GMT
content-encoding
br
age
124
content-length
26246
last-modified
Tue, 04 Feb 2020 13:54:50 GMT
server
ddos-guard
etag
"5e3977aa-6335e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
ddg-cache-status
HIT
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=300, public
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
uscl.woff2
usocial.pro/usocial/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://usocial.pro/usocial/fonts/uscl.woff2?n2tjsc
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/css/uscl.css?v=7.1.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
485e3c6dee567f7280fa8a0224612e00bfb502cc239e175deda45147339aba40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://usocial.pro/usocial/css/uscl.css?v=7.1.5
Origin
https://gdz.fun
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
age
0
content-length
6839
last-modified
Mon, 29 Mar 2021 13:57:09 GMT
server
ddos-guard
etag
"6061dcb5-1aa0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
ddg-cache-status
MISS
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=300, public
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		213 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8f0f56344362696c76f83dea699bb8faa81830d16a3bcf3250a49b40d31b9e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
40436
x-jsd-version
1.269.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230100-FRA, cache-bma1652-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"3555d-StYezTX7IGqidM7BkrBhk1pf6ek"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGq7lBvF0SpHv160I3kNKijJC0j6adLgjAp67t3P1fqgnXrmD%2FX0be58HCie5ArVsVxbPlq46YJvL6WRALkUJ%2BmijFVE1jBzXkNzBYiqPtbJ%2Fad9uw5ukrmo53G8gzGp10gbyrHYwIXgKOFX8QA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7bdb3aa9bd170bdb-AMS
share.php
vk.com/ 		21 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&index=0&url=https://gdz.fun/&callback=uSocialShare.uShare.CallbackRegistry.cb668727
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-132-240-87.vk.com
Software
kittenx / KPHP/7.4.113707
Resource Hash
a349ff483262fec531ee2cc40ab8db69c967ee32ff16e2508b4fda2d9a5b4ea7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-frontend
front224005
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.113707
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
41
dk
connect.ok.ru/ 		11 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.ok.ru/dk?st.cmd=extLike&tp=json&ref=https://gdz.fun/
Requested by
Host: gdz.fun
URL: https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.20.155.208 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
ip208.155.odnoklassniki.ru
Software
apache /
Resource Hash
6aea6dfe6561984cdc5c54ead84d47d2cf29e48253ae282aef237404adad4661
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security max-age=63072000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-security-policy
default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000;includeSubdomains;preload
content-encoding
br
content-security-policy-report-only
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
rendered-blocks
WidgetExtLike
x-xss-protection
1; mode=block
pragma
no-cache
server
apache
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
share_count
connect.mail.ru/ 		61 B
683 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.mail.ru/share_count?url_list=https://gdz.fun/&callback=0&func=mail&callback=uSocialShare.uShare.CallbackRegistry.cb002339
Requested by
Host: usocial.pro
URL: https://usocial.pro/usocial/usocial.share.js?js=7.1.5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.100.180.54 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
connect.mail.ru
Software
nginx /
Resource Hash
52c08cdea4207c2e87bcd2989fa162051da50f790c2a818eed709290a3a66cc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:55 GMT
x-content-type-options
nosniff
Server
nginx
x-webkit-csp-report-only
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
x-frame-options
DENY
Content-Type
text/javascript; charset=UTF-8
p3p
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
cache-control
no-cache, no-store, must-revalidate, private
x-envoy-upstream-service-time
18
Connection
keep-alive
Content-Length
61
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
shares
usocial.pro/data/ 		38 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://usocial.pro/data/shares?providers=fb,twi,telegram&url=https://gdz.fun/
Requested by
Host: gdz.fun
URL: https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
ddos-guard.net
Software
ddos-guard / PHP/7.4.24
Resource Hash
c82a52cc2f5542e0c0390f2d4c0e3be7147fcdfcffcd946e556e4dbfb128ba04
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
server
ddos-guard
x-powered-by
PHP/7.4.24
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
advideo_init.js
cdn.advideo.ru/videocontent/global/js/v2/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advideo.ru/videocontent/global/js/v2/advideo_init.js?playlistId=35603
Requested by
Host: gdz.fun
URL: https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.218.210.133 Moscow Oblast, Russian Federation, ASN42244 (ESERVER, SK),
Reverse DNS
dcw-unknown.maxhost.ru
Software
nginx/1.18.0 /
Resource Hash
c38471abe21fcd667fb3e2328a6f035ae3cb2da69e4135ccca98172c5870e1d0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
last-modified
Mon, 17 Oct 2022 18:42:14 GMT
server
nginx/1.18.0
etag
W/"634da206-99e4"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=86400
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 27 Apr 2023 01:59:55 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=gdz.fun
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gdz.fun
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7626 		207 KB
87 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=475&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n9dsm1Cj9l&p=https%3A//gdz.fun&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a12200caff3678257611ab2f2ebce7457908f65c86fd7b072c0a34cda86c0486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gdz.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
88820
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 01:59:55 GMT
expires
Wed, 26 Apr 2023 01:59:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9549 		91 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac6c952c4e7c16886bd57b9bef455ab3b231baf11c6cba5d86e6c640e6efd9a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gdz.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
33834
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 01:59:55 GMT
expires
Wed, 26 Apr 2023 01:59:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6E16 		16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8eb36aa538bda31b8d6ab392d62f8ba23e0dd6aa0a5a28a5f410761dcc58e269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gdz.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
7005
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 01:59:55 GMT
expires
Wed, 26 Apr 2023 01:59:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%...
264 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A0%3Als%3A692608824490%3Ahid%3A40051811%3Az%3A0%3Ai%3A20230426015955%3Aet%3A1682474395%3Ac%3A1%3Arn%3A132894317%3Arqn%3A1%3Au%3A1682474395665542776%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A12%2C37%2C148%2C1%2C0%2C0%2C%2C304%2C2%2C%2C%2C%2C503%3Aco%3A0%3Acpf%3A1%3Ans%3A1682474394504%3Ast%3A1682474395&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
325d787e2ad0665404b0e458592286f46bec3e4337d31f6060fb651da33af292
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 26-Apr-2023 01:59:55 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gdz.fun
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
264
x-xss-protection
1; mode=block
expires
Wed, 26-Apr-2023 01:59:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:55 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 26-Apr-2023 01:59:55 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A0%3Als%3A692608824490%3Ahid%3A40051811%3Az%3A0%3Ai%3A20230426015955%3Aet%3A1682474395%3Ac%3A1%3Arn%3A132894317%3Arqn%3A1%3Au%3A1682474395665542776%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A12%2C37%2C148%2C1%2C0%2C0%2C%2C304%2C2%2C%2C%2C%2C503%3Aco%3A0%3Acpf%3A1%3Ans%3A1682474394504%3Ast%3A1682474395&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://gdz.fun
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 26-Apr-2023 01:59:55 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 21 Apr 2023 13:01:10 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64425ee6-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 26 Apr 2023 02:59:55 GMT
1
mc.yandex.ru/watch/53858797/
Redirect Chain
  • https://mc.yandex.ru/watch/53858797?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
  • https://mc.yandex.ru/watch/53858797/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala...
454 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/53858797/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1046595670496%3Ahid%3A40051811%3Az%3A0%3Ai%3A20230426015955%3Aet%3A1682474395%3Ac%3A1%3Arn%3A213384196%3Arqn%3A1%3Au%3A1682474395665542776%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A12%2C37%2C148%2C1%2C0%2C0%2C%2C304%2C2%2C%2C%2C%2C503%3Aco%3A0%3Acpf%3A1%3Ans%3A1682474394504%3Arqnl%3A1%3Ast%3A1682474395%3At%3A%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
3c9056c90fad4a64c9a58d50fd5adc87628dc7ab4ab950aeb1fb8c10ba89d16e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 26-Apr-2023 01:59:55 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gdz.fun
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
454
x-xss-protection
1; mode=block
expires
Wed, 26-Apr-2023 01:59:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:55 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 26-Apr-2023 01:59:55 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/53858797/1?wmode=7&page-url=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73idgcr0qjmn%3Afp%3A419%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1046595670496%3Ahid%3A40051811%3Az%3A0%3Ai%3A20230426015955%3Aet%3A1682474395%3Ac%3A1%3Arn%3A213384196%3Arqn%3A1%3Au%3A1682474395665542776%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A12%2C37%2C148%2C1%2C0%2C0%2C%2C304%2C2%2C%2C%2C%2C503%3Aco%3A0%3Acpf%3A1%3Ans%3A1682474394504%3Arqnl%3A1%3Ast%3A1682474395%3At%3A%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://gdz.fun
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 26-Apr-2023 01:59:55 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/reactive_library_fy2021.js?bust=31074087
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ae8b0633d345429a3ef469bfaef071ef2b7fa51a35fb79b2d6f4122654aa839
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51704
x-xss-protection
0
server
cafe
etag
14236378454114364518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Apr 2023 01:59:55 GMT
css
fonts.googleapis.com/ Frame 5315 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394929&bpp=2&bdt=225&idt=137&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w8zK71kQ0u&p=https%3A//gdz.fun&dtd=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 01:20:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Apr 2023 01:59:55 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 5315 		2 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394929&bpp=2&bdt=225&idt=137&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w8zK71kQ0u&p=https%3A//gdz.fun&dtd=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:42:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
33457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:42:18 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 5315 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394929&bpp=2&bdt=225&idt=137&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w8zK71kQ0u&p=https%3A//gdz.fun&dtd=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:42:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
33457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8535
x-xss-protection
0
server
cafe
etag
13968503839060854674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:42:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 5315 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394929&bpp=2&bdt=225&idt=137&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w8zK71kQ0u&p=https%3A//gdz.fun&dtd=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
25871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:48:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 5315 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394929&bpp=2&bdt=225&idt=137&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w8zK71kQ0u&p=https%3A//gdz.fun&dtd=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 21:21:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 21:21:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5315 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394929&bpp=2&bdt=225&idt=137&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w8zK71kQ0u&p=https%3A//gdz.fun&dtd=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49532
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682335668691775"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 01:59:55 GMT
f8970ecc2196f374e9d99027c476dd6b.js
www.gstatic.com/mysidia/ Frame 5315 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394929&bpp=2&bdt=225&idt=137&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w8zK71kQ0u&p=https%3A//gdz.fun&dtd=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 05:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13747
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 02:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 05:50:21 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5315 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cpj-ym4VIZIncBYKE3wO-3YmQBrqH1e9vu_OW_ZsR29keEAEg9IXYe2CRBKABuLXA2gPIAQmpApTVy4l-aLI-qAMByAPLBKoErwFP0BnMonKzJFbLiSdVDDB-AOpyWplITgESDd6MvkSmp5xndr3WdQDiaOCfOuS1XgOnxPANvB624sPEzeiXSuGSpuqeF5vBHGZRcOUx4-m_Sq5sOl0n4JCZpqcz35jUqzAc336nSBrDrrPZJdDBQrLA_H3bAUptIxMgx-65EXKK1YkRJNbIo11XButtjACRoH069KbMspGBY45mLPqkmw1FG_nLnxCFxUJZzwskMzCgwAT0hpvRuASSBQQIBBgBkgUECAUYBKAGLoAHsMq_JagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL76FNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi0yODkxMDQ2NjQ3NzY2OTY3GAA&sigh=JxvKLPILh4k&uach_m=[UACH]&cid=CAQSGwBygQiDFgxO7BThT-2ALPwEU99OBb9rDkLeIhgB&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394929&bpp=2&bdt=225&idt=137&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w8zK71kQ0u&p=https%3A//gdz.fun&dtd=140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394929&bpp=2&bdt=225&idt=137&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w8zK71kQ0u&p=https%3A//gdz.fun&dtd=140
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Apr 2023 01:59:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 26 Apr 2023 01:59:55 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/941282118301089673/ Frame 5315 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/941282118301089673/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394929&bpp=2&bdt=225&idt=137&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w8zK71kQ0u&p=https%3A//gdz.fun&dtd=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02264561e0deeeb5ba56e7ee299b47363af979868cc68c9e08f620471d6f5160
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 06:37:41 GMT
x-content-type-options
nosniff
age
242534
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31237
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 11:06:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 22 Apr 2024 06:37:41 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=gdz.fun
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gdz.fun
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/ Frame 66DC 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gdz.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
37692
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 15:31:43 GMT
etag
2378337311435320485
expires
Tue, 09 May 2023 15:31:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/ Frame 9AFB 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gdz.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
37692
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 15:31:43 GMT
etag
2378337311435320485
expires
Tue, 09 May 2023 15:31:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 66DC 		6 KB
768 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 00:43:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Apr 2023 01:59:55 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 66DC 		2 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:42:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
33457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:42:18 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 66DC 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:42:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
33457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8535
x-xss-protection
0
server
cafe
etag
13968503839060854674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:42:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 66DC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
25871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:48:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 66DC 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 21:21:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 21:21:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 66DC 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49532
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682335668691775"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 01:59:55 GMT
f8970ecc2196f374e9d99027c476dd6b.js
www.gstatic.com/mysidia/ Frame 66DC 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 05:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13747
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 02:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 05:50:21 GMT
css
fonts.googleapis.com/ Frame 9AFB 		4 KB
718 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
12a3831e778d8969aad8052ad463f9ecc63745c97c994c4e8b15c04e46f49b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 00:00:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Apr 2023 01:59:55 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 9AFB 		2 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:42:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
33457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:42:18 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9AFB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CM7iqm4VIZIL4BIqOrASI0ZfgBN-o_Z9wtPOMwYERq_bz_QgQASD0hdh7YJEEoAHu7YyNKcgBCagDAcgDywSqBK8BT9CFf8xOu3Yy8HxfDdjzotWTvjoRAQXruAMVqBvpUlRGu9wsmVOVoqr4SAH-Q6TetLFB7WA6kYtXNvfPyPLIV2bX-JCuPxGy_XHfBQNdYGhbfN2MJD7gPwAYPBKAMlSwwHHRK5bAYrg6kioyQQT0QhmNSd1UGH6YU8XIJTwCwr5h0chVRkrMUMaVBAe-GUwNRhrviT1K7MkCXjMUzkDIrM3JSFiChX5Y85Pr0EtXn8AE8qLSta0EkgUECAQYAZIFBAgFGASgBi6AB-6l3ewDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQzLcF0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTI4OTEwNDY2NDc3NjY5NjcYAA&sigh=r8gCL6RmsqQ&uach_m=[UACH]&cid=CAQSGwBygQiDFfAptwEa-UPUeWvDSlYD31IXyOfrexgB&template_id=484
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Apr 2023 01:59:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 9AFB 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:42:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
33457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8535
x-xss-protection
0
server
cafe
etag
13968503839060854674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:42:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 9AFB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
25871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:48:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 9AFB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 21:21:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 21:21:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9AFB 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49532
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682335668691775"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 01:59:55 GMT
f8970ecc2196f374e9d99027c476dd6b.js
www.gstatic.com/mysidia/ Frame 9AFB 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 05:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13747
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 02:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 05:50:21 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/2290063742592846136/ Frame 9AFB 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2290063742592846136/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92828518e4015579cf8d7101dfe0ed9e170d6ad09d75768766c3adb0c68fd771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 19:39:53 GMT
x-content-type-options
nosniff
age
282002
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49919
x-xss-protection
0
last-modified
Thu, 06 Apr 2023 13:48:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Apr 2024 19:39:53 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/13663426464614587941/ Frame 9AFB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13663426464614587941/14763004658117789537?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d393f388ed2427ea59cea2ccec0b4110fa50093cfdc04f9b6a3f08bc0fbf543c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 15:39:00 GMT
x-content-type-options
nosniff
age
296455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5453
x-xss-protection
0
last-modified
Wed, 12 Apr 2023 19:09:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Apr 2024 15:39:00 GMT
ping
stat.advideo.ru/ 		8 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.advideo.ru/ping?showplaylistId=35603&rnd=503
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.213.168 , Russian Federation, ASN42244 (ESERVER, SK),
Reverse DNS
mail.small-games.info
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.16.1
content-type
text/html;charset=utf-8
statistics
faststat.advideo.ru/ 		2 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://faststat.advideo.ru/statistics?event_type=code_load&url=https%3A%2F%2Fgdz.fun%2F&playlist_id=35603&uid=f7b34ae1-ac4c-4547-b788-bf9a47fd967e&rnd=117
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.213.170 , Russian Federation, ASN42244 (ESERVER, SK),
Reverse DNS
space1.unassigned.ru.eserver.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
access-control-allow-credentials
true
server
nginx/1.16.1
content-length
2
content-type
text/plain; charset=utf8
init
bazr.ru/videocontent/global/js/v2/ 		1 KB
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bazr.ru/videocontent/global/js/v2/init?playlistId=35603&v=4.0.3&dvc=d&d
Requested by
Host: gdz.fun
URL: https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.212.115 , Russian Federation, ASN42244 (ESERVER, SK),
Reverse DNS
cdn.bazr.ru
Software
nginx/1.16.1 /
Resource Hash
4670fc4946c7edfb3c0358e0385a76f25cdb2cf97daf4396bb9b7fe2a16fb2d8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
last-modified
Thu, 01 Oct 2020 08:12:32 GMT
server
nginx/1.16.1
etag
W/"5f758f70-4e4"
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
truncated
/ Frame 5315 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6eed350b130e97a4239a9faf760ff20773157a3d7770ae42b83fd90155366827

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9984.5cdiqFwcQ_OlImp11D5Fi2JlADjxdJQp_wpzUB7tQ6NGfLfpCxSz7KakCD3oTLQM.TwKvTG1L0pKvE0_2YORVPqXzWNk%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9984.4PS5xaj0_IKDr1jm1ohpHwQJWZecZA7ZTiWdAd5JypbPUJ7crcNJMovFbkjW6VgSvZCCZEIHQ6IHwaH5NlR8U50iO5AwsBawWEwXlLxEi4WeGZlhlgMFjscir3rD9Xu-CjjVxn2cn...
43 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9984.4PS5xaj0_IKDr1jm1ohpHwQJWZecZA7ZTiWdAd5JypbPUJ7crcNJMovFbkjW6VgSvZCCZEIHQ6IHwaH5NlR8U50iO5AwsBawWEwXlLxEi4WeGZlhlgMFjscir3rD9Xu-CjjVxn2cnGpgDW-mu66fedFF4QonpPOiWNq1X4KbUd7igZHH5wa1opP88LM7skFbkOjomwl0VZmSaS-x6yvpThU2XBEICjJDs3XE9Bqw9vw%2C.qdQ7n-FSGLeooOKFjZRQZh_rRYc%2C
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H2
Server
154.47.36.202 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9984.4PS5xaj0_IKDr1jm1ohpHwQJWZecZA7ZTiWdAd5JypbPUJ7crcNJMovFbkjW6VgSvZCCZEIHQ6IHwaH5NlR8U50iO5AwsBawWEwXlLxEi4WeGZlhlgMFjscir3rD9Xu-CjjVxn2cnGpgDW-mu66fedFF4QonpPOiWNq1X4KbUd7igZHH5wa1opP88LM7skFbkOjomwl0VZmSaS-x6yvpThU2XBEICjJDs3XE9Bqw9vw%2C.qdQ7n-FSGLeooOKFjZRQZh_rRYc%2C
date
Wed, 26 Apr 2023 01:59:55 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
truncated
/ Frame 9AFB 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
184c7a1c48929c7592bbb6525e0aa5d43199d6fb4ff8a6929abec51558513f94

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5315 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:22:44 GMT
x-content-type-options
nosniff
age
329831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:22:44 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5315 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 21:11:38 GMT
x-content-type-options
nosniff
age
276497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 21:11:38 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5315 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:07:20 GMT
x-content-type-options
nosniff
age
330755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:07:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5315 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:10:15 GMT
x-content-type-options
nosniff
age
330580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:10:15 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5315 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:23:20 GMT
x-content-type-options
nosniff
age
329795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:23:20 GMT
277411667247646369
tpc.googlesyndication.com/simgad/ Frame 9549 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/277411667247646369?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmQvZQT23R2h40Nt_K_L_xXtFYXVQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4fb73fe08bfa7e2bf722a80312db681eef2bcd241752f5a5e98adb1da5fc863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 23:17:48 GMT
x-content-type-options
nosniff
age
268927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81962
x-xss-protection
0
last-modified
Tue, 21 Mar 2023 05:52:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Apr 2024 23:17:48 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 9549 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:42:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
33457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8535
x-xss-protection
0
server
cafe
etag
13968503839060854674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:42:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 9549 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
25871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:48:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 9549 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 21:21:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 21:21:45 GMT
l
www.google.com/ads/measurement/ Frame 9549 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSf9ql5WATvQhKGHwLlvaIy2jCAfbCbJhlAqTOllQusvbDn27LhLsX-DQTD7_UPh6A2WjTkfg8z1i3_4xoZix9mwgQFdg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9549 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49532
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682335668691775"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 01:59:55 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 9549 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e4e65e7db3c40d4bb9c16f3e85e1e7ed107d564d25c56e3170b38da5460506f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 22:10:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
13786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13160
x-xss-protection
0
server
cafe
etag
2897017380701680925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 22:10:09 GMT
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame 86D0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&adk=4059467728&adf=1666180184&pi=t.aa~a.3268156040~rp.2&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&to=qs&pwprc=3607707294&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474394929&bpp=2&bdt=225&idt=137&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=w8zK71kQ0u&p=https%3A//gdz.fun&dtd=140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
97725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Apr 2024 22:51:10 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9549 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C0NaBm4VIZLDpDJfe3wPSrIHIB8aShp5w64XZ0o8RwNzx6Y8OEAEg9IXYe2CRBKAB1IiRlCnIAQKoAwHIA8kEqgS3AU_QNZdwFUOJf4lV0L12dOyOBes1-ceX26zr1gvgmMtSg-uWEoiZeCUKTOTL70Ea3YVJbiOi5bjiATH7FFxUjSkoNBcenIMsW_vkmIggyIwyf5rfbHdDs7ykL0a6NbFodeD03ZJLVEQzZeeO-sLARwANYomST99k3r8n2Ixj8zlO6oJEPmCGsxg-o2GdWsZKAWFryS9WBkMQOMCLGpH0Mddi7tYGVIU15zKfsbEMsjHrIvmv0EKGhsAEjbXUsKQEkgUECAQYAZIFBAgFGASgBgKAB9TA4fMDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQlJ8D0ggSCIjhgBAQARgfMgOqggE6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTI4OTEwNDY2NDc3NjY5NjcYAA&sigh=bNGabJ0bs8Q&uach_m=[UACH]&cid=CAQSPgBygQiD01YH6K0hKEHX_lBwUq-UooEHBBGPkdwCoVCuHwPZdP1girZparTryflUk6--cWMr41Kdeu60AC7XGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Apr 2023 01:59:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
2076313506083323656
tpc.googlesyndication.com/simgad/9526011595763383143/ Frame 66DC 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9526011595763383143/2076313506083323656
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb03ec5bba48b7c99c2965e9059a2fd9d7680a37a54531f4dd2322a1b0eff115
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 17:55:04 GMT
x-content-type-options
nosniff
age
201891
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24971
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 22:09:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 22 Apr 2024 17:55:04 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/10021709161256309126/ Frame 66DC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10021709161256309126/14763004658117789537?w=100&h=100
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fe4b186de87b21d9f395c8f5a129ebdf0e1ba24a24e224f4f1b07c2332eb681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:17:23 GMT
x-content-type-options
nosniff
age
294152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1889
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 23:52:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Apr 2024 16:17:23 GMT
truncated
/ Frame 66DC 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 66DC 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94ba5e516e2757bd07e089f68695fbfb59021ec6912fc8b6ddb58049d63c9e36

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame C2B5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
97725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Apr 2024 22:51:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E16 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ClI4_L8hAAv7ZoTxg6CdWSIam8544vcKvaHWDtmqRp5Aaz3dqMUHwVZyd3pbbqOX_EKaeUG1SNPMSathzydJOfnwfmCZdR_iiQA9tU9nFsGkIcWrI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E16 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15974424180726988701&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6E16 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 26 Apr 2023 01:59:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 6E16 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
25871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 18:48:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 6E16 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 21:21:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 21:21:45 GMT
l
www.google.com/ads/measurement/ Frame 6E16 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQB88aAVEgAqkwEfvYxXFtCJsg7-ecgS241RKe-dSBS7pp3E1G4ktMBGswkFMV57Sb8MHbBOihNE57ge6LmvqcbKETcVg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6E16 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49532
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682335668691775"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 01:59:55 GMT
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame DC9E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
97725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Apr 2024 22:51:10 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 66DC 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CAUw9m4VIZIH4BIqOrASI0ZfgBN-n35Vwm43ts8cRv-iivcABEAEg9IXYe2CRBKABmqvisinIAQmoAwHIA8sEqgSxAU_QHFFsrWfsUmsCMbRhF6Dui7Zd2d_ESb9DkQKbk1PwRxCeybfl4kQAqs4CxeE_svMuLff1T8bAXHjt6Wvjplvc5CWXJs-oBrx67QZz-d-mbMLSZm-TAsqSsUzzbiouh9i2m5lAUnlu8FCcE0Fa2-iFoQRhlcnp2nudreIVuh1xpUq4Iw1HxRXX-3R_ouYpC0JhMsQEQhpFTRX4t1BRIbXjeTdwI9ChYCbIn4e_IpNjdcAEjpe1xJ0EkgUECAQYAZIFBAgFGASgBi6AB5rjspIEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQtXrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw3QFQGAFwGyFxwKGggAEhRwdWItMjg5MTA0NjY0Nzc2Njk2NxgA&sigh=llr63K7l7BU&uach_m=[UACH]&cid=CAQSGwBygQiDFfAptwEa-UPUeWvDSlYD31IXyOfrexgB&template_id=484&vis=1
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Apr 2023 01:59:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5109 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLmOyQEQ35zRARiDjrTiATAB&v=APEucNWnTeTrYdOCALGBZMMDAtBXD5q2gakPbALcbmMpPfQNtcSycg_OJJTb1emeU6j8t2JKp2nxbNvTWQ5wzGYuNjAvqEClgW8hGXZBMmgOVTC7IE_A4lckWxI4LM6LPY7WbFfN1O8mLlmj7W_0-3ZBf-Br0eRMivkULPyeUyH_0z49KEaDYkg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 01:59:55 GMT
expires
Wed, 26 Apr 2023 01:59:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2EAB 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
2290
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 01:21:45 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9549 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc87446f5df4011ee3c15b25c68235339b42888f3291ec316ecf54a1e7860bf0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
player
bazr.ru/ Frame 36A9 		25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bazr.ru/player?playlistId=35603&v1.0.1.1
Requested by
Host: cdn.advideo.ru
URL: https://cdn.advideo.ru/videocontent/global/js/v2/advideo_init.js?playlistId=35603
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.212.115 , Russian Federation, ASN42244 (ESERVER, SK),
Reverse DNS
cdn.bazr.ru
Software
nginx/1.16.1 /
Resource Hash
ae36ff0ed37e7a4009c394da3cc89cef186ff91f743fd4246657eedc299a97c7

Request headers

Referer
https://gdz.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 26 Apr 2023 01:59:55 GMT
server
nginx/1.16.1
stkan_adv.js
cdn.advideo.ru/videocontent/global/js/v2/4.0.3/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advideo.ru/videocontent/global/js/v2/4.0.3/stkan_adv.js?v3.0.4
Requested by
Host: cdn.advideo.ru
URL: https://cdn.advideo.ru/videocontent/global/js/v2/advideo_init.js?playlistId=35603
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.218.210.133 Moscow Oblast, Russian Federation, ASN42244 (ESERVER, SK),
Reverse DNS
dcw-unknown.maxhost.ru
Software
nginx/1.18.0 /
Resource Hash
fbf0a830afe254a99c79b62c2cad9dc1e82697d2db8478ad4663a4f33e1272c8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
gzip
last-modified
Mon, 17 Oct 2022 18:42:12 GMT
server
nginx/1.18.0
etag
W/"634da204-649a"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=86400
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 27 Apr 2023 01:59:55 GMT
rum
dsum-sec.casalemedia.com/ Frame 5109
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyixxKzcVHdNQwF5clOyF8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyixxKzcVHdNQwF5clOyF8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLmOyQEQ35zRARiDjrTiATAB&v=APEucNWnTeTrYdOCALGBZMMDAtBXD5q2gakPbALcbmMpPfQNtcSycg_OJJTb1emeU6j8t2JKp2nxbNvTWQ5wzGYuNjAvqEClgW8hGXZBMmgOVTC7IE_A4lckWxI4LM6LPY7WbFfN1O8mLlmj7W_0-3ZBf-Br0eRMivkULPyeUyH_0z49KEaDYkg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyixxKzcVHdNQwF5clOyF8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5109
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEiFm-rg8uU.BYE1v7uTdQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyixxKzcVHdNQwF5clOyF8&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyixxKzcVHdNQwF5clOyF8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLmOyQEQ35zRARiDjrTiATAB&v=APEucNWnTeTrYdOCALGBZMMDAtBXD5q2gakPbALcbmMpPfQNtcSycg_OJJTb1emeU6j8t2JKp2nxbNvTWQ5wzGYuNjAvqEClgW8hGXZBMmgOVTC7IE_A4lckWxI4LM6LPY7WbFfN1O8mLlmj7W_0-3ZBf-Br0eRMivkULPyeUyH_0z49KEaDYkg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIyixxKzcVHdNQwF5clOyF8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5109
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGdbdxVsSHHmRqfx3yooBRU&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGdbdxVsSHHmRqfx3yooBRU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLmOyQEQ35zRARiDjrTiATAB&v=APEucNWnTeTrYdOCALGBZMMDAtBXD5q2gakPbALcbmMpPfQNtcSycg_OJJTb1emeU6j8t2JKp2nxbNvTWQ5wzGYuNjAvqEClgW8hGXZBMmgOVTC7IE_A4lckWxI4LM6LPY7WbFfN1O8mLlmj7W_0-3ZBf-Br0eRMivkULPyeUyH_0z49KEaDYkg
Protocol
HTTP/1.1
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:55 GMT
AN-X-Request-Uuid
38759d3d-a16c-4281-a23e-601240263db7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
95.211.95.240; 95.211.95.240; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGdbdxVsSHHmRqfx3yooBRU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5109
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyMTI5MDE0ODA1OTY1OTYxMQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyMTI5MDE0ODA1OTY1OTYxMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLmOyQEQ35zRARiDjrTiATAB&v=APEucNWnTeTrYdOCALGBZMMDAtBXD5q2gakPbALcbmMpPfQNtcSycg_OJJTb1emeU6j8t2JKp2nxbNvTWQ5wzGYuNjAvqEClgW8hGXZBMmgOVTC7IE_A4lckWxI4LM6LPY7WbFfN1O8mLlmj7W_0-3ZBf-Br0eRMivkULPyeUyH_0z49KEaDYkg
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 26 Apr 2023 01:59:55 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
95.211.95.240; 95.211.95.240; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
59ff6785-db49-4ac7-957d-9a11850ed5d5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAyMTI5MDE0ODA1OTY1OTYxMQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304132133000/ Frame 148E 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=475&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n9dsm1Cj9l&p=https%3A//gdz.fun&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
118054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61827
x-xss-protection
0
server
sffe
etag
"1754d270d28e2ea6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 148E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=475&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n9dsm1Cj9l&p=https%3A//gdz.fun&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
118054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"8e65ad5048245435"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 148E 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=475&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n9dsm1Cj9l&p=https%3A//gdz.fun&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
118054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28942
x-xss-protection
0
server
sffe
etag
"73bf4bf39cc8fedd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 148E 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=475&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n9dsm1Cj9l&p=https%3A//gdz.fun&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e6a5449728ebfc51d230927f284d732366fc61d350d279b924ce91cdb79bc3d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:23 GMT
age
118052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16674
x-xss-protection
0
server
sffe
etag
"0a4cd60deb386a0e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:23 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 148E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=475&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n9dsm1Cj9l&p=https%3A//gdz.fun&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
118054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1921
x-xss-protection
0
server
sffe
etag
"f061d9295cdc41bd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 148E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=475&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n9dsm1Cj9l&p=https%3A//gdz.fun&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
118054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"8013fcb40cf8ec28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
truncated
/ Frame 148E 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbad4ff8fd5093b6c6942f79e915351cbfaa7ebf08783cf02748ed477cc7a84a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 148E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=475&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n9dsm1Cj9l&p=https%3A//gdz.fun&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 20:03:25 GMT
x-content-type-options
nosniff
server
cafe
age
21390
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3041
x-xss-protection
0
expires
Wed, 26 Apr 2023 20:03:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 148E 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=475&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n9dsm1Cj9l&p=https%3A//gdz.fun&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
44685
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 26 Apr 2023 13:35:10 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 148E 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Celpom4VIZMrrDMvN3wOZxL-oB6T0lphw7Y6Aw5kRz7e-z4gKEAEg9IXYe2CRBKABssPylAPIAQmpAh76_QS4Z7I-qAMByAMIqgTJAU_QUbSzvCORxz8efO1uUnJ85Zj2D-Q9gCjBg2UfIvK42m7W-i53hNdkpKjcqkUEALSh5Tn7JYQyxEcb7HTHnX-YNeusALD1vjdbdSl0eKa2HB6PAXYw2acGX_WypNddVihIiovLP-K2c-Vqf-PNh4a6_S5YqhC8lUMfMMmnr6JgxVC0k6bGY-9yF0uNKF7ByfoPOmf4FOxYAn0IWqTEQAdWLWg3W7JK7ZbeCXvFGrjUDi_O7de8nLdZV6aZiUMXlwZJMnxjI5N4L8AEwoW4kpYEkgUECAQYAZIFBAgFGASgBi6AB7a8jWuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCTkQ_SCBIIiOGAEBABGB8yA6qCAToCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjg5MTA0NjY0Nzc2Njk2NxgA&sigh=g82rozzUgVs&uach_m=[UACH]&cid=CAQSPgBygQiD3JiHcf8HWBbLqbdqqvxwv2S0vK-9CTaqjA22xPIWBDF8pC7ZOomTp21Y8x-VDfijg73YWSzV7DZ2GAE&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=475&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n9dsm1Cj9l&p=https%3A//gdz.fun&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=6416393715&adk=29863360&adf=1176961056&pi=t.ma~as.6416393715&w=900&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=900x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=475&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=465&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=n9dsm1Cj9l&p=https%3A//gdz.fun&dtd=6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Apr 2023 01:59:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 148E 		64 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc7e56f0ea00b0017573ee3530a8d6cd4e5b710a99af7a0ebeefda8c677cbd01

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E16 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1425214838058&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E16 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1425214838058&version=m202301230201&ct=76&x=1&cor=15974424180726989000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6E16 		71 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLH3u1tUrdUVmRbtTCHmRL3NW1hsHPkbjiek0JhIkkpBuxxfUcKUifp87xd12J6GJqq6xaNlsl-plL6tqxWvKgnfBxDw&cry=1&dbm_d=AKAmf-D4ol9d30_pFUwulKoNL3BvgdRDcGwyvechCFrbh8hwF9veZrXUWVpnz_mN1l7NILseyrLHUENkmlbf55a8tOq4OegFahFDG5qeG6N2J59Ce1Puv2MTDysuolha2TCFNN6huaop_rCeAm4pEQykapCGq-BEhTGuveisnEhs3xGeDbB8xuNUqEVNY2LwpqC35XWkWekuBj1EP4Di4geoErp7DsWV1I8zmDnNeugDTwhHGgUnWFnlLOF-F6bOp8szZuTpAi8Xwl8mfItNSovDSSRVnJybJEL2A1lJ5ahCMWyTG0sV5Sl7g_b-_O6sykKFRHL2Ed3I6onYaVSoVUDlk8tr6MCk4gjQCs7fwuRuYTwC6lgxtBsXNEdrwxQvCZ-EAJ2ks4E62GxMkQ_reNb6x3-V_OyIHzBd7-7ZRf7Q7bcmUtQL2-dHufuMFQS0SvsLbC6et-PTwPU1yH7rCyfXdwJY4nyDD76umGHohbLnLh157uMuop2PRpzVjdjYKC-E-laP7T8jZRVH5tJYf7eOsVynkxElf2uxl3_Ax8JbxLQOqe1lB-qojqt0hnNr_Gvu08-J-6Jgoo6_xAKxOzx2PmzY9AyFZe1e5kUByjkaolb3Umb28Cde7pv-kaLr0paXv7bk7xkaKmfcmWYuH_oTX6oUD6H0B3AGMTHFIj6QPUtctn4bqkzH8dqTnPCdaxo49dE1fu9xy2_caUwta7Fqdg2PuPkrpwjQmYAM8jLLaK9KeWpY0gil09O9zhx8L0eusn1IQxFyS7FW7eL8D27JD2pAbjzkuDtOp3C4xSdlERlXXCmDItUbCXt5bOv_wPUJCaiwBA8KRnlI32R0OM-nRyYUCyXISA2EdTJOciwNjAr7DlLKZgvDd5GmAWbSbqmy_NKjaqt_QPCmUIoJ6_zcAYW6L1W3PpodT7Yo1WjSHKt1YJZBXZTQuJixXMGeGvpI1yj5LlxYuACsaFGwvCzOMD8gseegwFU3x7VWZqHU8Bymjjebevxwjf64eToLVztE0v2njHLyipX_EtUwOrjMN3En2Tb9zmebyw9tlXn41pG2ZYWaSAFH7-uuxq3GX2jdhHwhTJ3Ce2uuPobl2PIqWYLkIfzKp5QtrC816G4U2dKp80pfT8xxMNDouLvlYIHnr5LNvCBQGjf1lf092eQgmzacphavct8kMwq8vF1_UKQ48yLs500FHzaPfmMPdXdtPBYMBOUHGQ8HwGPqICTr360zdTqunyY1d8C5SSSceBW-MYaOp5c8MTX72dGcBqJKQuAS6rrG06GRwvL1H76YX4cm4ZJfrSCEPj_h7sLeHmKXFqNgTfoJncnWtfnluXpiezra-nM0xVRP3yh3cyVy5L2MkB1wnugx3GeV_uOh_7YUc1hOSfnPIMDTeZF3gT3KAoEcBLCT303bttUinA49d54MQRTMUTCog8Qh6fGaJbJjIU9a7s7F32Nw6px6NgSFperv1mvsMiWudgtX7KYQEkIm18vtzW3UdlHNFmTK8WuUdwHnl3fwRF38ySzUmXzcCZOiJRs7DHQALXm4J0_i--IxJIAtfvdKMlxK92K4f1OKXJn4TfdA4A9yG7MZH4QQJbU34fBXlkUnxzREn-jkLKOdO0iYoya0D87IXcGXnVQt29bZXTEKaU5TvjxdDGyfn4gFHDokCec2mp4WyBjHnaFoLyObE8lMsRiH0qILWAUBhdX-9y5EwjpuTkkqmLOlfy4DbDk3mijNv0yNlKpiA_4C_RHs8Tz8TOVoK7AR-KRsiQzx-Ho_WULmWrRdLwDHIpBbdgYQvHy3ONM7aH_ZcgtqV3mHOIr1AW2gKpwDzYSZK4eCVqYn3OrE12yYjxnoxL3z3akhbzzXbGMEEC2RiCto2g6r1gmZHaFWedF9u6mKvt9Y05SXRLUIKfkrjtDApTe58-Hu2BP7u7-7rqEYvSLGGro597WS7Z_jhVBUSFeaDPrBjUoLGdINJ8rwYgAYonnbuKNjmzot5Dc3kzki47lZlwhRDcP7CRwVwb8AmcY2NVtGuoGRr7m4iz3OWl6flbb2fKfJ7XbWloJ_Gm0O9dmOo18aaZ4EBpIeim0Lok9j8VnRP1m0codOiOseiykgDIfqCs8PQAK02GTl2tbrTkaJ4hv2QAf-CP_oZ9btB66xxgI5fd8yMKlDpCJG3IUjy-yb6u5Gqwu86az9piIhqvVgbZ4Qr6BsXWjPlbAaTfauSnhRQ8x2g8mWyJp4qE-R_-YlL6sdolroZ2hcURbSiZhUBvooJPSWSpjJzbZrZQJcCpSALnGPhEOexnAAz0BAGTGP_lnnrVYishaqzrZ0aaL7xp3zq8M5M6qMDlKfHSpZ9R-7YTAxfDDRzJhsFvB7N4I-U6C2IDa-ScarnIfvOmvyYO4HaQx62cMyccu2HZXsPfjwmUt3eKx0hevwlbqjhiyiELuMlJclIT0erObc-Vx_ZmnmjoGEGIOfVY8pUY1MPIWlOTPqfp4khih6IX-zVV-hUvtrjyi_IBCkUnY_NSVxXUsuQ2EjcfUk4FNFHzt_3i7e6CqgoEhggy4WjU0vKb9niFRG_8EWNsLcPY6AO5ojopkav0TVZx5L6jHUo5ll-XYuXGyBYAnfs1IkI2lVZPCgjt8cvmKJrgG6JsbNByrSvOW6xQrG20E6ZBgbT0jOhvwtxQarTS5K-FP0OpwMLsWkTy3za7S6_fH6M5E6vK01mEhkOSdElLDKQJ0PQFEtJzAopLXjgpor2Xcg5W0rxAzsQS3J_SKGAi2JL1LV0JBChr3u5bdgAPC4K9kl2HbqxAbXVY0Bf0l6RxYwjMVyGQbP6317E3wsmGKTQrD6J2myTFF90etpQKAtf_ZtnSNE4vOMyHkq9T__wpixf4X2I2Op_USCZG6tRaKM_o-wLqcYYeOGyM5ylj2N11fCXbbBXRUPtuJnWpWrpZuwPoZu3f0aayQtk_Vx7988YbRmN6pPsksouanT4j2wEdmwyB-uGAYI5eIUOAeB-9h4RIWDobqa0i0fZCXiuSSjW-WFuTr7d6RRfFnMqxLL8SZ_8oGBPP3yeJvexntMXBAJM4n5O9x45FZ4O4iGeAf9ERyI5753MmK0JGYr6awuOpaRtv8mC6N-oizgc5O-VaiSX_72tHGZGra2WoO11YLxVLtjOb4OZQpIMXSzhQvusOZjkVYFwbjtGMm8uteNy2zjsKzjwulx8jHC5fEU-3_-CZLwNkw8DFP5E-iEcZ0Pa10gst25EijGJPHayls27A9li50iy1MJmjSpwk3CHS5_y5FJ2LPBiYHMUQ5eMo8NRgJaQUq_27ZSHxEXWB5voYe8DsFJ5eF91WWVNc6gqhhT4Zh49LBHn7xMksIM2Q40XSKmKp_weYXaJpJyAult3jZOtzxE8vXNoYMg2EieelqGdvZNAagCdHFyTsCj51uBIsMGCY-smqPvbQBDtJHq_T5AJzgdb_jnUELJoJXpQR87TxROoEzsDyjf3Nqw-LDuOm3cOyz8tYHnECLCsQLQK8Imk6A-1-gzAozt2mEv62tFFA0K5ksN5__-1gLk5EaSqAtRcTbAVI-JyveXw_e1fQGmtsItD28PF9sS4C2BwqmwkpnvqNjyNUAGS6p4h1zP6iBOh1sa4XH9DgKQVXsL6imuKFh-_jsDcArE4p58b_OdOJgQtRAtX_VKWA4O54F-JIqF0L4VtodCKbLL7Ca85yz_uaQEpJ5rxoL4eVq7AQ-gfsOb_1C8NQUzrSMOL90LIs5iXNYUqF0KQfVLAXd5fEd1pVE0qFe5AFp8TFiSuGQ23SoDLbN4Es7cIGQuVrgiBeugweoBg67B1xcjdOcp9BI44qx1atNS2whp&cid=CAQSPgBygQiD8eWYI5HliZx6BTN4mLGdAzVBffzWjLu4VilolVhF56cnbBSJgWOGqbDn-wBDY8dVw6uB6NqX3JnaGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fgdz.fun%2F&ds=l&xdt=1&iif=1&cor=15974424180726989000&adk=2228999115&idt=62&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
370cb61b5eb10543bd03238379be501ba33cccbe0ccd6da559ea6daf6c436f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34455
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2EAB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 01:59:55 GMT
expires
Wed, 26 Apr 2023 01:59:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 01:59:55 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame 5F56 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=280&slotname=1754259820&adk=3754133537&adf=2032485801&pi=t.ma~as.1754259820&w=860&fwrn=4&fwrnh=100&lmt=1682474395&rafmt=1&format=860x280&url=https%3A%2F%2Fgdz.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=-M&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QL8et3PzlP&p=https%3A//gdz.fun&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
97725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Apr 2024 22:51:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 6E16 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLH3u1tUrdUVmRbtTCHmRL3NW1hsHPkbjiek0JhIkkpBuxxfUcKUifp87xd12J6GJqq6xaNlsl-plL6tqxWvKgnfBxDw&cry=1&dbm_d=AKAmf-D4ol9d30_pFUwulKoNL3BvgdRDcGwyvechCFrbh8hwF9veZrXUWVpnz_mN1l7NILseyrLHUENkmlbf55a8tOq4OegFahFDG5qeG6N2J59Ce1Puv2MTDysuolha2TCFNN6huaop_rCeAm4pEQykapCGq-BEhTGuveisnEhs3xGeDbB8xuNUqEVNY2LwpqC35XWkWekuBj1EP4Di4geoErp7DsWV1I8zmDnNeugDTwhHGgUnWFnlLOF-F6bOp8szZuTpAi8Xwl8mfItNSovDSSRVnJybJEL2A1lJ5ahCMWyTG0sV5Sl7g_b-_O6sykKFRHL2Ed3I6onYaVSoVUDlk8tr6MCk4gjQCs7fwuRuYTwC6lgxtBsXNEdrwxQvCZ-EAJ2ks4E62GxMkQ_reNb6x3-V_OyIHzBd7-7ZRf7Q7bcmUtQL2-dHufuMFQS0SvsLbC6et-PTwPU1yH7rCyfXdwJY4nyDD76umGHohbLnLh157uMuop2PRpzVjdjYKC-E-laP7T8jZRVH5tJYf7eOsVynkxElf2uxl3_Ax8JbxLQOqe1lB-qojqt0hnNr_Gvu08-J-6Jgoo6_xAKxOzx2PmzY9AyFZe1e5kUByjkaolb3Umb28Cde7pv-kaLr0paXv7bk7xkaKmfcmWYuH_oTX6oUD6H0B3AGMTHFIj6QPUtctn4bqkzH8dqTnPCdaxo49dE1fu9xy2_caUwta7Fqdg2PuPkrpwjQmYAM8jLLaK9KeWpY0gil09O9zhx8L0eusn1IQxFyS7FW7eL8D27JD2pAbjzkuDtOp3C4xSdlERlXXCmDItUbCXt5bOv_wPUJCaiwBA8KRnlI32R0OM-nRyYUCyXISA2EdTJOciwNjAr7DlLKZgvDd5GmAWbSbqmy_NKjaqt_QPCmUIoJ6_zcAYW6L1W3PpodT7Yo1WjSHKt1YJZBXZTQuJixXMGeGvpI1yj5LlxYuACsaFGwvCzOMD8gseegwFU3x7VWZqHU8Bymjjebevxwjf64eToLVztE0v2njHLyipX_EtUwOrjMN3En2Tb9zmebyw9tlXn41pG2ZYWaSAFH7-uuxq3GX2jdhHwhTJ3Ce2uuPobl2PIqWYLkIfzKp5QtrC816G4U2dKp80pfT8xxMNDouLvlYIHnr5LNvCBQGjf1lf092eQgmzacphavct8kMwq8vF1_UKQ48yLs500FHzaPfmMPdXdtPBYMBOUHGQ8HwGPqICTr360zdTqunyY1d8C5SSSceBW-MYaOp5c8MTX72dGcBqJKQuAS6rrG06GRwvL1H76YX4cm4ZJfrSCEPj_h7sLeHmKXFqNgTfoJncnWtfnluXpiezra-nM0xVRP3yh3cyVy5L2MkB1wnugx3GeV_uOh_7YUc1hOSfnPIMDTeZF3gT3KAoEcBLCT303bttUinA49d54MQRTMUTCog8Qh6fGaJbJjIU9a7s7F32Nw6px6NgSFperv1mvsMiWudgtX7KYQEkIm18vtzW3UdlHNFmTK8WuUdwHnl3fwRF38ySzUmXzcCZOiJRs7DHQALXm4J0_i--IxJIAtfvdKMlxK92K4f1OKXJn4TfdA4A9yG7MZH4QQJbU34fBXlkUnxzREn-jkLKOdO0iYoya0D87IXcGXnVQt29bZXTEKaU5TvjxdDGyfn4gFHDokCec2mp4WyBjHnaFoLyObE8lMsRiH0qILWAUBhdX-9y5EwjpuTkkqmLOlfy4DbDk3mijNv0yNlKpiA_4C_RHs8Tz8TOVoK7AR-KRsiQzx-Ho_WULmWrRdLwDHIpBbdgYQvHy3ONM7aH_ZcgtqV3mHOIr1AW2gKpwDzYSZK4eCVqYn3OrE12yYjxnoxL3z3akhbzzXbGMEEC2RiCto2g6r1gmZHaFWedF9u6mKvt9Y05SXRLUIKfkrjtDApTe58-Hu2BP7u7-7rqEYvSLGGro597WS7Z_jhVBUSFeaDPrBjUoLGdINJ8rwYgAYonnbuKNjmzot5Dc3kzki47lZlwhRDcP7CRwVwb8AmcY2NVtGuoGRr7m4iz3OWl6flbb2fKfJ7XbWloJ_Gm0O9dmOo18aaZ4EBpIeim0Lok9j8VnRP1m0codOiOseiykgDIfqCs8PQAK02GTl2tbrTkaJ4hv2QAf-CP_oZ9btB66xxgI5fd8yMKlDpCJG3IUjy-yb6u5Gqwu86az9piIhqvVgbZ4Qr6BsXWjPlbAaTfauSnhRQ8x2g8mWyJp4qE-R_-YlL6sdolroZ2hcURbSiZhUBvooJPSWSpjJzbZrZQJcCpSALnGPhEOexnAAz0BAGTGP_lnnrVYishaqzrZ0aaL7xp3zq8M5M6qMDlKfHSpZ9R-7YTAxfDDRzJhsFvB7N4I-U6C2IDa-ScarnIfvOmvyYO4HaQx62cMyccu2HZXsPfjwmUt3eKx0hevwlbqjhiyiELuMlJclIT0erObc-Vx_ZmnmjoGEGIOfVY8pUY1MPIWlOTPqfp4khih6IX-zVV-hUvtrjyi_IBCkUnY_NSVxXUsuQ2EjcfUk4FNFHzt_3i7e6CqgoEhggy4WjU0vKb9niFRG_8EWNsLcPY6AO5ojopkav0TVZx5L6jHUo5ll-XYuXGyBYAnfs1IkI2lVZPCgjt8cvmKJrgG6JsbNByrSvOW6xQrG20E6ZBgbT0jOhvwtxQarTS5K-FP0OpwMLsWkTy3za7S6_fH6M5E6vK01mEhkOSdElLDKQJ0PQFEtJzAopLXjgpor2Xcg5W0rxAzsQS3J_SKGAi2JL1LV0JBChr3u5bdgAPC4K9kl2HbqxAbXVY0Bf0l6RxYwjMVyGQbP6317E3wsmGKTQrD6J2myTFF90etpQKAtf_ZtnSNE4vOMyHkq9T__wpixf4X2I2Op_USCZG6tRaKM_o-wLqcYYeOGyM5ylj2N11fCXbbBXRUPtuJnWpWrpZuwPoZu3f0aayQtk_Vx7988YbRmN6pPsksouanT4j2wEdmwyB-uGAYI5eIUOAeB-9h4RIWDobqa0i0fZCXiuSSjW-WFuTr7d6RRfFnMqxLL8SZ_8oGBPP3yeJvexntMXBAJM4n5O9x45FZ4O4iGeAf9ERyI5753MmK0JGYr6awuOpaRtv8mC6N-oizgc5O-VaiSX_72tHGZGra2WoO11YLxVLtjOb4OZQpIMXSzhQvusOZjkVYFwbjtGMm8uteNy2zjsKzjwulx8jHC5fEU-3_-CZLwNkw8DFP5E-iEcZ0Pa10gst25EijGJPHayls27A9li50iy1MJmjSpwk3CHS5_y5FJ2LPBiYHMUQ5eMo8NRgJaQUq_27ZSHxEXWB5voYe8DsFJ5eF91WWVNc6gqhhT4Zh49LBHn7xMksIM2Q40XSKmKp_weYXaJpJyAult3jZOtzxE8vXNoYMg2EieelqGdvZNAagCdHFyTsCj51uBIsMGCY-smqPvbQBDtJHq_T5AJzgdb_jnUELJoJXpQR87TxROoEzsDyjf3Nqw-LDuOm3cOyz8tYHnECLCsQLQK8Imk6A-1-gzAozt2mEv62tFFA0K5ksN5__-1gLk5EaSqAtRcTbAVI-JyveXw_e1fQGmtsItD28PF9sS4C2BwqmwkpnvqNjyNUAGS6p4h1zP6iBOh1sa4XH9DgKQVXsL6imuKFh-_jsDcArE4p58b_OdOJgQtRAtX_VKWA4O54F-JIqF0L4VtodCKbLL7Ca85yz_uaQEpJ5rxoL4eVq7AQ-gfsOb_1C8NQUzrSMOL90LIs5iXNYUqF0KQfVLAXd5fEd1pVE0qFe5AFp8TFiSuGQ23SoDLbN4Es7cIGQuVrgiBeugweoBg67B1xcjdOcp9BI44qx1atNS2whp&cid=CAQSPgBygQiD8eWYI5HliZx6BTN4mLGdAzVBffzWjLu4VilolVhF56cnbBSJgWOGqbDn-wBDY8dVw6uB6NqX3JnaGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fgdz.fun%2F&ds=l&xdt=1&iif=1&cor=15974424180726989000&adk=2228999115&idt=62&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:36:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
33776
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10768
x-xss-protection
0
server
cafe
etag
11141491900784070631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:36:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/ Frame 6E16 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLH3u1tUrdUVmRbtTCHmRL3NW1hsHPkbjiek0JhIkkpBuxxfUcKUifp87xd12J6GJqq6xaNlsl-plL6tqxWvKgnfBxDw&cry=1&dbm_d=AKAmf-D4ol9d30_pFUwulKoNL3BvgdRDcGwyvechCFrbh8hwF9veZrXUWVpnz_mN1l7NILseyrLHUENkmlbf55a8tOq4OegFahFDG5qeG6N2J59Ce1Puv2MTDysuolha2TCFNN6huaop_rCeAm4pEQykapCGq-BEhTGuveisnEhs3xGeDbB8xuNUqEVNY2LwpqC35XWkWekuBj1EP4Di4geoErp7DsWV1I8zmDnNeugDTwhHGgUnWFnlLOF-F6bOp8szZuTpAi8Xwl8mfItNSovDSSRVnJybJEL2A1lJ5ahCMWyTG0sV5Sl7g_b-_O6sykKFRHL2Ed3I6onYaVSoVUDlk8tr6MCk4gjQCs7fwuRuYTwC6lgxtBsXNEdrwxQvCZ-EAJ2ks4E62GxMkQ_reNb6x3-V_OyIHzBd7-7ZRf7Q7bcmUtQL2-dHufuMFQS0SvsLbC6et-PTwPU1yH7rCyfXdwJY4nyDD76umGHohbLnLh157uMuop2PRpzVjdjYKC-E-laP7T8jZRVH5tJYf7eOsVynkxElf2uxl3_Ax8JbxLQOqe1lB-qojqt0hnNr_Gvu08-J-6Jgoo6_xAKxOzx2PmzY9AyFZe1e5kUByjkaolb3Umb28Cde7pv-kaLr0paXv7bk7xkaKmfcmWYuH_oTX6oUD6H0B3AGMTHFIj6QPUtctn4bqkzH8dqTnPCdaxo49dE1fu9xy2_caUwta7Fqdg2PuPkrpwjQmYAM8jLLaK9KeWpY0gil09O9zhx8L0eusn1IQxFyS7FW7eL8D27JD2pAbjzkuDtOp3C4xSdlERlXXCmDItUbCXt5bOv_wPUJCaiwBA8KRnlI32R0OM-nRyYUCyXISA2EdTJOciwNjAr7DlLKZgvDd5GmAWbSbqmy_NKjaqt_QPCmUIoJ6_zcAYW6L1W3PpodT7Yo1WjSHKt1YJZBXZTQuJixXMGeGvpI1yj5LlxYuACsaFGwvCzOMD8gseegwFU3x7VWZqHU8Bymjjebevxwjf64eToLVztE0v2njHLyipX_EtUwOrjMN3En2Tb9zmebyw9tlXn41pG2ZYWaSAFH7-uuxq3GX2jdhHwhTJ3Ce2uuPobl2PIqWYLkIfzKp5QtrC816G4U2dKp80pfT8xxMNDouLvlYIHnr5LNvCBQGjf1lf092eQgmzacphavct8kMwq8vF1_UKQ48yLs500FHzaPfmMPdXdtPBYMBOUHGQ8HwGPqICTr360zdTqunyY1d8C5SSSceBW-MYaOp5c8MTX72dGcBqJKQuAS6rrG06GRwvL1H76YX4cm4ZJfrSCEPj_h7sLeHmKXFqNgTfoJncnWtfnluXpiezra-nM0xVRP3yh3cyVy5L2MkB1wnugx3GeV_uOh_7YUc1hOSfnPIMDTeZF3gT3KAoEcBLCT303bttUinA49d54MQRTMUTCog8Qh6fGaJbJjIU9a7s7F32Nw6px6NgSFperv1mvsMiWudgtX7KYQEkIm18vtzW3UdlHNFmTK8WuUdwHnl3fwRF38ySzUmXzcCZOiJRs7DHQALXm4J0_i--IxJIAtfvdKMlxK92K4f1OKXJn4TfdA4A9yG7MZH4QQJbU34fBXlkUnxzREn-jkLKOdO0iYoya0D87IXcGXnVQt29bZXTEKaU5TvjxdDGyfn4gFHDokCec2mp4WyBjHnaFoLyObE8lMsRiH0qILWAUBhdX-9y5EwjpuTkkqmLOlfy4DbDk3mijNv0yNlKpiA_4C_RHs8Tz8TOVoK7AR-KRsiQzx-Ho_WULmWrRdLwDHIpBbdgYQvHy3ONM7aH_ZcgtqV3mHOIr1AW2gKpwDzYSZK4eCVqYn3OrE12yYjxnoxL3z3akhbzzXbGMEEC2RiCto2g6r1gmZHaFWedF9u6mKvt9Y05SXRLUIKfkrjtDApTe58-Hu2BP7u7-7rqEYvSLGGro597WS7Z_jhVBUSFeaDPrBjUoLGdINJ8rwYgAYonnbuKNjmzot5Dc3kzki47lZlwhRDcP7CRwVwb8AmcY2NVtGuoGRr7m4iz3OWl6flbb2fKfJ7XbWloJ_Gm0O9dmOo18aaZ4EBpIeim0Lok9j8VnRP1m0codOiOseiykgDIfqCs8PQAK02GTl2tbrTkaJ4hv2QAf-CP_oZ9btB66xxgI5fd8yMKlDpCJG3IUjy-yb6u5Gqwu86az9piIhqvVgbZ4Qr6BsXWjPlbAaTfauSnhRQ8x2g8mWyJp4qE-R_-YlL6sdolroZ2hcURbSiZhUBvooJPSWSpjJzbZrZQJcCpSALnGPhEOexnAAz0BAGTGP_lnnrVYishaqzrZ0aaL7xp3zq8M5M6qMDlKfHSpZ9R-7YTAxfDDRzJhsFvB7N4I-U6C2IDa-ScarnIfvOmvyYO4HaQx62cMyccu2HZXsPfjwmUt3eKx0hevwlbqjhiyiELuMlJclIT0erObc-Vx_ZmnmjoGEGIOfVY8pUY1MPIWlOTPqfp4khih6IX-zVV-hUvtrjyi_IBCkUnY_NSVxXUsuQ2EjcfUk4FNFHzt_3i7e6CqgoEhggy4WjU0vKb9niFRG_8EWNsLcPY6AO5ojopkav0TVZx5L6jHUo5ll-XYuXGyBYAnfs1IkI2lVZPCgjt8cvmKJrgG6JsbNByrSvOW6xQrG20E6ZBgbT0jOhvwtxQarTS5K-FP0OpwMLsWkTy3za7S6_fH6M5E6vK01mEhkOSdElLDKQJ0PQFEtJzAopLXjgpor2Xcg5W0rxAzsQS3J_SKGAi2JL1LV0JBChr3u5bdgAPC4K9kl2HbqxAbXVY0Bf0l6RxYwjMVyGQbP6317E3wsmGKTQrD6J2myTFF90etpQKAtf_ZtnSNE4vOMyHkq9T__wpixf4X2I2Op_USCZG6tRaKM_o-wLqcYYeOGyM5ylj2N11fCXbbBXRUPtuJnWpWrpZuwPoZu3f0aayQtk_Vx7988YbRmN6pPsksouanT4j2wEdmwyB-uGAYI5eIUOAeB-9h4RIWDobqa0i0fZCXiuSSjW-WFuTr7d6RRfFnMqxLL8SZ_8oGBPP3yeJvexntMXBAJM4n5O9x45FZ4O4iGeAf9ERyI5753MmK0JGYr6awuOpaRtv8mC6N-oizgc5O-VaiSX_72tHGZGra2WoO11YLxVLtjOb4OZQpIMXSzhQvusOZjkVYFwbjtGMm8uteNy2zjsKzjwulx8jHC5fEU-3_-CZLwNkw8DFP5E-iEcZ0Pa10gst25EijGJPHayls27A9li50iy1MJmjSpwk3CHS5_y5FJ2LPBiYHMUQ5eMo8NRgJaQUq_27ZSHxEXWB5voYe8DsFJ5eF91WWVNc6gqhhT4Zh49LBHn7xMksIM2Q40XSKmKp_weYXaJpJyAult3jZOtzxE8vXNoYMg2EieelqGdvZNAagCdHFyTsCj51uBIsMGCY-smqPvbQBDtJHq_T5AJzgdb_jnUELJoJXpQR87TxROoEzsDyjf3Nqw-LDuOm3cOyz8tYHnECLCsQLQK8Imk6A-1-gzAozt2mEv62tFFA0K5ksN5__-1gLk5EaSqAtRcTbAVI-JyveXw_e1fQGmtsItD28PF9sS4C2BwqmwkpnvqNjyNUAGS6p4h1zP6iBOh1sa4XH9DgKQVXsL6imuKFh-_jsDcArE4p58b_OdOJgQtRAtX_VKWA4O54F-JIqF0L4VtodCKbLL7Ca85yz_uaQEpJ5rxoL4eVq7AQ-gfsOb_1C8NQUzrSMOL90LIs5iXNYUqF0KQfVLAXd5fEd1pVE0qFe5AFp8TFiSuGQ23SoDLbN4Es7cIGQuVrgiBeugweoBg67B1xcjdOcp9BI44qx1atNS2whp&cid=CAQSPgBygQiD8eWYI5HliZx6BTN4mLGdAzVBffzWjLu4VilolVhF56cnbBSJgWOGqbDn-wBDY8dVw6uB6NqX3JnaGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fgdz.fun%2F&ds=l&xdt=1&iif=1&cor=15974424180726989000&adk=2228999115&idt=62&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 16:35:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
33843
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 May 2023 16:35:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6E16 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshxTOszL6uH9Cyj4uMqkRo-PtLSVkKHahlhTRBGBCAUhWT1iYYMgfojpqKQQ-9RVd_67T3x3AxKxTe7cs7LUlyh8Yi6xr5pGyDAuduNjEQAYi0szp7MnG1WabasXyQ6tWc8ie_jBA5pyLJvSvjwbucFJywLuaCMhEZMXuMbQICqsfi369Jcv--xEYggHzUPeTiH74vHXBnxWfy2I0Z1gJd9uj9SBHuR9Dv-JMoDyNR0O9mGQjy7VnCguphu8Mh4DROc9MRe0xEE1FUdVizlpYdjiEf8JG0-F822orNsLEZWhwY5Pu9RA_nspM9M0m3zvA2vYomZfZPzFUafe62eXp6lR6VeKi7aehLHffkEtIjCpXREzajiKxDLE35WV1HmX81BWmSKqw-Xm6-qD6XiezGQGrkfBy7qmcAVW-yYuQCCqvRevr-_DCTNiQ9i0cNNnLA2QPuUnBickoWo285BmtFK1havSe4Ngo7zgEbH4dW1XF-ms9ppgXlxRBdmnP83v3Ykan9glrAcGiPfmg97fur1Sa6vNsSpuVKsU9MCwtFoiigSee5EsMXzoc1UPU6ieRXDYM2qyAQDuuMkF6UWduKegJfys5oaQDlTFfna3z3jv9HhAOeX6a4Aw-IMtgso3Q_hj-YDuDBvWD8pXdYltGroRvZddCZ2JV9H9XV86iX0d0QR6PSPHGpNtBgyAdtwYbUz-Wx0AnRvsRUKcm_ccgGhGc-Ds5n9N14otUGAdKsVJAXBvVbuLiu7olhhwphKLFxt6Tm-CYIVexYR-vWMf2w_FD5r8o_JayHmKQgftka9f31BXN5BKhp90dGbYiMDpPxa7Y-5UCZ1sMqDlqtOKzIHE1k9xca_FqJCXmvegNi1QM1xVxIEtlwHMFet-bgLQG-yCWry6odAToLybU8uYEtPO-MdpHYmtiYE5t7U0UydZfRuJ6cr___6lm04rIEYvI9uSw6jdg-GpY8ERSSCpfGVg1bpbTRSC1m2Fjcq_2E7UYRP25B33dihthB3EsomfAkAc8lXEsLsWoUNOZGbQIPMDFfZniKN4v4zI8izYPkB1Rnw6PT6amMzoLlCjZOrJ7aC2CM1ceU1EgcULCWxTbMDjsvPtU0InR8c_VkQwNwpFm27buazgEigJ-7r8zx_4h4c7U-FrLyfemeEeVY3AJ8OrrpuA4HCdIPP7sadt8T5noITaU&sai=AMfl-YRpLu-fyo-nnc95PUl7BUzRZM89j80y4NeOVeq3rffzmGWP93P7HilDcSMmFcXC3erYbNbNlSrpl5YiYlvgrXtGVunkz2p7hdo_w6aKCgbfbHG6eUbjwgvbNepuGUIoYYXjBfCWfnt5NVWhM-rI3g2eizCp-dkmKY-ZCRFuqrHF6olc1-OepMdS_QSpRCr1PGpdO53zLDQTaa3QzYJTaAHqF9ky1Su70kN71E-cpuuick55bAXALn6d9dF0QnbiKUCJGJ2qSW6NKQ&sig=Cg0ArKJSzPsfqOcT9DqREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230420.17889&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLH3u1tUrdUVmRbtTCHmRL3NW1hsHPkbjiek0JhIkkpBuxxfUcKUifp87xd12J6GJqq6xaNlsl-plL6tqxWvKgnfBxDw&cry=1&dbm_d=AKAmf-D4ol9d30_pFUwulKoNL3BvgdRDcGwyvechCFrbh8hwF9veZrXUWVpnz_mN1l7NILseyrLHUENkmlbf55a8tOq4OegFahFDG5qeG6N2J59Ce1Puv2MTDysuolha2TCFNN6huaop_rCeAm4pEQykapCGq-BEhTGuveisnEhs3xGeDbB8xuNUqEVNY2LwpqC35XWkWekuBj1EP4Di4geoErp7DsWV1I8zmDnNeugDTwhHGgUnWFnlLOF-F6bOp8szZuTpAi8Xwl8mfItNSovDSSRVnJybJEL2A1lJ5ahCMWyTG0sV5Sl7g_b-_O6sykKFRHL2Ed3I6onYaVSoVUDlk8tr6MCk4gjQCs7fwuRuYTwC6lgxtBsXNEdrwxQvCZ-EAJ2ks4E62GxMkQ_reNb6x3-V_OyIHzBd7-7ZRf7Q7bcmUtQL2-dHufuMFQS0SvsLbC6et-PTwPU1yH7rCyfXdwJY4nyDD76umGHohbLnLh157uMuop2PRpzVjdjYKC-E-laP7T8jZRVH5tJYf7eOsVynkxElf2uxl3_Ax8JbxLQOqe1lB-qojqt0hnNr_Gvu08-J-6Jgoo6_xAKxOzx2PmzY9AyFZe1e5kUByjkaolb3Umb28Cde7pv-kaLr0paXv7bk7xkaKmfcmWYuH_oTX6oUD6H0B3AGMTHFIj6QPUtctn4bqkzH8dqTnPCdaxo49dE1fu9xy2_caUwta7Fqdg2PuPkrpwjQmYAM8jLLaK9KeWpY0gil09O9zhx8L0eusn1IQxFyS7FW7eL8D27JD2pAbjzkuDtOp3C4xSdlERlXXCmDItUbCXt5bOv_wPUJCaiwBA8KRnlI32R0OM-nRyYUCyXISA2EdTJOciwNjAr7DlLKZgvDd5GmAWbSbqmy_NKjaqt_QPCmUIoJ6_zcAYW6L1W3PpodT7Yo1WjSHKt1YJZBXZTQuJixXMGeGvpI1yj5LlxYuACsaFGwvCzOMD8gseegwFU3x7VWZqHU8Bymjjebevxwjf64eToLVztE0v2njHLyipX_EtUwOrjMN3En2Tb9zmebyw9tlXn41pG2ZYWaSAFH7-uuxq3GX2jdhHwhTJ3Ce2uuPobl2PIqWYLkIfzKp5QtrC816G4U2dKp80pfT8xxMNDouLvlYIHnr5LNvCBQGjf1lf092eQgmzacphavct8kMwq8vF1_UKQ48yLs500FHzaPfmMPdXdtPBYMBOUHGQ8HwGPqICTr360zdTqunyY1d8C5SSSceBW-MYaOp5c8MTX72dGcBqJKQuAS6rrG06GRwvL1H76YX4cm4ZJfrSCEPj_h7sLeHmKXFqNgTfoJncnWtfnluXpiezra-nM0xVRP3yh3cyVy5L2MkB1wnugx3GeV_uOh_7YUc1hOSfnPIMDTeZF3gT3KAoEcBLCT303bttUinA49d54MQRTMUTCog8Qh6fGaJbJjIU9a7s7F32Nw6px6NgSFperv1mvsMiWudgtX7KYQEkIm18vtzW3UdlHNFmTK8WuUdwHnl3fwRF38ySzUmXzcCZOiJRs7DHQALXm4J0_i--IxJIAtfvdKMlxK92K4f1OKXJn4TfdA4A9yG7MZH4QQJbU34fBXlkUnxzREn-jkLKOdO0iYoya0D87IXcGXnVQt29bZXTEKaU5TvjxdDGyfn4gFHDokCec2mp4WyBjHnaFoLyObE8lMsRiH0qILWAUBhdX-9y5EwjpuTkkqmLOlfy4DbDk3mijNv0yNlKpiA_4C_RHs8Tz8TOVoK7AR-KRsiQzx-Ho_WULmWrRdLwDHIpBbdgYQvHy3ONM7aH_ZcgtqV3mHOIr1AW2gKpwDzYSZK4eCVqYn3OrE12yYjxnoxL3z3akhbzzXbGMEEC2RiCto2g6r1gmZHaFWedF9u6mKvt9Y05SXRLUIKfkrjtDApTe58-Hu2BP7u7-7rqEYvSLGGro597WS7Z_jhVBUSFeaDPrBjUoLGdINJ8rwYgAYonnbuKNjmzot5Dc3kzki47lZlwhRDcP7CRwVwb8AmcY2NVtGuoGRr7m4iz3OWl6flbb2fKfJ7XbWloJ_Gm0O9dmOo18aaZ4EBpIeim0Lok9j8VnRP1m0codOiOseiykgDIfqCs8PQAK02GTl2tbrTkaJ4hv2QAf-CP_oZ9btB66xxgI5fd8yMKlDpCJG3IUjy-yb6u5Gqwu86az9piIhqvVgbZ4Qr6BsXWjPlbAaTfauSnhRQ8x2g8mWyJp4qE-R_-YlL6sdolroZ2hcURbSiZhUBvooJPSWSpjJzbZrZQJcCpSALnGPhEOexnAAz0BAGTGP_lnnrVYishaqzrZ0aaL7xp3zq8M5M6qMDlKfHSpZ9R-7YTAxfDDRzJhsFvB7N4I-U6C2IDa-ScarnIfvOmvyYO4HaQx62cMyccu2HZXsPfjwmUt3eKx0hevwlbqjhiyiELuMlJclIT0erObc-Vx_ZmnmjoGEGIOfVY8pUY1MPIWlOTPqfp4khih6IX-zVV-hUvtrjyi_IBCkUnY_NSVxXUsuQ2EjcfUk4FNFHzt_3i7e6CqgoEhggy4WjU0vKb9niFRG_8EWNsLcPY6AO5ojopkav0TVZx5L6jHUo5ll-XYuXGyBYAnfs1IkI2lVZPCgjt8cvmKJrgG6JsbNByrSvOW6xQrG20E6ZBgbT0jOhvwtxQarTS5K-FP0OpwMLsWkTy3za7S6_fH6M5E6vK01mEhkOSdElLDKQJ0PQFEtJzAopLXjgpor2Xcg5W0rxAzsQS3J_SKGAi2JL1LV0JBChr3u5bdgAPC4K9kl2HbqxAbXVY0Bf0l6RxYwjMVyGQbP6317E3wsmGKTQrD6J2myTFF90etpQKAtf_ZtnSNE4vOMyHkq9T__wpixf4X2I2Op_USCZG6tRaKM_o-wLqcYYeOGyM5ylj2N11fCXbbBXRUPtuJnWpWrpZuwPoZu3f0aayQtk_Vx7988YbRmN6pPsksouanT4j2wEdmwyB-uGAYI5eIUOAeB-9h4RIWDobqa0i0fZCXiuSSjW-WFuTr7d6RRfFnMqxLL8SZ_8oGBPP3yeJvexntMXBAJM4n5O9x45FZ4O4iGeAf9ERyI5753MmK0JGYr6awuOpaRtv8mC6N-oizgc5O-VaiSX_72tHGZGra2WoO11YLxVLtjOb4OZQpIMXSzhQvusOZjkVYFwbjtGMm8uteNy2zjsKzjwulx8jHC5fEU-3_-CZLwNkw8DFP5E-iEcZ0Pa10gst25EijGJPHayls27A9li50iy1MJmjSpwk3CHS5_y5FJ2LPBiYHMUQ5eMo8NRgJaQUq_27ZSHxEXWB5voYe8DsFJ5eF91WWVNc6gqhhT4Zh49LBHn7xMksIM2Q40XSKmKp_weYXaJpJyAult3jZOtzxE8vXNoYMg2EieelqGdvZNAagCdHFyTsCj51uBIsMGCY-smqPvbQBDtJHq_T5AJzgdb_jnUELJoJXpQR87TxROoEzsDyjf3Nqw-LDuOm3cOyz8tYHnECLCsQLQK8Imk6A-1-gzAozt2mEv62tFFA0K5ksN5__-1gLk5EaSqAtRcTbAVI-JyveXw_e1fQGmtsItD28PF9sS4C2BwqmwkpnvqNjyNUAGS6p4h1zP6iBOh1sa4XH9DgKQVXsL6imuKFh-_jsDcArE4p58b_OdOJgQtRAtX_VKWA4O54F-JIqF0L4VtodCKbLL7Ca85yz_uaQEpJ5rxoL4eVq7AQ-gfsOb_1C8NQUzrSMOL90LIs5iXNYUqF0KQfVLAXd5fEd1pVE0qFe5AFp8TFiSuGQ23SoDLbN4Es7cIGQuVrgiBeugweoBg67B1xcjdOcp9BI44qx1atNS2whp&cid=CAQSPgBygQiD8eWYI5HliZx6BTN4mLGdAzVBffzWjLu4VilolVhF56cnbBSJgWOGqbDn-wBDY8dVw6uB6NqX3JnaGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fgdz.fun%2F&ds=l&xdt=1&iif=1&cor=15974424180726989000&adk=2228999115&idt=62&cac=0&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 26 Apr 2023 01:59:56 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 26 Apr 2023 01:59:56 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6E16 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLH3u1tUrdUVmRbtTCHmRL3NW1hsHPkbjiek0JhIkkpBuxxfUcKUifp87xd12J6GJqq6xaNlsl-plL6tqxWvKgnfBxDw&cry=1&dbm_d=AKAmf-D4ol9d30_pFUwulKoNL3BvgdRDcGwyvechCFrbh8hwF9veZrXUWVpnz_mN1l7NILseyrLHUENkmlbf55a8tOq4OegFahFDG5qeG6N2J59Ce1Puv2MTDysuolha2TCFNN6huaop_rCeAm4pEQykapCGq-BEhTGuveisnEhs3xGeDbB8xuNUqEVNY2LwpqC35XWkWekuBj1EP4Di4geoErp7DsWV1I8zmDnNeugDTwhHGgUnWFnlLOF-F6bOp8szZuTpAi8Xwl8mfItNSovDSSRVnJybJEL2A1lJ5ahCMWyTG0sV5Sl7g_b-_O6sykKFRHL2Ed3I6onYaVSoVUDlk8tr6MCk4gjQCs7fwuRuYTwC6lgxtBsXNEdrwxQvCZ-EAJ2ks4E62GxMkQ_reNb6x3-V_OyIHzBd7-7ZRf7Q7bcmUtQL2-dHufuMFQS0SvsLbC6et-PTwPU1yH7rCyfXdwJY4nyDD76umGHohbLnLh157uMuop2PRpzVjdjYKC-E-laP7T8jZRVH5tJYf7eOsVynkxElf2uxl3_Ax8JbxLQOqe1lB-qojqt0hnNr_Gvu08-J-6Jgoo6_xAKxOzx2PmzY9AyFZe1e5kUByjkaolb3Umb28Cde7pv-kaLr0paXv7bk7xkaKmfcmWYuH_oTX6oUD6H0B3AGMTHFIj6QPUtctn4bqkzH8dqTnPCdaxo49dE1fu9xy2_caUwta7Fqdg2PuPkrpwjQmYAM8jLLaK9KeWpY0gil09O9zhx8L0eusn1IQxFyS7FW7eL8D27JD2pAbjzkuDtOp3C4xSdlERlXXCmDItUbCXt5bOv_wPUJCaiwBA8KRnlI32R0OM-nRyYUCyXISA2EdTJOciwNjAr7DlLKZgvDd5GmAWbSbqmy_NKjaqt_QPCmUIoJ6_zcAYW6L1W3PpodT7Yo1WjSHKt1YJZBXZTQuJixXMGeGvpI1yj5LlxYuACsaFGwvCzOMD8gseegwFU3x7VWZqHU8Bymjjebevxwjf64eToLVztE0v2njHLyipX_EtUwOrjMN3En2Tb9zmebyw9tlXn41pG2ZYWaSAFH7-uuxq3GX2jdhHwhTJ3Ce2uuPobl2PIqWYLkIfzKp5QtrC816G4U2dKp80pfT8xxMNDouLvlYIHnr5LNvCBQGjf1lf092eQgmzacphavct8kMwq8vF1_UKQ48yLs500FHzaPfmMPdXdtPBYMBOUHGQ8HwGPqICTr360zdTqunyY1d8C5SSSceBW-MYaOp5c8MTX72dGcBqJKQuAS6rrG06GRwvL1H76YX4cm4ZJfrSCEPj_h7sLeHmKXFqNgTfoJncnWtfnluXpiezra-nM0xVRP3yh3cyVy5L2MkB1wnugx3GeV_uOh_7YUc1hOSfnPIMDTeZF3gT3KAoEcBLCT303bttUinA49d54MQRTMUTCog8Qh6fGaJbJjIU9a7s7F32Nw6px6NgSFperv1mvsMiWudgtX7KYQEkIm18vtzW3UdlHNFmTK8WuUdwHnl3fwRF38ySzUmXzcCZOiJRs7DHQALXm4J0_i--IxJIAtfvdKMlxK92K4f1OKXJn4TfdA4A9yG7MZH4QQJbU34fBXlkUnxzREn-jkLKOdO0iYoya0D87IXcGXnVQt29bZXTEKaU5TvjxdDGyfn4gFHDokCec2mp4WyBjHnaFoLyObE8lMsRiH0qILWAUBhdX-9y5EwjpuTkkqmLOlfy4DbDk3mijNv0yNlKpiA_4C_RHs8Tz8TOVoK7AR-KRsiQzx-Ho_WULmWrRdLwDHIpBbdgYQvHy3ONM7aH_ZcgtqV3mHOIr1AW2gKpwDzYSZK4eCVqYn3OrE12yYjxnoxL3z3akhbzzXbGMEEC2RiCto2g6r1gmZHaFWedF9u6mKvt9Y05SXRLUIKfkrjtDApTe58-Hu2BP7u7-7rqEYvSLGGro597WS7Z_jhVBUSFeaDPrBjUoLGdINJ8rwYgAYonnbuKNjmzot5Dc3kzki47lZlwhRDcP7CRwVwb8AmcY2NVtGuoGRr7m4iz3OWl6flbb2fKfJ7XbWloJ_Gm0O9dmOo18aaZ4EBpIeim0Lok9j8VnRP1m0codOiOseiykgDIfqCs8PQAK02GTl2tbrTkaJ4hv2QAf-CP_oZ9btB66xxgI5fd8yMKlDpCJG3IUjy-yb6u5Gqwu86az9piIhqvVgbZ4Qr6BsXWjPlbAaTfauSnhRQ8x2g8mWyJp4qE-R_-YlL6sdolroZ2hcURbSiZhUBvooJPSWSpjJzbZrZQJcCpSALnGPhEOexnAAz0BAGTGP_lnnrVYishaqzrZ0aaL7xp3zq8M5M6qMDlKfHSpZ9R-7YTAxfDDRzJhsFvB7N4I-U6C2IDa-ScarnIfvOmvyYO4HaQx62cMyccu2HZXsPfjwmUt3eKx0hevwlbqjhiyiELuMlJclIT0erObc-Vx_ZmnmjoGEGIOfVY8pUY1MPIWlOTPqfp4khih6IX-zVV-hUvtrjyi_IBCkUnY_NSVxXUsuQ2EjcfUk4FNFHzt_3i7e6CqgoEhggy4WjU0vKb9niFRG_8EWNsLcPY6AO5ojopkav0TVZx5L6jHUo5ll-XYuXGyBYAnfs1IkI2lVZPCgjt8cvmKJrgG6JsbNByrSvOW6xQrG20E6ZBgbT0jOhvwtxQarTS5K-FP0OpwMLsWkTy3za7S6_fH6M5E6vK01mEhkOSdElLDKQJ0PQFEtJzAopLXjgpor2Xcg5W0rxAzsQS3J_SKGAi2JL1LV0JBChr3u5bdgAPC4K9kl2HbqxAbXVY0Bf0l6RxYwjMVyGQbP6317E3wsmGKTQrD6J2myTFF90etpQKAtf_ZtnSNE4vOMyHkq9T__wpixf4X2I2Op_USCZG6tRaKM_o-wLqcYYeOGyM5ylj2N11fCXbbBXRUPtuJnWpWrpZuwPoZu3f0aayQtk_Vx7988YbRmN6pPsksouanT4j2wEdmwyB-uGAYI5eIUOAeB-9h4RIWDobqa0i0fZCXiuSSjW-WFuTr7d6RRfFnMqxLL8SZ_8oGBPP3yeJvexntMXBAJM4n5O9x45FZ4O4iGeAf9ERyI5753MmK0JGYr6awuOpaRtv8mC6N-oizgc5O-VaiSX_72tHGZGra2WoO11YLxVLtjOb4OZQpIMXSzhQvusOZjkVYFwbjtGMm8uteNy2zjsKzjwulx8jHC5fEU-3_-CZLwNkw8DFP5E-iEcZ0Pa10gst25EijGJPHayls27A9li50iy1MJmjSpwk3CHS5_y5FJ2LPBiYHMUQ5eMo8NRgJaQUq_27ZSHxEXWB5voYe8DsFJ5eF91WWVNc6gqhhT4Zh49LBHn7xMksIM2Q40XSKmKp_weYXaJpJyAult3jZOtzxE8vXNoYMg2EieelqGdvZNAagCdHFyTsCj51uBIsMGCY-smqPvbQBDtJHq_T5AJzgdb_jnUELJoJXpQR87TxROoEzsDyjf3Nqw-LDuOm3cOyz8tYHnECLCsQLQK8Imk6A-1-gzAozt2mEv62tFFA0K5ksN5__-1gLk5EaSqAtRcTbAVI-JyveXw_e1fQGmtsItD28PF9sS4C2BwqmwkpnvqNjyNUAGS6p4h1zP6iBOh1sa4XH9DgKQVXsL6imuKFh-_jsDcArE4p58b_OdOJgQtRAtX_VKWA4O54F-JIqF0L4VtodCKbLL7Ca85yz_uaQEpJ5rxoL4eVq7AQ-gfsOb_1C8NQUzrSMOL90LIs5iXNYUqF0KQfVLAXd5fEd1pVE0qFe5AFp8TFiSuGQ23SoDLbN4Es7cIGQuVrgiBeugweoBg67B1xcjdOcp9BI44qx1atNS2whp&cid=CAQSPgBygQiD8eWYI5HliZx6BTN4mLGdAzVBffzWjLu4VilolVhF56cnbBSJgWOGqbDn-wBDY8dVw6uB6NqX3JnaGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fgdz.fun%2F&ds=l&xdt=1&iif=1&cor=15974424180726989000&adk=2228999115&idt=62&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 19:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 19:45:22 GMT
13538457272640293673
s0.2mdn.net/simgad/ Frame 6E16 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13538457272640293673
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5961a07191615167af153a6508a18caadff81c2834a0059f4f0ced7f6dd2538c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:08:44 GMT
x-content-type-options
nosniff
age
294672
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30873
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 12:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Apr 2024 16:08:44 GMT
jquery.min.js
cdn.bazr.ru/videocontent/omovi/js1/ Frame 36A9 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bazr.ru/videocontent/omovi/js1/jquery.min.js
Requested by
Host: bazr.ru
URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.218.223.43 , Russian Federation, ASN42244 (ESERVER, SK),
Reverse DNS
space1.unassigned.ru.eserver.net
Software
nginx/1.18.0 /
Resource Hash
5b6725689f9ca035bdd1f325690447c2cab1e9a27c39b3a3a6d702ab888236ac

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:56 GMT
content-encoding
gzip
last-modified
Tue, 21 Apr 2015 13:37:22 GMT
server
nginx/1.18.0
etag
W/"55365292-16b31"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=86400
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 27 Apr 2023 01:59:56 GMT
advideo.js
cdn.bazr.ru/videocontent/global/newplayer/ Frame 36A9 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bazr.ru/videocontent/global/newplayer/advideo.js?30112020134221113
Requested by
Host: bazr.ru
URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.218.223.43 , Russian Federation, ASN42244 (ESERVER, SK),
Reverse DNS
space1.unassigned.ru.eserver.net
Software
nginx/1.18.0 /
Resource Hash
d7eefeda6c8559f00c4ea5549267673816b6d69118a6ddf16cc4c7359ce2323b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:56 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 10:02:15 GMT
server
nginx/1.18.0
etag
W/"61a74827-5252"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=86400
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 27 Apr 2023 01:59:56 GMT
vidpub.js
sync.dmp.otm-r.com/match/ Frame 36A9 		0
69 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.dmp.otm-r.com/match/vidpub.js?pub=bfr8braac88i0cq3hkt0
Requested by
Host: bazr.ru
URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.107 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.107.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 26 Apr 2023 01:59:56 GMT
server
nginx/1.17.6
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012304132133000/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28a347ed73180c5f35f31fe40df98ea7dd0ccab8c1408fd20fd3aaed2f349db2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:23 GMT
age
118053
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7851
x-xss-protection
0
server
sffe
etag
"16dc0fa84842762d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:23 GMT
truncated
/ Frame 6E16 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2bda46daced7341e2200375c965816b2b95f22cbbe9329fc09d7488e9bc4205

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7BF0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
293710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 16:24:46 GMT
expires
Sun, 21 Apr 2024 16:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E16 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=Bqwfdm4VIZJH2NZrA9u8PqJCRoAoAAAAAOAHgBAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2891046647766967&output=html&h=600&slotname=6771616930&adk=4043957354&adf=1612021599&pi=t.ma~as.6771616930&w=300&lmt=1682474395&format=300x600&url=https%3A%2F%2Fgdz.fun%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682474395178&bpp=1&bdt=474&idt=0&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fa016060acb964c-22ea1331abdd00cb%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A&gpic=UID%3D00000befbb4f775a%3AT%3D1682474395%3ART%3D1682474395%3AS%3DALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg&prev_fmts=0x0%2C900x280%2C900x280%2C860x280&nras=2&correlator=1432878275718&frm=20&pv=1&ga_vid=1255569999.1682474395&ga_sid=1682474395&ga_hid=1584988941&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=29&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31074087%2C44785294%2C44786502%2C44789761&oid=2&pvsid=4225419336024618&tmod=1682806881&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ErjHqj805w&p=https%3A//gdz.fun&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6E16 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshxTOszL6uH9Cyj4uMqkRo-PtLSVkKHahlhTRBGBCAUhWT1iYYMgfojpqKQQ-9RVd_67T3x3AxKxTe7cs7LUlyh8Yi6xr5pGyDAuduNjEQAYi0szp7MnG1WabasXyQ6tWc8ie_jBA5pyLJvSvjwbucFJywLuaCMhEZMXuMbQICqsfi369Jcv--xEYggHzUPeTiH74vHXBnxWfy2I0Z1gJd9uj9SBHuR9Dv-JMoDyNR0O9mGQjy7VnCguphu8Mh4DROc9MRe0xEE1FUdVizlpYdjiEf8JG0-F822orNsLEZWhwY5Pu9RA_nspM9M0m3zvA2vYomZfZPzFUafe62eXp6lR6VeKi7aehLHffkEtIjCpXREzajiKxDLE35WV1HmX81BWmSKqw-Xm6-qD6XiezGQGrkfBy7qmcAVW-yYuQCCqvRevr-_DCTNiQ9i0cNNnLA2QPuUnBickoWo285BmtFK1havSe4Ngo7zgEbH4dW1XF-ms9ppgXlxRBdmnP83v3Ykan9glrAcGiPfmg97fur1Sa6vNsSpuVKsU9MCwtFoiigSee5EsMXzoc1UPU6ieRXDYM2qyAQDuuMkF6UWduKegJfys5oaQDlTFfna3z3jv9HhAOeX6a4Aw-IMtgso3Q_hj-YDuDBvWD8pXdYltGroRvZddCZ2JV9H9XV86iX0d0QR6PSPHGpNtBgyAdtwYbUz-Wx0AnRvsRUKcm_ccgGhGc-Ds5n9N14otUGAdKsVJAXBvVbuLiu7olhhwphKLFxt6Tm-CYIVexYR-vWMf2w_FD5r8o_JayHmKQgftka9f31BXN5BKhp90dGbYiMDpPxa7Y-5UCZ1sMqDlqtOKzIHE1k9xca_FqJCXmvegNi1QM1xVxIEtlwHMFet-bgLQG-yCWry6odAToLybU8uYEtPO-MdpHYmtiYE5t7U0UydZfRuJ6cr___6lm04rIEYvI9uSw6jdg-GpY8ERSSCpfGVg1bpbTRSC1m2Fjcq_2E7UYRP25B33dihthB3EsomfAkAc8lXEsLsWoUNOZGbQIPMDFfZniKN4v4zI8izYPkB1Rnw6PT6amMzoLlCjZOrJ7aC2CM1ceU1EgcULCWxTbMDjsvPtU0InR8c_VkQwNwpFm27buazgEigJ-7r8zx_4h4c7U-FrLyfemeEeVY3AJ8OrrpuA4HCdIPP7sadt8T5noITaU&sai=AMfl-YRpLu-fyo-nnc95PUl7BUzRZM89j80y4NeOVeq3rffzmGWP93P7HilDcSMmFcXC3erYbNbNlSrpl5YiYlvgrXtGVunkz2p7hdo_w6aKCgbfbHG6eUbjwgvbNepuGUIoYYXjBfCWfnt5NVWhM-rI3g2eizCp-dkmKY-ZCRFuqrHF6olc1-OepMdS_QSpRCr1PGpdO53zLDQTaa3QzYJTaAHqF9ky1Su70kN71E-cpuuick55bAXALn6d9dF0QnbiKUCJGJ2qSW6NKQ&sig=Cg0ArKJSzPsfqOcT9DqREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=148&vt=11&dtpt=147&dett=2&cstd=0&cisv=r20230420.17889&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLH3u1tUrdUVmRbtTCHmRL3NW1hsHPkbjiek0JhIkkpBuxxfUcKUifp87xd12J6GJqq6xaNlsl-plL6tqxWvKgnfBxDw&cry=1&dbm_d=AKAmf-D4ol9d30_pFUwulKoNL3BvgdRDcGwyvechCFrbh8hwF9veZrXUWVpnz_mN1l7NILseyrLHUENkmlbf55a8tOq4OegFahFDG5qeG6N2J59Ce1Puv2MTDysuolha2TCFNN6huaop_rCeAm4pEQykapCGq-BEhTGuveisnEhs3xGeDbB8xuNUqEVNY2LwpqC35XWkWekuBj1EP4Di4geoErp7DsWV1I8zmDnNeugDTwhHGgUnWFnlLOF-F6bOp8szZuTpAi8Xwl8mfItNSovDSSRVnJybJEL2A1lJ5ahCMWyTG0sV5Sl7g_b-_O6sykKFRHL2Ed3I6onYaVSoVUDlk8tr6MCk4gjQCs7fwuRuYTwC6lgxtBsXNEdrwxQvCZ-EAJ2ks4E62GxMkQ_reNb6x3-V_OyIHzBd7-7ZRf7Q7bcmUtQL2-dHufuMFQS0SvsLbC6et-PTwPU1yH7rCyfXdwJY4nyDD76umGHohbLnLh157uMuop2PRpzVjdjYKC-E-laP7T8jZRVH5tJYf7eOsVynkxElf2uxl3_Ax8JbxLQOqe1lB-qojqt0hnNr_Gvu08-J-6Jgoo6_xAKxOzx2PmzY9AyFZe1e5kUByjkaolb3Umb28Cde7pv-kaLr0paXv7bk7xkaKmfcmWYuH_oTX6oUD6H0B3AGMTHFIj6QPUtctn4bqkzH8dqTnPCdaxo49dE1fu9xy2_caUwta7Fqdg2PuPkrpwjQmYAM8jLLaK9KeWpY0gil09O9zhx8L0eusn1IQxFyS7FW7eL8D27JD2pAbjzkuDtOp3C4xSdlERlXXCmDItUbCXt5bOv_wPUJCaiwBA8KRnlI32R0OM-nRyYUCyXISA2EdTJOciwNjAr7DlLKZgvDd5GmAWbSbqmy_NKjaqt_QPCmUIoJ6_zcAYW6L1W3PpodT7Yo1WjSHKt1YJZBXZTQuJixXMGeGvpI1yj5LlxYuACsaFGwvCzOMD8gseegwFU3x7VWZqHU8Bymjjebevxwjf64eToLVztE0v2njHLyipX_EtUwOrjMN3En2Tb9zmebyw9tlXn41pG2ZYWaSAFH7-uuxq3GX2jdhHwhTJ3Ce2uuPobl2PIqWYLkIfzKp5QtrC816G4U2dKp80pfT8xxMNDouLvlYIHnr5LNvCBQGjf1lf092eQgmzacphavct8kMwq8vF1_UKQ48yLs500FHzaPfmMPdXdtPBYMBOUHGQ8HwGPqICTr360zdTqunyY1d8C5SSSceBW-MYaOp5c8MTX72dGcBqJKQuAS6rrG06GRwvL1H76YX4cm4ZJfrSCEPj_h7sLeHmKXFqNgTfoJncnWtfnluXpiezra-nM0xVRP3yh3cyVy5L2MkB1wnugx3GeV_uOh_7YUc1hOSfnPIMDTeZF3gT3KAoEcBLCT303bttUinA49d54MQRTMUTCog8Qh6fGaJbJjIU9a7s7F32Nw6px6NgSFperv1mvsMiWudgtX7KYQEkIm18vtzW3UdlHNFmTK8WuUdwHnl3fwRF38ySzUmXzcCZOiJRs7DHQALXm4J0_i--IxJIAtfvdKMlxK92K4f1OKXJn4TfdA4A9yG7MZH4QQJbU34fBXlkUnxzREn-jkLKOdO0iYoya0D87IXcGXnVQt29bZXTEKaU5TvjxdDGyfn4gFHDokCec2mp4WyBjHnaFoLyObE8lMsRiH0qILWAUBhdX-9y5EwjpuTkkqmLOlfy4DbDk3mijNv0yNlKpiA_4C_RHs8Tz8TOVoK7AR-KRsiQzx-Ho_WULmWrRdLwDHIpBbdgYQvHy3ONM7aH_ZcgtqV3mHOIr1AW2gKpwDzYSZK4eCVqYn3OrE12yYjxnoxL3z3akhbzzXbGMEEC2RiCto2g6r1gmZHaFWedF9u6mKvt9Y05SXRLUIKfkrjtDApTe58-Hu2BP7u7-7rqEYvSLGGro597WS7Z_jhVBUSFeaDPrBjUoLGdINJ8rwYgAYonnbuKNjmzot5Dc3kzki47lZlwhRDcP7CRwVwb8AmcY2NVtGuoGRr7m4iz3OWl6flbb2fKfJ7XbWloJ_Gm0O9dmOo18aaZ4EBpIeim0Lok9j8VnRP1m0codOiOseiykgDIfqCs8PQAK02GTl2tbrTkaJ4hv2QAf-CP_oZ9btB66xxgI5fd8yMKlDpCJG3IUjy-yb6u5Gqwu86az9piIhqvVgbZ4Qr6BsXWjPlbAaTfauSnhRQ8x2g8mWyJp4qE-R_-YlL6sdolroZ2hcURbSiZhUBvooJPSWSpjJzbZrZQJcCpSALnGPhEOexnAAz0BAGTGP_lnnrVYishaqzrZ0aaL7xp3zq8M5M6qMDlKfHSpZ9R-7YTAxfDDRzJhsFvB7N4I-U6C2IDa-ScarnIfvOmvyYO4HaQx62cMyccu2HZXsPfjwmUt3eKx0hevwlbqjhiyiELuMlJclIT0erObc-Vx_ZmnmjoGEGIOfVY8pUY1MPIWlOTPqfp4khih6IX-zVV-hUvtrjyi_IBCkUnY_NSVxXUsuQ2EjcfUk4FNFHzt_3i7e6CqgoEhggy4WjU0vKb9niFRG_8EWNsLcPY6AO5ojopkav0TVZx5L6jHUo5ll-XYuXGyBYAnfs1IkI2lVZPCgjt8cvmKJrgG6JsbNByrSvOW6xQrG20E6ZBgbT0jOhvwtxQarTS5K-FP0OpwMLsWkTy3za7S6_fH6M5E6vK01mEhkOSdElLDKQJ0PQFEtJzAopLXjgpor2Xcg5W0rxAzsQS3J_SKGAi2JL1LV0JBChr3u5bdgAPC4K9kl2HbqxAbXVY0Bf0l6RxYwjMVyGQbP6317E3wsmGKTQrD6J2myTFF90etpQKAtf_ZtnSNE4vOMyHkq9T__wpixf4X2I2Op_USCZG6tRaKM_o-wLqcYYeOGyM5ylj2N11fCXbbBXRUPtuJnWpWrpZuwPoZu3f0aayQtk_Vx7988YbRmN6pPsksouanT4j2wEdmwyB-uGAYI5eIUOAeB-9h4RIWDobqa0i0fZCXiuSSjW-WFuTr7d6RRfFnMqxLL8SZ_8oGBPP3yeJvexntMXBAJM4n5O9x45FZ4O4iGeAf9ERyI5753MmK0JGYr6awuOpaRtv8mC6N-oizgc5O-VaiSX_72tHGZGra2WoO11YLxVLtjOb4OZQpIMXSzhQvusOZjkVYFwbjtGMm8uteNy2zjsKzjwulx8jHC5fEU-3_-CZLwNkw8DFP5E-iEcZ0Pa10gst25EijGJPHayls27A9li50iy1MJmjSpwk3CHS5_y5FJ2LPBiYHMUQ5eMo8NRgJaQUq_27ZSHxEXWB5voYe8DsFJ5eF91WWVNc6gqhhT4Zh49LBHn7xMksIM2Q40XSKmKp_weYXaJpJyAult3jZOtzxE8vXNoYMg2EieelqGdvZNAagCdHFyTsCj51uBIsMGCY-smqPvbQBDtJHq_T5AJzgdb_jnUELJoJXpQR87TxROoEzsDyjf3Nqw-LDuOm3cOyz8tYHnECLCsQLQK8Imk6A-1-gzAozt2mEv62tFFA0K5ksN5__-1gLk5EaSqAtRcTbAVI-JyveXw_e1fQGmtsItD28PF9sS4C2BwqmwkpnvqNjyNUAGS6p4h1zP6iBOh1sa4XH9DgKQVXsL6imuKFh-_jsDcArE4p58b_OdOJgQtRAtX_VKWA4O54F-JIqF0L4VtodCKbLL7Ca85yz_uaQEpJ5rxoL4eVq7AQ-gfsOb_1C8NQUzrSMOL90LIs5iXNYUqF0KQfVLAXd5fEd1pVE0qFe5AFp8TFiSuGQ23SoDLbN4Es7cIGQuVrgiBeugweoBg67B1xcjdOcp9BI44qx1atNS2whp&cid=CAQSPgBygQiD8eWYI5HliZx6BTN4mLGdAzVBffzWjLu4VilolVhF56cnbBSJgWOGqbDn-wBDY8dVw6uB6NqX3JnaGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fgdz.fun%2F&ds=l&xdt=1&iif=1&cor=15974424180726989000&adk=2228999115&idt=62&cac=0&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 26 Apr 2023 01:59:56 GMT
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame 7BF0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
97726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Apr 2024 22:51:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BF0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bqwfdm4VIZJH2NZrA9u8PqJCRoAoAAAAAOAHgBAI&bg=!HB-lH0vNAAYfNdXmPzU7ADkAdvg8WmDzY36ZEY1KtQOwUTcYYrtY9_2LNCMjuG_-3Lld5b15HX5FjueT2f98ZqMsgJX0u_OEXjYCAAAAYVIAAAABaAEHCgAyVN-TCDIC5A696JwLL38pdApZYPdtTibnfFkTAL2brGjG1RRi5ckNHUJgrwIztsl-kA-ZAvWlgoZh0orN4PTyTshErYqwVwU5rsxcL6BiipQq1Z6NrnudrafvN70OkWGFS9q7kke0cxSxf3h5OR9kdRoGGPV8pO0VklspkwVXfsqJugovUTVUvmXawC0nW2K2HcO-kUEdJIDC483ThleYQId8792MmNO2QESucKzUAsCHvPqt2QQGMfb4qFgtn7ZGxhQXegsHY6klU3rejTGTWZD9e0auvdtBomY54Gav-dpWCNw3-qAuPe_bcc8ctSW0bBqvlxQjL-If0XWnCJQk-zKrPxKTRy07VESnchI2oXUhjtZinKV080OveQ8VwR1FOwrC3_WGMYrucHesQnpOiXmWSGWs9PA_TgTv3OcjfHR1AbMfowh8AfvekbDuAtU6PAUhWwcAvvzvwUTybnO-6kY222PUjLx-f2857ehKS9sBg3xqEvp8CCkM1CXinwvFHbdAj3fwBJVaDP2Ip9RLccVuDKTMkD61nBvAypaeHDpus1Lw2BCf27HuxP0Qc_mtPkt3VpvH-RCbHO4Cf75985UPzMB6Q99acn9201vkyjsB9InRgG962M4Pu2Mp67KNIFw4f-GhvEmIiQ_4HcJcl0HCSb232B4aN-fLVbSMXF3tctV98iS4nc_5A7HaBO6WfibFZC_y6n-vkFhH0npfPcZCum4NAHFY4ReUL1WEBcjEtWWqRW7omaTfa5RlyPrcl21TBPJKVLOCXWsXaw3Ujff9DFnt8S9TzswqE1xSrHJLL90iFJymBnsFr4WEnuO-0Iz634JsX7oWHxOpWz5ikwYllKYff-RxeqOw8O9rhdATDPG9RG49-Yjhx4VWdmTUs0ICls0Ke7PTvDbBM7BSpbnf7-7SeKvkDF78g1eZ3pavDsIIRew7oYqbyoiXSqdY3x8ivs4PlJoQ6L7QkupIOuE4p_pf3WzOMOuGIl61D1cZ6iSnLKIDIiB05a2ZSZRsbnm7cVJ9ZJ_uB6ngcG9Yg1OnuJG0ocdmrwfnDF9abXkhqh7VydQdzeDr
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playerstat
stat.advideo.ru/ Frame 36A9 		6 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.advideo.ru/playerstat?event=init&trackId=1&contentManagerId=215&playlistId=35603&domainId=2723&ref=https%3A%2F%2Fgdz.fun%2F&firstTime=1&isflash=0&rand=0.7026164307472313&visitor_id=notset-16050DBF-96A9-4115-9927-39582C046118
Requested by
Host: cdn.bazr.ru
URL: https://cdn.bazr.ru/videocontent/omovi/js1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.213.168 , Russian Federation, ASN42244 (ESERVER, SK),
Reverse DNS
mail.small-games.info
Software
nginx/1.16.1 /
Resource Hash
69f68e885d5443aefbb9333555cc5ac032588c035aed52163005fe7c3ebf3db6

Request headers

Accept
*/*
Referer
https://bazr.ru/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://bazr.ru
date
Wed, 26 Apr 2023 01:59:56 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.16.1
content-type
text/html;charset=utf-8
player
faststat.advideo.ru/ Frame 36A9 		2 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://faststat.advideo.ru/player?event_type=init&statistics_type=adv&url=https%3A%2F%2Fgdz.fun%2F&cm_id=215&prev_cm_id=0&track_id=1&playlist_id=35603&site_id=2723&project_id=0&chain_id=2&vast_chain_id=28&is_firsttime=1&is_native=0&is_vast=0&visitor_id=notset-16050DBF-96A9-4115-9927-39582C046118&session=C646F9B4-0D65-44CF-A955-3F8E335E25CB&sex=0&age=0&time_passed=5&media_type=&has_flash=0&ad_id=0&viewable=1&pl_ver=0&cm_time=2&ancestor_origins=https%3A%2F%2Fgdz.fun
Requested by
Host: cdn.bazr.ru
URL: https://cdn.bazr.ru/videocontent/omovi/js1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.213.170 , Russian Federation, ASN42244 (ESERVER, SK),
Reverse DNS
space1.unassigned.ru.eserver.net
Software
nginx/1.16.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
*/*
Referer
https://bazr.ru/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://bazr.ru
date
Wed, 26 Apr 2023 01:59:56 GMT
access-control-allow-credentials
true
server
nginx/1.16.1
content-length
2
content-type
text/plain; charset=utf8
player
faststat.advideo.ru/ Frame 36A9 		2 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://faststat.advideo.ru/player?event_type=request&statistics_type=adv&url=https%3A%2F%2Fgdz.fun%2F&cm_id=215&prev_cm_id=0&track_id=1&playlist_id=35603&site_id=2723&project_id=0&chain_id=2&vast_chain_id=28&is_firsttime=1&is_native=0&is_vast=0&visitor_id=notset-16050DBF-96A9-4115-9927-39582C046118&session=C646F9B4-0D65-44CF-A955-3F8E335E25CB&sex=0&age=0&time_passed=6&media_type=&has_flash=0&ad_id=0&viewable=1&pl_ver=0&cm_time=3&ancestor_origins=https%3A%2F%2Fgdz.fun
Requested by
Host: cdn.bazr.ru
URL: https://cdn.bazr.ru/videocontent/omovi/js1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.218.213.170 , Russian Federation, ASN42244 (ESERVER, SK),
Reverse DNS
space1.unassigned.ru.eserver.net
Software
nginx/1.16.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
*/*
Referer
https://bazr.ru/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://bazr.ru
date
Wed, 26 Apr 2023 01:59:56 GMT
access-control-allow-credentials
true
server
nginx/1.16.1
content-length
2
content-type
text/plain; charset=utf8
mvpt.min.js
moevideo.biz/embed/js/ Frame 36A9 		176 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/js/mvpt.min.js
Requested by
Host: cdn.bazr.ru
URL: https://cdn.bazr.ru/videocontent/global/newplayer/advideo.js?30112020134221113
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.21 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f61.moevideo.net
Software
nginx /
Resource Hash
9c9981570082f0c9e2dc51206ff296a57e9a72d1fd915fed947adf484ef2bd3a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Jan 2023 13:15:20 GMT
Server
nginx
X-My-Name
s193
ETag
W/"63d27ce8-2c0d4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
X-My-Reqtime
0.009
hit
counter.yadro.ru/ Frame 36A9
Redirect Chain
  • https://counter.yadro.ru/hit?t44.1;rhttps%3A//gdz.fun/;s1600*1200*24;uhttps%3A//bazr.ru/player%3FplaylistId%3D35603%26v1.0.1.1;h%u041F%u043B%u0435%u0435%u04403;0.8035960889552596
  • https://counter.yadro.ru/hit?q;t44.1;rhttps%3A//gdz.fun/;s1600*1200*24;uhttps%3A//bazr.ru/player%3FplaylistId%3D35603%26v1.0.1.1;h%u041F%u043B%u0435%u0435%u04403;0.8035960889552596
140 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t44.1;rhttps%3A//gdz.fun/;s1600*1200*24;uhttps%3A//bazr.ru/player%3FplaylistId%3D35603%26v1.0.1.1;h%u041F%u043B%u0435%u0435%u04403;0.8035960889552596
Requested by
Host: bazr.ru
URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:56 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
140
Expires
Mon, 25 Apr 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:56 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t44.1;rhttps%3A//gdz.fun/;s1600*1200*24;uhttps%3A//bazr.ru/player%3FplaylistId%3D35603%26v1.0.1.1;h%u041F%u043B%u0435%u0435%u04403;0.8035960889552596
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Mon, 25 Apr 2022 21:00:00 GMT
top100.js
st.top100.ru/top100/ Frame 36A9 		108 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.top100.ru/top100/top100.js
Requested by
Host: bazr.ru
URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
a6d968584e92c01f5bf29c9de2d18c8f8c81e5ac4f43357e97e20ff64839028e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:56 GMT
content-encoding
gzip
last-modified
Mon, 24 Apr 2023 09:01:16 GMT
server
nginx/1.19.4
x-amz-request-id
tx000000000000257138ae3-006448857a-f85be6-default
etag
W/"5643b3a5407da1e93e7e60d90ce31927"
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type
Normal
cache-control
max-age=3600
expires
Wed, 26 Apr 2023 02:59:56 GMT
tag.js
mc.yandex.ru/metrika/ Frame 36A9 		213 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: bazr.ru
URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a26b4febdb7690008890d735d5f32ecb59441835704251420f9bb3d4dd4417ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 21 Apr 2023 13:01:10 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64425ee6-122e6"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
74470
expires
Wed, 26 Apr 2023 02:59:56 GMT
0x2.js
adverdata.net/0x200/04cde9ff880/ Frame 36A9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adverdata.net/0x200/04cde9ff880/0x2.js?t=1682474396330
Requested by
Host: bazr.ru
URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.218.228.87 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
hosted-by.ihc.ru
Software
nginx/1.15.8 /
Resource Hash
efe3d5f447ad4c9be314641f3004746cdca3ce0a8e30179897037a58cae9e6fd
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:56 GMT
content-encoding
gzip
strict-transport-security
max-age=0;
last-modified
Fri, 10 Mar 2023 11:58:42 GMT
server
nginx/1.15.8
etag
"640b1b72-203e"
content-type
application/javascript
access-control-allow-origin
*
content-length
8254
loading2.svg
cdn.bazr.ru/videocontent/global/images/ Frame 36A9 		965 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bazr.ru/videocontent/global/images/loading2.svg
Requested by
Host: bazr.ru
URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.218.223.43 , Russian Federation, ASN42244 (ESERVER, SK),
Reverse DNS
space1.unassigned.ru.eserver.net
Software
nginx/1.18.0 /
Resource Hash
e1748bd2faf8b430d2990aef6024f115c4fee9a64fb22cd50442ce566638a201

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:56 GMT
last-modified
Thu, 10 Dec 2020 17:35:59 GMT
server
nginx/1.18.0
etag
"5fd25c7f-3c5"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
965
expires
Wed, 03 May 2023 01:59:56 GMT
advert.gif
mc.yandex.ru/metrika/ Frame 36A9 		43 B
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: bazr.ru
URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:56 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 21 Apr 2023 13:01:10 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64425ee6-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 26 Apr 2023 02:59:56 GMT
28186854
mc.yandex.ru/watch/ Frame 36A9 		428 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/28186854?wmode=7&page-url=https%3A%2F%2Fbazr.ru%2Fplayer%3FplaylistId%3D35603%26v1.0.1.1&page-ref=https%3A%2F%2Fgdz.fun%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flogxj2lsv%3Afp%3A668%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A65115245451%3Ahid%3A720747023%3Az%3A0%3Ai%3A20230426015956%3Aet%3A1682474397%3Ac%3A1%3Arn%3A125426075%3Arqn%3A1%3Au%3A1682474397957956780%3Aw%3A600x340%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C110%2C70%2C1%2C0%2C0%2C%2C393%2C1%2C%2C%2C%2C575%3Aco%3A0%3Acpf%3A1%3Ans%3A1682474395758%3Arqnl%3A1%3Ast%3A1682474397%3At%3A%D0%9F%D0%BB%D0%B5%D0%B5%D1%803&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
86fde15e08145b54c13d3cccbdd21b3b761adda79e9a2bc1fe54044e35e7fbe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 26-Apr-2023 01:59:56 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bazr.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
428
x-xss-protection
1; mode=block
expires
Wed, 26-Apr-2023 01:59:56 GMT
3515.png
204.adverdata.net/log/images/ Frame 36A9 		68 B
324 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://204.adverdata.net/log/images/3515.png?random=0.9736502183756193&aA=579&bDat=MTY4MjQ3NDM5NjU3OQ==&vv=NjU=&time=1682474396&res=24&build=26.1.7&vmode=1&asi=5&sz=749x325&version=43
Requested by
Host: adverdata.net
URL: https://adverdata.net/0x200/04cde9ff880/0x2.js?t=1682474396330
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.218.228.87 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
hosted-by.ihc.ru
Software
nginx/1.15.8 /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Referer
https://bazr.ru/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary8G1OqqnPzpYXoYYJ

Response headers

x-response-time
4ms
date
Wed, 26 Apr 2023 01:59:56 GMT
strict-transport-security
max-age=0;
server
nginx/1.15.8
vary
Origin
content-type
image/png
access-control-allow-origin
https://bazr.ru
content-length
68
userip
kraken.rambler.ru/ Frame 36A9 		13 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kraken.rambler.ru/userip
Requested by
Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
14647529dae16db25d2a92e0122fc2c552ceb0154195a9922bc7f7a1f258629a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://bazr.ru
date
Wed, 26 Apr 2023 01:59:56 GMT
content-type
application/octet-stream, text/plain
server
nginx/1.19.4
x-srv
0kraken-prod0003.ad.rambler.tech
content-length
13
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
usability.js
st.top100.ru/top100/3.13.20/ Frame 36A9 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.top100.ru/top100/3.13.20/usability.js
Requested by
Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
1fca7e2d421875b496a5a6bfe5857d62e277d9bf8dc41a7815481a680b3e1be6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:56 GMT
content-encoding
gzip
last-modified
Mon, 24 Apr 2023 09:01:16 GMT
server
nginx/1.19.4
x-amz-request-id
tx00000000000025712fe7e-00644884af-f85be6-default
etag
W/"aca17a264fc4dcb15d7447bcea8197ff"
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type
Normal
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5315 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvz7S7OtEY6RjkERZcwZuTwC1repMSFpMr0HIbNCfrIN7OMt1hwb7oz5TbzniITCbc5H5oMZVZrrIid1ZgdMRBxF535oVJo4C_tSUOGnJrb7pYZeiWxjS_Bmi0n2fM-1yg4s1vL0w&sai=AMfl-YSBRuSmIb0lWu1PSoIusF2SzSGaZGxYRjVF5xLUzcie1tgK4RO6jTqztNvGblzq5L4lKuWf-eEDikdx&sig=Cg0ArKJSzGV9ken86015EAE&cid=CAQSGwBygQiDFgxO7BThT-2ALPwEU99OBb9rDkLeIhgB&id=lidar2&mcvt=1053&p=0,0,280,900&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&v=20230424&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4059467728&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682474395070&rpt=508&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
version
moevideo.biz/embed/core/ Frame 36A9 		43 B
217 B 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/core/version?jsonp=&jsonpCallback=jsonp_1682474396675_528
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.21 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f61.moevideo.net
Software
nginx /
Resource Hash
2a9d5b8cc43f91e3b0778202acdbbbca8dcce6739ee07bc4fc782b10ba25b608

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
X-My-Reqtime
0.087
Content-Type
application/javascript
activeview
pagead2.googlesyndication.com/pcs/ Frame 66DC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMk1YQG8AvR_9h7lrBgUmY1d9fxr1TxyCXxKv-ePgUFYUvqLHmragl8JNwf5WyDlAkKavlkv857bnqQzL38ZDAaEGtNBqnchc_zPwwC5M3cUVnzlNx__X08j8Wu6GJWh-yUR_6lw&sai=AMfl-YRMH13qklC-qp3SSebink3wg3UFf1CG1Y8tdNrI20ElscjzrvE-0VyIP_syYj6m6cASVFR-slV6HZjk&sig=Cg0ArKJSzAQ3x4t-e11oEAE&cid=CAQSGwBygQiDFfAptwEa-UPUeWvDSlYD31IXyOfrexgB&id=lidar2&mcvt=1005&p=0,0,600,200&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230424&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682474395427&rpt=209&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
native
moevideo.biz/ Frame E32C 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.21 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f61.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
1409be790ad3bd66880a39159149954e6fad569b1aca1d073e7d75d026a03215

Request headers

Referer
https://bazr.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 26 Apr 2023 01:59:56 GMT
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Wed, 26 Apr 2023 01:59:56 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Mv-Embed-Version
1414
X-Mv-TryCache
0
X-My-Adv-Time
0.00442481040955
X-My-App-Time
0.03
X-My-Name
s196
X-My-Reqtime
0.036
X-Powered-By
PHP/5.5.38
/
kraken.rambler.ru/cnt/ Frame 36A9 		43 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/?et=pv&v=3.13.20&pid=6579761&tid=t1.6579761.636763410.1682474396648&rid=1682474396.648-77360261&fid=pA8AAENKs1c8BYrjAUflKAA%3D&fip=pA8AAENKs1f414fHAWdVrQA%3D&eid=875643968496636&stid=0_0&sn=0&sen=0&ce=1&bs=600x340&rf=https%3A%2F%2Fgdz.fun%2F&en=UTF-8&pt=%D0%9F%D0%BB%D0%B5%D0%B5%D1%803&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&ct=web&url=https%3A%2F%2Fbazr.ru%2Fplayer%3FplaylistId%3D35603%26v1.0.1.1&lv&exp=%5B%5B%22exp_ws%22%2C%22no%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=207645080
Requested by
Host: bazr.ru
URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:56 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
x-srv
0kraken-prod0001.ad.rambler.tech
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif, image/gif
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9AFB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqtaJ9Xohtsd6hj_BnwEuz6-mOnENklS06CPq00HRiSfgMe3AJPGp1zpRAjIuaRsT2HdZQO9JAKbcWYoqS2-IeDPhU7yhZmPDyYAGAHU8OIm7YvTBwFDwseHXsxverp91d-UToUQ&sai=AMfl-YR4ABc_A3F7FFSDaY06ZhQ3aIBVEzOaZ5qW4isweeZMCf_RU-GIrpN0taLartIbB9oEw5_RLU9t2e2B&sig=Cg0ArKJSzJeibbJQHkOsEAE&cid=CAQSGwBygQiDFfAptwEa-UPUeWvDSlYD31IXyOfrexgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=179,821,1000,1144,1268&tos=179,642,179,144,124&v=20230424&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682474395430&rpt=216&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles.css
moevideo.biz/embed/player/1860/skins/gray/ Frame E32C 		54 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1860/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.21 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f61.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Jan 2023 13:03:25 GMT
Server
nginx
X-My-Name
s166
ETag
W/"63d27a1d-d99f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
X-My-Reqtime
0.024
mvplayer.min.js
moevideo.biz/embed/player/1860/ Frame E32C 		597 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1860/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.21 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f61.moevideo.net
Software
nginx /
Resource Hash
4d50f79fdb320efa3f58c176d2bdb09fcc458be41aad03f55711bf8417d4a4db

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Jan 2023 13:11:55 GMT
Server
nginx
X-My-Name
s11
ETag
W/"63d27c1b-954a5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
X-My-Reqtime
0.084
set
playreplay.me/api/cookie/ Frame E32C 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.me/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%224a9d457a2c4f3e03c0aa%22},{%22key%22:%22mvsid%22,%22value%22:%224126bf5b-27db-487b-b2e5-e290fbc72911%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.67 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f52.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.001
set
thesame.tv/api/cookie/ Frame E32C 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesame.tv/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%224a9d457a2c4f3e03c0aa%22},{%22key%22:%22mvsid%22,%22value%22:%224126bf5b-27db-487b-b2e5-e290fbc72911%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.26.230.47 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.001
set
moevideo.biz/api/cookie/ Frame E32C 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%224a9d457a2c4f3e03c0aa%22},{%22key%22:%22mvsid%22,%22value%22:%224126bf5b-27db-487b-b2e5-e290fbc72911%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.21 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f61.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.000
set
cs-0.moevideo.biz/api/cookie/ Frame E32C 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cs-0.moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%224a9d457a2c4f3e03c0aa%22},{%22key%22:%22mvsid%22,%22value%22:%224126bf5b-27db-487b-b2e5-e290fbc72911%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.32 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f26.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.000
set
playreplay.net/api/cookie/ Frame E32C 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.net/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%224a9d457a2c4f3e03c0aa%22},{%22key%22:%22mvsid%22,%22value%22:%224126bf5b-27db-487b-b2e5-e290fbc72911%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.188.150.107 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.001
/
kraken.rambler.ru/cnt/v2/ Frame 36A9 		43 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6579761&session_id=0_0&session_number=0&session_event_number=0&version=3.13.20&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6579761.636763410.1682474396648&fingerprint=pA8AAENKs1c8BYrjAUflKAA%3D&fingerprint_ip=pA8AAENKs1f414fHAWdVrQA%3D&url=https%3A%2F%2Fbazr.ru%2Fplayer%3FplaylistId%3D35603%26v1.0.1.1&request_id=1682474396.648-77360261&event_id=875643968496636&meta=%7B%22title%22%3A%22%D0%9F%D0%BB%D0%B5%D0%B5%D1%803%22%2C%22referer%22%3A%22https%3A%2F%2Fgdz.fun%2F%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%22600x340%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%220%22%7D&rn=1800194273
Requested by
Host: bazr.ru
URL: https://bazr.ru/player?playlistId=35603&v1.0.1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:57 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
x-srv
0kraken-prod0001.ad.rambler.tech
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif, image/gif
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6E16 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLgbugtFaVgfhsSex8k2bO2ID_yAm-T0DxywosuQCMz8SYEEf6CCLKBkclXJ_nIbyxZdRE49J7Uc8rCu1W_RWtdws2BcEoUxfSGb1hpSBB6UG4AsBUvXbxFi9i141lpE9Y7VBY568&sai=AMfl-YS94c0W6DjwVi6XuQp73gjM8dm7fxVlnTTJLG4T2dpUhHdB6OUojRxEGKHOz3Ti659f83H-gEhRampZjzGc8E7vrxPuAn06sm2J9K3QVXsjw8m1R6UQ7p-bzPCJtY8&sig=Cg0ArKJSzLuUAypFvlftEAE&cid=CAQSPgBygQiD8eWYI5HliZx6BTN4mLGdAzVBffzWjLu4VilolVhF56cnbBSJgWOGqbDn-wBDY8dVw6uB6NqX3JnaGAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230424&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4043957354&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682474395190&rpt=915&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 148E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2jXMcTQBLsDWLui6UPj32PgyowH4s-CXOpBm4HdNxT9bVREK_rMQBM6tBN5UWxyhSgTLRSRAVB8z8p5BXfyDvWUw70rkjhw1uVQGkydeDHFE7Fs2qAGhxrZCdgbKrBTJOHHE9eZw&sai=AMfl-YTzTPX9UcC9awNoSWJDKF3Uem843p2473H6x7HhNJO83HWhtYNWQ4KysUgnmjEPg9zpL6phRaHj530PKKtCskESIxlbCBxN1lAbJV6be7D4f2IiXc1-W16h3_wMGpQ&sig=Cg0ArKJSzIhzcren0UonEAE&cid=CAQSPgBygQiD3JiHcf8HWBbLqbdqqvxwv2S0vK-9CTaqjA22xPIWBDF8pC7ZOomTp21Y8x-VDfijg73YWSzV7DZ2GAE&id=ampim&o=240,788&d=900,232&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=328&tls=1328&g=99.88550543785095&h=99.88550543785095&tt=1328&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: gdz.fun
URL: https://gdz.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E16 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1425214838058&version=m202301230201&ct=76&x=1&cor=15974424180726989000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
storage.html
moe.video/ Frame A7D6 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.26.230.47 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Referer
https://moevideo.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 26 Apr 2023 01:59:57 GMT
ETag
W/"63d27cd7-4783"
Last-Modified
Thu, 26 Jan 2023 13:15:03 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-B-Name
fsel6
X-My-Name
s164
X-My-Reqtime
0.004
truncated
/ Frame E32C 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
auction_multi
am-0.moevideo.biz/ssp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.244 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
fvm15.moevideo.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://moevideo.biz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Wed, 26 Apr 2023 01:59:57 GMT
Server
nginx
auction_multi
am-0.moevideo.biz/ssp/ Frame E32C 		2 B
476 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.244 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
fvm15.moevideo.net
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:57 GMT
X-Balancer-Name
fvm15
Last-Modified
Wed, 26 Apr 2023 01:59:57 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://moevideo.biz
X-B-Name
fvm15
Cache-Control
no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
Thu, 19 Feb 1998 13:24:18 GMT
analytics.js
www.google-analytics.com/ Frame E32C 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 26 Apr 2023 00:27:45 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5532
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 26 Apr 2023 02:27:45 GMT
ads-async.js
ad.mail.ru/static/ Frame E32C 		193 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
162c293d74338386b2c72a2cdd9ebe64a8a467ad70dda92db33646cd4da2d9d5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:57 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Wed, 26 Apr 2023 02:09:57 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230420&st=env
Requested by
Host: gdz.fun
URL: https://gdz.fun/build/assets/js/vendors.68325d94f2ede5da7840.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
9e389a0a8358fc62537e99102d8a3dceff3ca5bc2e4175b92c77ba786d4744d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11110
x-xss-protection
0
storage.html
moe.video/ Frame 28FF 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.26.230.47 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Referer
https://moevideo.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 26 Apr 2023 01:59:57 GMT
ETag
W/"63d27cd6-4783"
Last-Modified
Thu, 26 Jan 2023 13:15:02 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-B-Name
fsel6
X-My-Name
s163
X-My-Reqtime
0.004
storage.html
moe.video/ Frame 843F 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.26.230.47 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Referer
https://moevideo.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 26 Apr 2023 01:59:57 GMT
ETag
W/"63d27ce8-4783"
Last-Modified
Thu, 26 Jan 2023 13:15:20 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-B-Name
fsel6
X-My-Name
s193
X-My-Reqtime
0.021
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2891046647766967&plah=gdz.fun&bust=31074087
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Apr 2023 01:59:57 GMT
3930
ad.mail.ru/vast/ Frame 36A9 		0
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/3930
Requested by
Host: adverdata.net
URL: https://adverdata.net/0x200/04cde9ff880/0x2.js?t=1682474396330
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bazr.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:57 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://bazr.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
instreamr_wl1_legalcontent
relap.mail.ru/vast/ Frame E32C 		95 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://relap.mail.ru/vast/instreamr_wl1_legalcontent?referrer=https%3A%2F%2Fbazr.ru%2F&domain=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
7ef4f6c06c96a2ef1374b8d3174b555c5c1b5295847afa7e3d2108e71416d978
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:57 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-max-age
1728000
content-type
application/xml
access-control-allow-origin
https://moevideo.biz
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-credentials
true
x-server
vast43
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
content-length
95
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
instreamr_spec_wl1_legalcontent
relap.mail.ru/vast/ Frame E32C 		95 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://relap.mail.ru/vast/instreamr_spec_wl1_legalcontent?referrer=https%3A%2F%2Fbazr.ru%2F&domain=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
7ef4f6c06c96a2ef1374b8d3174b555c5c1b5295847afa7e3d2108e71416d978
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:57 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/xml
access-control-allow-origin
https://moevideo.biz
access-control-max-age
1728000
access-control-allow-credentials
true
x-server
vast40
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
content-length
95
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
389706
ad.mail.ru/vast/ Frame E32C 		59 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=20002&sc=86511&dl=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:57 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
erle.cgi
ad.adriver.ru/cgi-bin/ Frame E32C
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=223687&bt=61&pz=0&target=top&rnd=5910054&tail256=bazr.ru
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=223687&bt=61&pz=0&target=top&rnd=5910054&tail256=bazr.ru&tuid=-5449494913
142 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=223687&bt=61&pz=0&target=top&rnd=5910054&tail256=bazr.ru&tuid=-5449494913
Protocol
HTTP/1.1
Server
195.209.108.49 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:57 GMT
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:57 GMT
Transfer-Encoding
chunked
P3P
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Content-Type
text/html
Location
/cgi-bin/erle.cgi?sid=223687&bt=61&pz=0&target=top&rnd=5910054&tail256=bazr.ru&tuid=-5449494913
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://moevideo.biz
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 36BB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gdz.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
25872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 18:48:45 GMT
expires
Wed, 24 Apr 2024 18:48:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5843 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
003dc3ce975b3a12a7822f71fa2a9ea0d7c1d33fd9930886a31be31b517ba1ef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MLgEvb_g8oat4bg3UGNwAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gdz.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-MLgEvb_g8oat4bg3UGNwAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Apr 2023 01:59:57 GMT
expires
Wed, 26 Apr 2023 01:59:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
storage.html
moe.video/ Frame 1471 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.26.230.47 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Referer
https://moevideo.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 26 Apr 2023 01:59:57 GMT
ETag
W/"63d27cca-4783"
Last-Modified
Thu, 26 Jan 2023 13:14:50 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-B-Name
fsel6
X-My-Name
s150
X-My-Reqtime
0.005
cs
rtb.moe.video/ Frame E32C
Redirect Chain
  • https://moevideo-sync.rutarget.ru/sync
  • https://rtb.moe.video/cs?b=qoUqskRR8rC4&d=1
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.moe.video/cs?b=qoUqskRR8rC4&d=1
Protocol
H2
Server
94.26.231.116 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:58 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
version
v1.2.0

Redirect headers

Location
https://rtb.moe.video/cs?b=qoUqskRR8rC4&d=1
Date
Wed, 26 Apr 2023 01:59:57 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
match
dm-eu.hybrid.ai/ Frame E32C 		0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm-eu.hybrid.ai/match?id=117
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.230.131.22 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:57 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
https://moevideo.biz
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
512
x-xss-protection
1; mode=block
expires
-1
moevideo
px.adhigh.net/p/cm/ Frame E32C
Redirect Chain
  • https://px.adhigh.net/p/cm/moevideo
  • https://px.adhigh.net/p/cm/moevideo?bounced=1
49 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/moevideo?bounced=1
Protocol
H2
Server
193.232.150.43 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
hosting.adhigh.net
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:57 GMT
server
nginx
x-backend-id
f24-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:57 GMT
server
nginx
x-backend-id
f24-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://px.adhigh.net/p/cm/moevideo?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync.bumlam.com/ Frame E32C
Redirect Chain
  • https://sync.bumlam.com/?src=moe2&uid=4a9d457a2c4f3e03c0aa
  • https://sync.bumlam.com/?src=moe2&s_data=CAIQARidi6KiBmIUNGE5ZDQ1N2EyYzRmM2UwM2MwYWGiARALvjjM49YR7YbgACWQwGR8
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=moe2&s_data=CAIQARidi6KiBmIUNGE5ZDQ1N2EyYzRmM2UwM2MwYWGiARALvjjM49YR7YbgACWQwGR8
Protocol
HTTP/1.1
Server
31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 26 Apr 2023 01:59:57 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Wed, 26 Apr 2023 01:59:57 GMT
Server
nginx
ETag
0bbe38cc-e3d6-11ed-86e0-002590c0647c
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.bumlam.com/?src=moe2&s_data=CAIQARidi6KiBmIUNGE5ZDQ1N2EyYzRmM2UwM2MwYWGiARALvjjM49YR7YbgACWQwGR8
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
rle.cgi
ad.adriver.ru/cgi-bin/ Frame E32C
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5119460416
42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5119460416
Protocol
HTTP/1.1
Server
195.209.108.49 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:57 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type
image/gif
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:57 GMT
Transfer-Encoding
chunked
P3P
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Content-Type
text/html
Location
/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5119460416
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs-0.moevideo.biz/ssp/ Frame E32C
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D
  • https://cs-0.moevideo.biz/ssp/cs?d=81&b=60c42c3a-c8f1-44a3-527b-a86bab635537
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=81&b=60c42c3a-c8f1-44a3-527b-a86bab635537
Protocol
HTTP/1.1
Server
92.223.103.32 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f26.moevideo.net
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Apr 2023 01:59:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

location
https://cs-0.moevideo.biz/ssp/cs?d=81&b=60c42c3a-c8f1-44a3-527b-a86bab635537
date
Wed, 26 Apr 2023 01:59:57 GMT
server
nginx
content-length
115
serverid
TODO
content-type
text/html; charset=utf-8
cs
cs-0.moevideo.biz/ssp/ Frame E32C
Redirect Chain
  • https://sync.upravel.com/moevideo/sync
  • https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ
  • https://cs-0.moevideo.biz/ssp/cs?d=91&b=15cc1fdf-0467-43bc-9687-1699f698a072
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=91&b=15cc1fdf-0467-43bc-9687-1699f698a072
Protocol
HTTP/1.1
Server
92.223.103.32 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f26.moevideo.net
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Apr 2023 01:59:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

date
Wed, 26 Apr 2023 01:59:57 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-0.moevideo.biz/ssp/cs?d=91&b=15cc1fdf-0467-43bc-9687-1699f698a072
access-control-allow-origin
*
content-type
image/png
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
false
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
moevideo
sync.dmp.otm-r.com/match/ Frame E32C 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/moevideo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.107 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.107.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 26 Apr 2023 01:59:57 GMT
server
nginx/1.17.6
myvideo-sync
rtb.com.ru/ Frame E32C 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.com.ru/myvideo-sync?uid=4a9d457a2c4f3e03c0aa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.190 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:57 GMT
Cache-Control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server
nginx/1.18.0
Connection
keep-alive
P3p
CP="rtb.com.ru does not have a P3P policy"
cs
cs-0.moevideo.biz/ssp/ Frame E32C
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D&crf=1
  • https://cs-0.moevideo.biz/ssp/cs?d=161&b=2e75db16-a375-5274-aa61-1ba4ce299e39
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=161&b=2e75db16-a375-5274-aa61-1ba4ce299e39
Protocol
HTTP/1.1
Server
92.223.103.32 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f26.moevideo.net
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Apr 2023 01:59:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

location
https://cs-0.moevideo.biz/ssp/cs?d=161&b=2e75db16-a375-5274-aa61-1ba4ce299e39
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
collect
dx.frontend.weborama.com/ Frame E32C
Redirect Chain
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//moevideo.biz/native%3Fid%3Dmv-content-roll-3091%26slot%3Dcontent%26api%3D2.0%26ref%3Dbazr.ru%26frp%3DaHR0cHM6Ly9iYXpyLnJ1L3BsYXll...
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-3091%26slot%3Dcontent%26api%3D2.0%26ref%3Dbazr.ru%26frp%3DaHR0cHM6Ly9iYXpyLnJ1L3...
  • https://rd.frontend.weborama.fr/rd?key=wamsync
  • https://rd.frontend.weborama.fr/rd?key=wamsync&bounce=1&random=2126419909
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=jKRPg4Jl7VCM
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=jKRPg4Jl7VCM
Protocol
H3
Server
34.111.205.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.205.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:57 GMT
via
1.1 google
last-modified
Wed, 26 Apr 2023 01:59:58 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:57 GMT
via
1.1 google
last-modified
Wed, 26 Apr 2023 01:59:57 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=jKRPg4Jl7VCM
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
cs
cs-0.moevideo.biz/ssp/ Frame E32C
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=moevideo&id=4a9d457a2c4f3e03c0aa
  • https://cs-0.moevideo.biz/ssp/cs?d=111&b==
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=111&b==
Protocol
HTTP/1.1
Server
92.223.103.32 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f26.moevideo.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

Date
Wed, 26 Apr 2023 01:59:57 GMT
Server
nginx/1.22.1
Vary
Origin
Access-Control-Allow-Origin
*
Location
https://cs-0.moevideo.biz/ssp/cs?d=111&b==
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
1px-matching-go2net.gif
m.trafmag.com/images/ Frame E32C
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=03012A8F-9C5C-4F0A-B5C5-EF2E17D61EBD&id=4a9d457a2c4f3e03c0aa
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=5626e3653a714e89acec515bcc4e6aa3
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=5626e3653a714e89acec515bcc4e6aa3
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 26 Apr 2023 01:59:58 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

date
Wed, 26 Apr 2023 01:59:57 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=5626e3653a714e89acec515bcc4e6aa3
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
0
x-xss-protection
0
zwOM0n9_T-mmVfsgz_aQBQ
an.yandex.ru/setud/mts_banner/ Frame E32C
Redirect Chain
  • https://kimberlite.io/rtb/sync/moevideo?u=4a9d457a2c4f3e03c0aa
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fweborama%3Fu%3D%7BWEBO_CID%7D%26f%3Dhttps%253A%252F%252Fcs-0.moevideo.biz%252Fssp%252Fcs%253Fd%253D201%2526b%...
  • https://kimberlite.io/rtb/sync/weborama?u=a9EM90n71itZKM/KOxZHWu&f=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D201%26b%3DZEiFntWg960&n=1
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZEiFntWg960
  • https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZEiFntWg960
  • https://tech.rtb.mts.ru/?dsp_uid=cf038cd2-7f7f-4fe9-a655-fb20cff69005&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FzwOM0n9_T-mmVfsgz_aQBQ%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
  • https://an.yandex.ru/setud/mts_banner/zwOM0n9_T-mmVfsgz_aQBQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1430119235
43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/mts_banner/zwOM0n9_T-mmVfsgz_aQBQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1430119235
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Apr 2023 01:59:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 26 Apr 2023 01:59:58 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 26 Apr 2023 01:59:58 GMT

Redirect headers

Date
Wed, 26 Apr 2023 01:59:58 GMT
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/setud/mts_banner/zwOM0n9_T-mmVfsgz_aQBQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1430119235
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
moevideo_direct_ssp
sync.dsp.solta.io/match/ Frame E32C 		43 B
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dsp.solta.io/match/moevideo_direct_ssp?id=4a9d457a2c4f3e03c0aa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.40.31.214 Tula, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
43
content-type
image/gif
cs
cs-0.moevideo.biz/ssp/ Frame E32C
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=moevideo&id=4a9d457a2c4f3e03c0aa
  • https://sm.rtb.mts.ru/match/second?ssp=22&exu=4a9d457a2c4f3e03c0aa
  • https://tech.rtb.mts.ru/?dsp_uid=cf038cd2-7f7f-4fe9-a655-fb20cff69005&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
  • https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D22%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
  • https://sm.rtb.mts.ru/em?next=22&em=1&ssp=konnektu&id=
  • https://cs-0.moevideo.biz/ssp/cs?d=121&b=cf038cd2-7f7f-4fe9-a655-fb20cff69005
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=121&b=cf038cd2-7f7f-4fe9-a655-fb20cff69005
Protocol
HTTP/1.1
Server
92.223.103.32 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f26.moevideo.net
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 26 Apr 2023 01:59:58 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

Date
Wed, 26 Apr 2023 01:59:58 GMT
Server
nginx
Vary
Origin
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin
*
Location
https://cs-0.moevideo.biz/ssp/cs?d=121&b=cf038cd2-7f7f-4fe9-a655-fb20cff69005
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
pagead2.googlesyndication.com/bg/ Frame 36BB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 20:22:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
20233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14209
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 20:22:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5843 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230420&jk=4225419336024618&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
210516.png
204.adverdata.net/200/1/images/ Frame 36A9 		250 B
450 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://204.adverdata.net/200/1/images/210516.png?bDat=MTY4MjQ3NDM5Nzc1Ng==&build=26.1.9&asi=12&colors=24&sz=943x357&format=1&version=19&bH=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMi4wLjU2MTUuMTIxIFNhZmFyaS81MzcuMzY=&vmode=2&interactive=0&ver=3.26&random=0.4427807110609956&aA=756
Requested by
Host: adverdata.net
URL: https://adverdata.net/0x200/04cde9ff880/0x2.js?t=1682474396330
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.218.228.87 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
hosted-by.ihc.ru
Software
nginx/1.15.8 /
Resource Hash
a688da81ea7cf02998ad568d064240e0b11a10ff8b2c885c52f84ee174a93948
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Referer
https://bazr.ru/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

x-response-time
5ms
date
Wed, 26 Apr 2023 01:59:57 GMT
strict-transport-security
max-age=0;
content-encoding
gzip
server
nginx/1.15.8
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bazr.ru
access-control-allow-credentials
true
5C6D71.js
r.mradx.net/img/38/ Frame E32C 		191 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.mradx.net/img/38/5C6D71.js
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:db00::28 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
60bbc99a33728db1950d9df204777e97176df3357badd7ab64346fbbd5e51608

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Apr 2023 15:39:47 GMT
Server
nginx
ETag
W/"6447f443-2fb97"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Thu, 31 Dec 2037 23:55:55 GMT
generate_204
tpc.googlesyndication.com/ Frame 36BB 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wnKTpw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
myvideo-vast
adx.com.ru/ Frame E32C 		60 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Fbazr.ru%2F&uid=&vpaid=false&rolltype=outstream
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.105.70 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:58 GMT
server
nginx/1.22.0
p3p
CP="adx.com.ru does not have a P3P policy"
access-control-allow-origin
https://moevideo.biz
content-type
text/xml; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-length
60
980546
ad.mail.ru/vast/ Frame E32C 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/980546?pr=2365133&sc=86511&dl=https%3A%2F%2Fbazr.ru%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
726513
ad.mail.ru/vast/ Frame E32C 		59 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/726513?dl=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:57 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
1151494
ad.mail.ru/vast/ Frame E32C 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/1151494?pr=6896211&sc=86511&dl=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
389706
ad.mail.ru/vast/ Frame E32C 		59 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=8281153&sc=86511&dl=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
993463
ad.mail.ru/vast/ Frame E32C 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/993463?rand=7247226&sc=86511&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
1061630
ad.mail.ru/vast/ Frame E32C 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/1061630?pr=4490482&sc=86511&dl=https%3A%2F%2Fbazr.ru%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
389706
ad.mail.ru/vast/ Frame E32C 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=8782707&sc=86511&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
1078843
ad.mail.ru/vast/ Frame E32C 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/1078843?dl=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
362146
ad.mail.ru/vast/ Frame E32C 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=3730818&sc=86511&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
instreamr_wl4_legalcontent
relap.mail.ru/vast/ Frame E32C 		95 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://relap.mail.ru/vast/instreamr_wl4_legalcontent?referrer=https%3A%2F%2Fbazr.ru%2F&domain=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
7ef4f6c06c96a2ef1374b8d3174b555c5c1b5295847afa7e3d2108e71416d978
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:58 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
access-control-max-age
1728000
vary
Origin
content-type
application/xml
access-control-allow-origin
https://moevideo.biz
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-credentials
true
x-server
vast38
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
content-length
95
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
vkAuth.html
ad.mail.ru/dist/ Frame 5794 		523 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/dist/vkAuth.html
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/38/5C6D71.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Referer
https://moevideo.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Content-Length
523
Content-Type
text/html;charset=UTF-8
Date
Wed, 26 Apr 2023 01:59:58 GMT
Expires
Wed, 26 Apr 2023 02:09:58 GMT
Server
nginx
Timing-Allow-Origin
*
/
ad.mail.ru/adq/ Frame E32C 		83 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?callback=mailru_ad1682474398447&q=199847&vk=0&containerWidth=600&containerHeight=338&last_shown_ids=&_=115179822
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/38/5C6D71.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4c57db11e8c67d39c670e6a2992787cf9d514d00afb0a27ace56e0a91eb74b99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
openapi.js
vk.com/js/api/ Frame 5794 		104 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?169
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-132-240-87.vk.com
Software
kittenx /
Resource Hash
2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:58 GMT
content-encoding
br
x-frontend
front224005
last-modified
Fri, 02 Dec 2022 07:14:40 GMT
server
kittenx
etag
"6389a5e0-5b16"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
23318
expires
Sun, 30 Apr 2023 01:59:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230420&jk=4225419336024618&bg=!CQqlCl7NAAYfNdXmPzU7ADkAdvg8WuquQgDXcYpwhBGLycSf-DP2qpPRXlUvHtFN5TM4Nq3eKsL-xlvtuUqZ2cg63k3ZFnTbGT0CAAAAVlIAAAACaAEHmQLY6OTxR0cv0QeC92h2JjgqEySRoDo-KVWsstf7ePDul5mMTk1xroHL2NWIUR0jBOgIeOd31fYloIrU8X-Iclq0dBWFytQ47KmTAlm0NM4PkhK6REnAGpRElypAyJo06z_mvstjWmboyV5hitmfRw9BapVsDINe8UmHW3h5xiljnrIypMHnAJD1CsVP9sUVUsygin-cKsZyymCgbVgdSCxIJ-1rwyLHDhsRz_vtfDK2JQ6ZRwGORESh2lPgahJYtHiKwMFBZ6WP9ixO9Q1-6oO_S9u_7K66XPUrvZDG9Ax1VLBOmT0MD6PQniyr9eMtFTkYHh3p0QIIwIIY1PILo90QyJS8su8Z-HZszhhjlZQXz6hZPEFD0l-lI8HqsAbFaJP4sihRzjSSB_U6U3rvcvMFCf-IFAKgLZmIDDeXIYoaenX8_G2bKWStqjLQyaaDoxhBt94GXkcpyDJ8R-YoyaBrpTM_BYYisGXhvs24gxQAKfHS1P_8aRKtOSbtBpd3d-fLjCVyl7g8Eobi6Kk5jlaNnD6WMn6G4xJR95Dz87qdj1lmRX1AzxBBhM_5pE5kT-TknlfVmC59TWZrVZgrj6AB4ZN8a7IfiN27Fi7a_y4MxhqPbH4n7K8eEiH--CyQ6pqzv0D3nv6-CLkfu9Ists6MblUzi7P544cznWtH-TWaq8s4_TMd0_34Ouu6wfdUnETITDwXk1qWUrIyNhtp5wwzFnDiXCKnMPheivpeQmZ5I0KfIzI8K6tByFWqBKIbS-pkGdeR-FfbI0vpianF5nDQlly6YGT-OtsMgPwh5x48aY7nWtoJy8bDOoOWpJCRPicVQzzxG3dLCcdFEANT2kcEG2B9gjWf3YRB1GaS10b8WS0-vUxoZdTiJLaPJyRsWsM_bEoUZiT77f6AhJs7MKX5tMVxp7xYLvHWdlR0rwX8fAVrNtgzPAg_tGX4IRyKPuk4OUWxqMidi2Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
instreamr_spec_wl4_legalcontent
relap.mail.ru/vast/ Frame E32C 		95 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://relap.mail.ru/vast/instreamr_spec_wl4_legalcontent?referrer=https%3A%2F%2Fbazr.ru%2F&domain=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
7ef4f6c06c96a2ef1374b8d3174b555c5c1b5295847afa7e3d2108e71416d978
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:58 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-max-age
1728000
content-type
application/xml
access-control-allow-origin
https://moevideo.biz
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-credentials
true
x-server
vast13
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
content-length
95
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
726513
ad.mail.ru/vast/ Frame E32C 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/726513?pr=270774&sc=86511&dl=https%3A%2F%2Fbazr.ru%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
/
login.vk.com/ Frame 5794 		27 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?169
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.181 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv181-129-240-87.vk.com
Software
kittenx / KPHP/7.4.113707
Resource Hash
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:59 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.113707
access-control-allow-methods
GET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=windows-1251
access-control-allow-origin
https://ad.mail.ru
cache-control
no-store
access-control-allow-credentials
true
content-length
41
native
moevideo.biz/ Frame E32C 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.21 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f61.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
60425c13369d446b178f69df9e885ebcc3129b1bd6cfac3d37a9301074bbb5e9

Request headers

Referer
https://bazr.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 26 Apr 2023 01:59:59 GMT
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Wed, 26 Apr 2023 01:59:59 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Mv-Embed-Version
1414
X-Mv-TryCache
0
X-My-Adv-Time
0.00254106521606
X-My-App-Time
0.015
X-My-Name
s51
X-My-Reqtime
0.100
X-Powered-By
PHP/5.5.38
styles.css
moevideo.biz/embed/player/1860/skins/gray/ Frame E32C 		54 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1860/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.21 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f61.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Jan 2023 13:03:25 GMT
Server
nginx
X-My-Name
s153
ETag
W/"63d27a1d-d99f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
X-My-Reqtime
0.025
mvplayer.min.js
moevideo.biz/embed/player/1860/ Frame E32C 		597 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1860/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.21 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f61.moevideo.net
Software
nginx /
Resource Hash
4d50f79fdb320efa3f58c176d2bdb09fcc458be41aad03f55711bf8417d4a4db

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Jan 2023 13:11:55 GMT
Server
nginx
X-My-Name
s201
ETag
W/"63d27c1b-954a5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
X-My-Reqtime
0.024
storage.html
moe.video/ Frame 3E69 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.26.230.47 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Referer
https://moevideo.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 26 Apr 2023 01:59:59 GMT
ETag
W/"63d27cd2-4783"
Last-Modified
Thu, 26 Jan 2023 13:14:58 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-B-Name
fsel6
X-My-Name
s159
X-My-Reqtime
0.004
truncated
/ Frame E32C 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
auction_multi
am-0.moevideo.biz/ssp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.244 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
fvm15.moevideo.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://moevideo.biz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Wed, 26 Apr 2023 01:59:59 GMT
Server
nginx
auction_multi
am-0.moevideo.biz/ssp/ Frame E32C 		2 B
476 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.244 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
fvm15.moevideo.net
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:59 GMT
X-Balancer-Name
fvm15
Last-Modified
Wed, 26 Apr 2023 01:59:59 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://moevideo.biz
X-B-Name
fvm15
Cache-Control
no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
Thu, 19 Feb 1998 13:24:18 GMT
analytics.js
www.google-analytics.com/ Frame E32C 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 26 Apr 2023 00:27:45 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5534
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 26 Apr 2023 02:27:45 GMT
ads-async.js
ad.mail.ru/static/ Frame E32C 		193 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
162c293d74338386b2c72a2cdd9ebe64a8a467ad70dda92db33646cd4da2d9d5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:59 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Wed, 26 Apr 2023 02:09:59 GMT
storage.html
moe.video/ Frame 73AA 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.26.230.47 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Referer
https://moevideo.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 26 Apr 2023 01:59:59 GMT
ETag
W/"63d27cc2-4783"
Last-Modified
Thu, 26 Jan 2023 13:14:42 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-B-Name
fsel6
X-My-Name
s141
X-My-Reqtime
0.004
storage.html
moe.video/ Frame 6B08 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.26.230.47 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Referer
https://moevideo.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 26 Apr 2023 01:59:59 GMT
ETag
W/"63d27ceb-4783"
Last-Modified
Thu, 26 Jan 2023 13:15:23 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-B-Name
fsel6
X-My-Name
s196
X-My-Reqtime
0.024
5C6D71.js
r.mradx.net/img/38/ Frame E32C 		191 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.mradx.net/img/38/5C6D71.js
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:db00::28 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
60bbc99a33728db1950d9df204777e97176df3357badd7ab64346fbbd5e51608

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Apr 2023 15:39:47 GMT
Server
nginx
ETag
W/"6447f443-2fb97"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Thu, 31 Dec 2037 23:55:55 GMT
instreamr_wl1_legalcontent
relap.mail.ru/vast/ Frame E32C 		95 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://relap.mail.ru/vast/instreamr_wl1_legalcontent?referrer=https%3A%2F%2Fbazr.ru%2F&domain=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
7ef4f6c06c96a2ef1374b8d3174b555c5c1b5295847afa7e3d2108e71416d978
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:59 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/xml
access-control-allow-origin
https://moevideo.biz
access-control-max-age
1728000
access-control-allow-credentials
true
x-server
vast02
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
content-length
95
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
instreamr_spec_wl1_legalcontent
relap.mail.ru/vast/ Frame E32C 		95 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://relap.mail.ru/vast/instreamr_spec_wl1_legalcontent?referrer=https%3A%2F%2Fbazr.ru%2F&domain=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
7ef4f6c06c96a2ef1374b8d3174b555c5c1b5295847afa7e3d2108e71416d978
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:59 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-max-age
1728000
content-type
application/xml
access-control-allow-origin
https://moevideo.biz
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-credentials
true
x-server
vast13
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
content-length
95
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
389706
ad.mail.ru/vast/ Frame E32C 		59 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=2882248&sc=86511&dl=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:59 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
erle.cgi
ad.adriver.ru/cgi-bin/ Frame E32C 		142 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=223687&bt=61&pz=0&target=top&rnd=8442929&tail256=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.49 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Apr 2023 01:59:59 GMT
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
myvideo-vast
adx.com.ru/ Frame E32C 		60 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Fbazr.ru%2F&uid=&vpaid=false&rolltype=outstream
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.105.70 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 01:59:59 GMT
server
nginx/1.22.0
p3p
CP="adx.com.ru does not have a P3P policy"
access-control-allow-origin
https://moevideo.biz
content-type
text/xml; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-length
60
980546
ad.mail.ru/vast/ Frame E32C 		59 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/980546?pr=1960515&sc=86511&dl=https%3A%2F%2Fbazr.ru%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:59 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
726513
ad.mail.ru/vast/ Frame E32C 		59 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/726513?dl=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:59 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
1151494
ad.mail.ru/vast/ Frame E32C 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/1151494?pr=283332&sc=86511&dl=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:59 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
389706
ad.mail.ru/vast/ Frame E32C 		59 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=4962120&sc=86511&dl=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:59 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
993463
ad.mail.ru/vast/ Frame E32C 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/993463?rand=9584805&sc=86511&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:59 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
vkAuth.html
ad.mail.ru/dist/ Frame 682F 		523 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/dist/vkAuth.html
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/38/5C6D71.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Referer
https://moevideo.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Content-Length
523
Content-Type
text/html;charset=UTF-8
Date
Wed, 26 Apr 2023 01:59:59 GMT
Expires
Wed, 26 Apr 2023 02:09:59 GMT
Server
nginx
Timing-Allow-Origin
*
/
ad.mail.ru/adq/ Frame E32C 		83 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?callback=mailru_ad1682474399891&q=199847&vk=0&containerWidth=600&containerHeight=338&last_shown_ids=&_=994551009
Requested by
Host: r.mradx.net
URL: https://r.mradx.net/img/38/5C6D71.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
39bba436acfbe6d2a6a58ac2fd2d902a7ac97857c7692fd77d86f98d4bef2af8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 01:59:59 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
openapi.js
vk.com/js/api/ Frame 682F 		104 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?169
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-132-240-87.vk.com
Software
kittenx /
Resource Hash
2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:00 GMT
content-encoding
br
x-frontend
front224005
last-modified
Fri, 02 Dec 2022 07:14:40 GMT
server
kittenx
etag
"6389a5e0-5b16"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
23318
expires
Sun, 30 Apr 2023 02:00:00 GMT
1061630
ad.mail.ru/vast/ Frame E32C 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/1061630?pr=4191521&sc=86511&dl=https%3A%2F%2Fbazr.ru%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:00:00 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
389706
ad.mail.ru/vast/ Frame E32C 		59 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=6480615&sc=86511&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:00:00 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
1078843
ad.mail.ru/vast/ Frame E32C 		59 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/1078843?dl=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:00:00 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
362146
ad.mail.ru/vast/ Frame E32C 		59 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=807055&sc=86511&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:00:00 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
instreamr_wl4_legalcontent
relap.mail.ru/vast/ Frame E32C 		95 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://relap.mail.ru/vast/instreamr_wl4_legalcontent?referrer=https%3A%2F%2Fbazr.ru%2F&domain=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
7ef4f6c06c96a2ef1374b8d3174b555c5c1b5295847afa7e3d2108e71416d978
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:00 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/xml
access-control-allow-origin
https://moevideo.biz
vary
Origin
access-control-allow-credentials
true
x-server
vast11
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
content-length
95
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
/
login.vk.com/ Frame 682F 		27 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?169
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.181 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv181-129-240-87.vk.com
Software
kittenx / KPHP/7.4.113707
Resource Hash
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:00 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.113707
access-control-allow-methods
GET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=windows-1251
access-control-allow-origin
https://ad.mail.ru
cache-control
no-store
access-control-allow-credentials
true
content-length
41
instreamr_spec_wl4_legalcontent
relap.mail.ru/vast/ Frame E32C 		95 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://relap.mail.ru/vast/instreamr_spec_wl4_legalcontent?referrer=https%3A%2F%2Fbazr.ru%2F&domain=bazr.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
7ef4f6c06c96a2ef1374b8d3174b555c5c1b5295847afa7e3d2108e71416d978
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:00 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
x-content-type-options
nosniff
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/xml
access-control-allow-origin
https://moevideo.biz
vary
Origin
x-server
vast44
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
content-length
95
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
726513
ad.mail.ru/vast/ Frame E32C 		59 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/726513?pr=5362311&sc=86511&dl=https%3A%2F%2Fbazr.ru%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1860/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

Accept
*/*
Referer
https://moevideo.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:00:00 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
native
moevideo.biz/ Frame E32C 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.21 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f61.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
b2594d3db83f35e8e9badded9c3604dec32b825a3b7f1c30776e91e282df8531

Request headers

Referer
https://bazr.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 26 Apr 2023 02:00:00 GMT
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Wed, 26 Apr 2023 02:00:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Mv-Embed-Version
1414
X-Mv-TryCache
0
X-My-Adv-Time
0.00421595573425
X-My-App-Time
0.023
X-My-Name
s158
X-My-Reqtime
0.045
X-Powered-By
PHP/5.5.38
upload.gif
vk.com/images/ 		230 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/images/upload.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-132-240-87.vk.com
Software
kittenx /
Resource Hash
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gdz.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:00 GMT
last-modified
Tue, 22 Sep 2020 20:30:00 GMT
server
kittenx
etag
"5f6a5ec8-e6"
content-type
image/gif
cache-control
max-age=604800
accept-ranges
bytes
content-length
230
expires
Wed, 03 May 2023 02:00:00 GMT
widget_community.php
vk.com/ Frame 9FC7 		36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?150
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-132-240-87.vk.com
Software
kittenx / KPHP/7.4.113707
Resource Hash
1004beaee1e7e62ad8387aaae597926bce015d474b88a40f80e7caa6911f5386
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; report=/xss_reports

Request headers

Referer
https://gdz.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-expose-headers
X-Frontend
cache-control
no-store
content-encoding
gzip
content-length
12692
content-security-policy
default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
content-type
text/html; charset=windows-1251
date
Wed, 26 Apr 2023 02:00:01 GMT
server
kittenx
strict-transport-security
max-age=15768000
x-frontend
front224005
x-powered-by
KPHP/7.4.113707
x-xss-protection
1; report=/xss_reports
widget_subscribe.php
vk.com/ Frame B861 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?150
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-132-240-87.vk.com
Software
kittenx / KPHP/7.4.113707
Resource Hash
76c13600404c98b05217316a6f7e018d0844d05e2a079e228eeb75035f3f3cde
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; report=/xss_reports

Request headers

Referer
https://gdz.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-expose-headers
X-Frontend
cache-control
no-store
content-encoding
gzip
content-length
4223
content-security-policy
default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
content-type
text/html; charset=windows-1251
date
Wed, 26 Apr 2023 02:00:00 GMT
server
kittenx
strict-transport-security
max-age=15768000
x-frontend
front224005
x-powered-by
KPHP/7.4.113707
x-xss-protection
1; report=/xss_reports
styles.css
moevideo.biz/embed/player/1860/skins/gray/ Frame E32C 		54 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1860/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.21 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f61.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:00:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Jan 2023 13:03:25 GMT
Server
nginx
X-My-Name
s152
ETag
W/"63d27a1d-d99f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
X-My-Reqtime
0.024
mvplayer.min.js
moevideo.biz/embed/player/1860/ Frame E32C 		334 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1860/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.21 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
f61.moevideo.net
Software
nginx /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-3091&slot=content&api=2.0&ref=bazr.ru&frp=aHR0cHM6Ly9iYXpyLnJ1L3BsYXllcj9wbGF5bGlzdElkPTM1NjAzJnYxLjAuMS4x&instream=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 26 Apr 2023 02:00:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Jan 2023 13:11:55 GMT
Server
nginx
X-My-Name
s179
ETag
W/"63d27c1b-954a5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
X-My-Reqtime
0.029
loader_nav20845869423_61.js
vk.com/js/ Frame B861 		291 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/loader_nav20845869423_61.js
Requested by
Host: vk.com
URL: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-132-240-87.vk.com
Software
kittenx / KPHP/7.4.113707
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
gzip
x-frontend
front224005
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.113707
content-type
text/javascript; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
57687
lite.34ec3a3522ef46e3dbb7.css
st6-20.vk.com/css/al/ Frame B861 		274 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/css/al/lite.34ec3a3522ef46e3dbb7.css
Requested by
Host: vk.com
URL: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
e6e124b7101373af6191dde84f6aefcc601c9f56e3f1b810b7e0796e38a2df13
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 25 Apr 2023 07:01:56 GMT
server
kittenx
etag
"64477ae4-8d1a"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
36122
expires
Sun, 30 Apr 2023 02:00:01 GMT
lite.js
vk.com/js/al/ Frame B861 		263 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/al/lite.js?107
Requested by
Host: vk.com
URL: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-132-240-87.vk.com
Software
kittenx /
Resource Hash
117316d3d31f7a005b4db41da5c4e4398c9a5079203f7f7f66baa5a87b052c39

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front224005
last-modified
Wed, 12 Apr 2023 20:56:09 GMT
server
kittenx
etag
"64371ae9-f20c"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
61964
expires
Sun, 30 Apr 2023 02:00:01 GMT
lang61_0.js
vk.com/js/ Frame B861 		90 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/lang61_0.js?28041240
Requested by
Host: vk.com
URL: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-132-240-87.vk.com
Software
kittenx / KPHP/7.4.113707
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
gzip
x-frontend
front224005
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.113707
content-type
text/javascript; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
26678
xdm.js
st6-20.vk.com/js/api/ Frame B861 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/js/api/xdm.js?9
Requested by
Host: vk.com
URL: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
ed89697436c213e02c99f290a0f8a3d20c4bde9ccdb2ddf025b0849cdfe11347
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 22 Sep 2020 20:30:00 GMT
server
kittenx
etag
"5f6a5ec8-b1e"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
2846
expires
Sun, 30 Apr 2023 02:00:01 GMT
al_subscribe.js
st6-20.vk.com/js/api/widgets/ Frame B861 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/js/api/widgets/al_subscribe.js?1
Requested by
Host: vk.com
URL: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
482e98612d38dd583b1ab50223bdbe7f59a6c96cafa4880a0191ae7ef8042507
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Fri, 20 May 2022 13:43:45 GMT
server
kittenx
etag
"62879b11-465"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
1125
expires
Sun, 30 Apr 2023 02:00:01 GMT
widget_subscribe.b7a6ac2b611d2473b6a5.css
st6-20.vk.com/css/al/ Frame B861 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/css/al/widget_subscribe.b7a6ac2b611d2473b6a5.css
Requested by
Host: vk.com
URL: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
edd78ceafc944128477b74904a8e08e777f580c9d263e279efffcc7837b62c1d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Sat, 28 Jan 2023 10:21:26 GMT
server
kittenx
etag
"63d4f726-46d"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
1133
expires
Sun, 30 Apr 2023 02:00:01 GMT
base.4829fac12edb2ae20b50.css
st6-20.vk.com/css/al/ Frame B861 		124 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/css/al/base.4829fac12edb2ae20b50.css
Requested by
Host: vk.com
URL: https://vk.com/widget_subscribe.php?app=0&width=100%25&_ver=1&oid=-26582877&startWidth=0&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
d711a315971070911f9ad43220b8d16bd662015c6350040f7eaa2f7ab18db1f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 25 Apr 2023 07:01:56 GMT
server
kittenx
etag
"64477ae4-4baa"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
19370
expires
Sun, 30 Apr 2023 02:00:01 GMT
IQaHo8-FvX3FSyl_n5BRzoXOpKByRBgsgkPEQcKP4cO0ioinjtE7mB5Q4ApDp2JtMCioDXDD.jpg
sun6-21.userapi.com/s/v1/if1/ Frame B861 		0
0
loader_nav20845869423_61.js
vk.com/js/ Frame 9FC7 		0
0
fonts_cnt.a289ed70815ffbd082ae.css
st6-20.vk.com/css/al/ Frame 9FC7 		331 KB
249 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/css/al/fonts_cnt.a289ed70815ffbd082ae.css
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Mon, 06 Feb 2023 15:27:38 GMT
server
kittenx
etag
"63e11c6a-3e078"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
254072
expires
Sun, 30 Apr 2023 02:00:01 GMT
lite.34ec3a3522ef46e3dbb7.css
st6-20.vk.com/css/al/ Frame 9FC7 		274 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/css/al/lite.34ec3a3522ef46e3dbb7.css
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 25 Apr 2023 07:01:56 GMT
server
kittenx
etag
"64477ae4-8d1a"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
36122
expires
Sun, 30 Apr 2023 02:00:01 GMT
lite.js
vk.com/js/al/ Frame 9FC7 		263 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/al/lite.js?107
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-132-240-87.vk.com
Software
kittenx /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front224005
last-modified
Wed, 12 Apr 2023 20:56:09 GMT
server
kittenx
etag
"64371ae9-f20c"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
61964
expires
Sun, 30 Apr 2023 02:00:01 GMT
lang61_0.js
vk.com/js/ Frame 9FC7 		0
0
xdm.js
st6-20.vk.com/js/api/ Frame 9FC7 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/js/api/xdm.js?9
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 22 Sep 2020 20:30:00 GMT
server
kittenx
etag
"5f6a5ec8-b1e"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
2846
expires
Sun, 30 Apr 2023 02:00:01 GMT
ui_common.d420f360588232f6ee59.css
st6-20.vk.com/css/al/ Frame 9FC7 		106 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/css/al/ui_common.d420f360588232f6ee59.css
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 25 Apr 2023 07:01:56 GMT
server
kittenx
etag
"64477ae4-39bb"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
14779
expires
Sun, 30 Apr 2023 02:00:01 GMT
polyfills.708b756b1b87c44334d8.js
st6-20.vk.com/dist/ Frame 9FC7 		133 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/dist/polyfills.708b756b1b87c44334d8.js?f76f8095bb3e937b95b5
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Thu, 20 Apr 2023 15:43:41 GMT
server
kittenx
etag
"64415dad-acfa"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
44282
expires
Sun, 30 Apr 2023 02:00:01 GMT
react.98bc663d415258ce240e.js
st6-20.vk.com/dist/ Frame 9FC7 		203 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/dist/react.98bc663d415258ce240e.js?371daa3c15115043d211
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 18 Apr 2023 23:46:06 GMT
server
kittenx
etag
"643f2bbe-edc6"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
60870
expires
Sun, 30 Apr 2023 02:00:01 GMT
palette.cceac42bb6582a93d58d.css
st6-20.vk.com/dist/ Frame 9FC7 		98 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/dist/palette.cceac42bb6582a93d58d.css
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 25 Apr 2023 07:09:41 GMT
server
kittenx
etag
"64477cb5-3b49"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
15177
expires
Sun, 30 Apr 2023 02:00:01 GMT
palette.762c4886666b8cd2e28b.js
st6-20.vk.com/dist/ Frame 9FC7 		99 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/dist/palette.762c4886666b8cd2e28b.js?
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 18 Apr 2023 23:46:06 GMT
server
kittenx
etag
"643f2bbe-6112"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
24850
expires
Sun, 30 Apr 2023 02:00:01 GMT
vkui.e4d670f36de4368e7b1a.js
st6-20.vk.com/dist/ Frame 9FC7 		316 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/dist/vkui.e4d670f36de4368e7b1a.js?d410ad297c5ec476192b
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Thu, 02 Mar 2023 23:00:53 GMT
server
kittenx
etag
"64012aa5-137a9"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
79785
expires
Sun, 30 Apr 2023 02:00:01 GMT
vkcom-kit.abb83149b6ec5dc29ed6.css
st6-20.vk.com/dist/ Frame 9FC7 		67 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/dist/vkcom-kit.abb83149b6ec5dc29ed6.css
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 25 Apr 2023 09:46:45 GMT
server
kittenx
etag
"6447a185-28ee"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
10478
expires
Sun, 30 Apr 2023 02:00:01 GMT
vkcom-kit.f523d3fe9a71125912c8.js
st6-20.vk.com/dist/ Frame 9FC7 		119 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/dist/vkcom-kit.f523d3fe9a71125912c8.js?
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 25 Apr 2023 07:41:57 GMT
server
kittenx
etag
"64478445-73a0"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
29600
expires
Sun, 30 Apr 2023 02:00:01 GMT
state-management.7a9355439064b079c032.js
st6-20.vk.com/dist/ Frame 9FC7 		64 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/dist/state-management.7a9355439064b079c032.js?cc07b1a64736261fabb9
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Wed, 12 Apr 2023 20:34:22 GMT
server
kittenx
etag
"643715ce-578e"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
22414
expires
Sun, 30 Apr 2023 02:00:01 GMT
audioplayer.c06d76bf814cd6ce2530.css
st6-20.vk.com/dist/ Frame 9FC7 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/dist/audioplayer.c06d76bf814cd6ce2530.css
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 25 Apr 2023 07:09:41 GMT
server
kittenx
etag
"64477cb5-8d8"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
2264
expires
Sun, 30 Apr 2023 02:00:01 GMT
audioplayer.4bb05d1765f7772963f5.js
st6-20.vk.com/dist/ Frame 9FC7 		206 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/dist/audioplayer.4bb05d1765f7772963f5.js?321
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Mon, 24 Apr 2023 15:32:05 GMT
server
kittenx
etag
"6446a0f5-cb0c"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
51980
expires
Sun, 30 Apr 2023 02:00:01 GMT
common.40007ee9e3b8cef84354.js
st6-20.vk.com/dist/ Frame 9FC7 		443 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/dist/common.40007ee9e3b8cef84354.js?3210453f312263a1ed53d29
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 25 Apr 2023 11:34:01 GMT
server
kittenx
etag
"6447baa9-53565"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
341349
expires
Sun, 30 Apr 2023 02:00:01 GMT
ui_common.473f34542583d0a0f8ce.js
st6-20.vk.com/dist/web/ Frame 9FC7 		0
0
audioplayer.8bb3120e7da774c5bd50.js
st6-20.vk.com/dist/web/ Frame 9FC7 		0
0
widget_community.461c04150f1c05e585d0.css
st6-20.vk.com/css/al/ Frame 9FC7 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/css/al/widget_community.461c04150f1c05e585d0.css
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Sat, 28 Jan 2023 10:21:26 GMT
server
kittenx
etag
"63d4f726-e24"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
3620
expires
Sun, 30 Apr 2023 02:00:01 GMT
likes.5b6dbff176602898f32b.js
st6-20.vk.com/dist/web/ Frame 9FC7 		0
0
community.js
st6-20.vk.com/dist/api/widgets/ Frame 9FC7 		0
0
base.4829fac12edb2ae20b50.css
st6-20.vk.com/css/al/ Frame 9FC7 		124 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-20.vk.com/css/al/base.4829fac12edb2ae20b50.css
Requested by
Host: vk.com
URL: https://vk.com/widget_community.php?app=0&width=200px&_ver=1&gid=26582877&mode=3&color1=&color2=&color3=&class_name=&no_cover=1&url=https%3A%2F%2Fgdz.fun%2F&referrer=&title=%D0%93%D0%94%D0%97%20-%20%D1%80%D0%B5%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85%20%D0%B7%D0%B0%D0%B4%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%81%201%20%D0%BF%D0%BE%2011%20%D0%BA%D0%BB%D0%B0%D1%81%D1%81%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&187bb49fc8c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.0 -, , ASN (),
Reverse DNS
Software
kittenx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 02:00:01 GMT
content-encoding
br
x-frontend
front6-20
strict-transport-security
max-age=15768000
last-modified
Tue, 25 Apr 2023 07:01:56 GMT
server
kittenx
etag
"64477ae4-4baa"
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
19370
expires
Sun, 30 Apr 2023 02:00:01 GMT
IQaHo8-FvX3FSyl_n5BRzoXOpKByRBgsgkPEQcKP4cO0ioinjtE7mB5Q4ApDp2JtMCioDXDD.jpg
sun6-21.userapi.com/s/v1/if1/ Frame 9FC7 		0
0
camera_50.png
vk.com/images/ Frame 9FC7 		0
0
4egFuiUwiCY.jpg
sun6-23.userapi.com/w7swvcgbxPzYx4kSpSuvI7RgY9VOgDcd3DwbsQ/ Frame 9FC7 		0
0
efk4WPDwpX5PppzCgIcWuSoj3ib4JQw1YOnaAOeCYEO-jDip11QxCRkSGzDFPz_wRL-YCmjH.jpg
sun6-22.userapi.com/s/v1/if1/ Frame 9FC7 		0
0
GYCpvifptNZQLRlB4mfM5ju2aY2hAM6SSx4LddzJYWlHaMn61aXwPuYwqgSbT1reAdq0H0At0HFgXaRDGK08ghPo.jpg
sun6-22.userapi.com/s/v1/ig2/ Frame 9FC7 		0
0
CYjDfipaLN-aOFYlt2X3vHqHg-8-D5cWMvDr4g7F0FSup6SVlQQszspX9YNAyuDD6j0_jlFulUOsBJnRI21Pzy2_.jpg
sun6-20.userapi.com/s/v1/ig2/ Frame 9FC7 		0
0
truncated
/ Frame B861 		436 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
code.js
top-fwz1.mail.ru/js/ Frame B861 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sun6-21.userapi.com
URL
https://sun6-21.userapi.com/s/v1/if1/IQaHo8-FvX3FSyl_n5BRzoXOpKByRBgsgkPEQcKP4cO0ioinjtE7mB5Q4ApDp2JtMCioDXDD.jpg?size=50x50&quality=96&crop=460,496,1057,1057&ava=1
Domain
vk.com
URL
https://vk.com/js/loader_nav20845869423_61.js
Domain
vk.com
URL
https://vk.com/js/lang61_0.js?28041240
Domain
st6-20.vk.com
URL
https://st6-20.vk.com/dist/web/ui_common.473f34542583d0a0f8ce.js?c11f3e62c83bd9c9a4bb5828d97d5644
Domain
st6-20.vk.com
URL
https://st6-20.vk.com/dist/web/audioplayer.8bb3120e7da774c5bd50.js?9e6c9eaba1b653b086696841f64eba72
Domain
st6-20.vk.com
URL
https://st6-20.vk.com/dist/web/likes.5b6dbff176602898f32b.js?ac2efc2cd16e060a8023c5b01c80302a
Domain
st6-20.vk.com
URL
https://st6-20.vk.com/dist/api/widgets/community.js?1
Domain
sun6-21.userapi.com
URL
https://sun6-21.userapi.com/s/v1/if1/IQaHo8-FvX3FSyl_n5BRzoXOpKByRBgsgkPEQcKP4cO0ioinjtE7mB5Q4ApDp2JtMCioDXDD.jpg?size=50x50&quality=96&crop=460,496,1057,1057&ava=1
Domain
vk.com
URL
https://vk.com/images/camera_50.png
Domain
sun6-23.userapi.com
URL
https://sun6-23.userapi.com/w7swvcgbxPzYx4kSpSuvI7RgY9VOgDcd3DwbsQ/4egFuiUwiCY.jpg
Domain
sun6-22.userapi.com
URL
https://sun6-22.userapi.com/s/v1/if1/efk4WPDwpX5PppzCgIcWuSoj3ib4JQw1YOnaAOeCYEO-jDip11QxCRkSGzDFPz_wRL-YCmjH.jpg?size=50x50&quality=96&crop=206,0,597,597&ava=1
Domain
sun6-22.userapi.com
URL
https://sun6-22.userapi.com/s/v1/ig2/GYCpvifptNZQLRlB4mfM5ju2aY2hAM6SSx4LddzJYWlHaMn61aXwPuYwqgSbT1reAdq0H0At0HFgXaRDGK08ghPo.jpg?size=50x50&quality=95&crop=371,0,1331,1331&ava=1
Domain
sun6-20.userapi.com
URL
https://sun6-20.userapi.com/s/v1/ig2/CYjDfipaLN-aOFYlt2X3vHqHg-8-D5cWMvDr4g7F0FSup6SVlQQszspX9YNAyuDD6j0_jlFulUOsBJnRI21Pzy2_.jpg?size=50x50&quality=95&crop=6,0,1244,1244&ava=1
Domain
top-fwz1.mail.ru
URL
https://top-fwz1.mail.ru/js/code.js

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless object| app boolean| IS_CLIENT_SIDE boolean| IS_ANDROID_WEBVIEW boolean| IS_IOS_WEBVIEW boolean| IS_WEB undefined| androidBridge undefined| iosBridge function| _bridgeSend function| _bridgeSupports boolean| IS_BRIDGE_AVAILABLE function| obj2qs object| fastXDM object| VK object| adsbygoogle function| vkGrp object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| webpackJsonp function| jQuery function| $ object| regeneratorRuntime object| __SENTRY__ object| jQuery112407180736432620589 object| usclHost object| checkDevice object| scrollToTop object| sendEventRequest object| uSocial string| _uSocialTool object| usclUtility string| uSocialShareInit function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| owlMedia object| TapEvents object| usclPolifyll object| uSocialShare function| mail function| lin function| printerest boolean| _uSocial_tap_events_ boolean| usclBookmarks string| usclPopupInit function| ym object| Ya object| __sentry_instrumentation_handlers__ object| yaCounter53858797 object| google_llp object| advideo_adv object| googletag object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| GoogleGcLKhOms object| google_image_requests

70 Cookies

Domain/Path Name / Value
kimberlite.io/rtb/sync Name: f
Value: https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D201%26b%3DZEiFntWg960
kimberlite.io/rtb/sync Name: n
Value: 2
.gdz.fun/ Name: __gads
Value: ID=2fa016060acb964c-22ea1331abdd00cb:T=1682474395:RT=1682474395:S=ALNI_MYRWlT-gub4kgdtjOwBOn8ysIdg7A
.gdz.fun/ Name: __gpi
Value: UID=00000befbb4f775a:T=1682474395:RT=1682474395:S=ALNI_MbnFOvD6XN39q0kOaFZS30TMH5tmg
.vk.com/ Name: remixlang
Value: 61
.vk.com/ Name: remixstlid
Value: 9102014607598266156_adzhYmxsA4j9wmrJrjrDhMMDNV6ZLgyZWZRf8fxnm70
mc.gdz.work/ Name: uuid
Value: 1d95c521-6d77-4dec-867a-3a36abddc580
.gdz.fun/ Name: _ym_uid
Value: 1682474395665542776
.gdz.fun/ Name: _ym_d
Value: 1682474395
.yadro.ru/ Name: VID
Value: 2PCE522JKKeY1aI8MR0029hM
.yandex.ru/ Name: bh
Value: KgI/MA==
.gdz.fun/ Name: _ym_isad
Value: 2
mc.yandex.ru/ Name: yabs-sid
Value: 1643935621682474395
.yandex.ru/ Name: i
Value: UD4T5j8o1wtkXdFJaAMZqW9o8nbyq+uybGhfN3Gj+RQQ2fIzZiNxfUW47+BvPQTBd6nX8/MXuvcFnHH4rT2GQwNNWmM=
.yandex.ru/ Name: yandexuid
Value: 3395355081682474395
.yandex.ru/ Name: yuidss
Value: 3395355081682474395
.doubleclick.net/ Name: IDE
Value: AHWqTUlgXKA8U00eM3lVMuxyD1Jz-8eRWCWxLf22x6s8HZtiU0BA6DCbOPt9cpAfMrE
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 4201709075fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2591047111fake
.adnxs.com/ Name: uuid2
Value: 4021290148059659611
.casalemedia.com/ Name: CMID
Value: ZEiFm-rg8uU.BYE1v7uTdQAA
.casalemedia.com/ Name: CMPS
Value: 5242
.casalemedia.com/ Name: CMPRO
Value: 5242
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU'l9!YF!]tbPl1M>e)ZlrFUfJ+tGXxoi<qE<QAI4V$:wH16B*ux0MdNe[[81hk:BtjH*bpRz*qF1`*b_i@*1N=*
.webvisor.org/ Name: yandexuid
Value: 3395355081682474395
.webvisor.org/ Name: yuidss
Value: 3395355081682474395
.webvisor.org/ Name: i
Value: UD4T5j8o1wtkXdFJaAMZqW9o8nbyq+uybGhfN3Gj+RQQ2fIzZiNxfUW47+BvPQTBd6nX8/MXuvcFnHH4rT2GQwNNWmM=
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
.doubleclick.net/ Name: DSID
Value: NO_DATA
.bazr.ru/ Name: _ym_uid
Value: 1682474397957956780
.bazr.ru/ Name: _ym_d
Value: 1682474397
.yandex.ru/ Name: ymex
Value: 1714010395.yrts.1682474395#1714010395.yrtsi.1682474395
.adverdata.net/ Name: auid
Value: 26802079984644
.bazr.ru/ Name: _ym_isad
Value: 2
.rambler.ru/ Name: ruid
Value: 1CIAAJyFSGS+mSymAYgwUQB=
playreplay.me/ Name: mvuid
Value: 4a9d457a2c4f3e03c0aa
playreplay.me/ Name: mvsid
Value: 4126bf5b-27db-487b-b2e5-e290fbc72911
moevideo.biz/ Name: mvuid
Value: 4a9d457a2c4f3e03c0aa
moevideo.biz/ Name: mvsid
Value: 4126bf5b-27db-487b-b2e5-e290fbc72911
thesame.tv/ Name: mvuid
Value: 4a9d457a2c4f3e03c0aa
thesame.tv/ Name: mvsid
Value: 4126bf5b-27db-487b-b2e5-e290fbc72911
playreplay.net/ Name: mvuid
Value: 4a9d457a2c4f3e03c0aa
playreplay.net/ Name: mvsid
Value: 4126bf5b-27db-487b-b2e5-e290fbc72911
cs-0.moevideo.biz/ Name: mvuid
Value: 4a9d457a2c4f3e03c0aa
cs-0.moevideo.biz/ Name: mvsid
Value: 4126bf5b-27db-487b-b2e5-e290fbc72911
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 2e75db16-a375-5274-aa61-1ba4ce299e39
.betweendigital.com/ Name: ss
Value: 1
.bumlam.com/ Name: suuid3
Value: IiQwYmJlMzhjYy1lM2Q2LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
.betweendigital.com/ Name: ut
Value: ZEiFnQAMLTB6Et2QsryyzzX4tNoHXhhOdUyckg==
.upravel.com/ Name: session_tptc
Value: 1682474397811
.weborama.com/ Name: wui
Value: 69B53245-B7DF-4ED0-86DD-3E27A580C492
.relap.mail.ru/ Name: fsts
Value: 1682474397
.relap.mail.ru/ Name: unique
Value: 89e848Ca3a6C4fA9
.relap.mail.ru/ Name: suid
Value: 22ab32a0cf9f733d361cd6aad7c139f44a837998--65eb59bc38405a7b0e530fa0766a5b7d24a162b2f88bf61b8096179d39ae17b8
.upravel.com/ Name: user_id
Value: 15cc1fdf-0467-43bc-9687-1699f698a072
.adhigh.net/ Name: gi_u
Value: LR94yxK6DLG.AikABlGHu0nwlg
.rutarget.ru/ Name: userId
Value: qoUqskRR8rC4
.weborama.fr/ Name: AFFICHE_W
Value: jKRPg4Jl7VCM89
.admixer.net/ Name: am-uid
Value: 5626e3653a714e89acec515bcc4e6aa3
.adriver.ru/ Name: cid
Value: AB42MzrI7KpBcmZ-jsLJbkw
.moe.video/ Name: uid
Value: f3129c3c545a175ea55a
kimberlite.io/ Name: u
Value: ZEiFntWg960~8nFm52JcHciHD2Jh7iMZepjDet8
.mts.ru/ Name: dspid
Value: cf038cd2-7f7f-4fe9-a655-fb20cff69005
.adx.com.ru/ Name: user
Value: 6448859e7011cb0001f01ea8
.mts.ru/ Name: mts_id
Value: cd71bae9-f0aa-4ad0-96f9-62b8fe5f37a8
.mts.ru/ Name: mts_id_last_sync
Value: 1682474398
.mail.ru/ Name: VID
Value: 1824250F06YH00216J0cCL2H:::0-0-0-962de5e:CAASEDUx0n3aGLIfUTFrgdiFE9gaYGxx95RcVIh-5U8jINfi2DyZtBGpOOlACeNMlxl9UOqR7XMW0DvldoifPwtbAazYAAGow2WDYH2CnwNoMn2blzQ4_LwRDY5EvtQzCx79AdOSIiiKLIa68hkvP2saGbIFwg
.vk.com/ Name: remixlns
Value: b2f692952ca9d5877c
.relap.mail.ru/ Name: lsts
Value: 1682474399

4 Console Messages

Source Level URL
Text
network error URL: https://cs-0.moevideo.biz/ssp/cs?d=111&b==
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://an.yandex.ru/setud/mts_banner/zwOM0n9_T-mmVfsgz_aQBQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1430119235
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271804&client=ca-pub-2891046647766967&fa=4&ifi=6&uci=a!6&btvi=2&xpc=9MSMJIo6DE&p=https%3A//gdz.fun
Message:
The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271801&client=ca-pub-2891046647766967&fa=1&ifi=7&uci=a!7&btvi=3&xpc=24z2uckpf5&p=https%3A//gdz.fun
Message:
The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

204.adverdata.net
ad.adriver.ru
ad.mail.ru
ads.betweendigital.com
adservice.google.com
adservice.google.nl
adverdata.net
adx.com.ru
am-0.moevideo.biz
an.yandex.ru
bazr.ru
cdn.advideo.ru
cdn.ampproject.org
cdn.bazr.ru
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.mail.ru
connect.ok.ru
counter.yadro.ru
cs-0.moevideo.biz
dm-eu.hybrid.ai
dsum-sec.casalemedia.com
dx.frontend.weborama.com
exchange.buzzoola.com
faststat.advideo.ru
fonts.googleapis.com
fonts.gstatic.com
gdz.fun
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
inv-nets.admixer.net
kimberlite.io
kraken.rambler.ru
login.vk.com
m.trafmag.com
match.new-programmatic.com
mc.gdz.work
mc.webvisor.org
mc.yandex.ru
moe.video
moevideo-sync.rutarget.ru
moevideo.biz
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.konnektu.ru
playreplay.me
playreplay.net
px.adhigh.net
r.mradx.net
rd.frontend.weborama.fr
redirect.frontend.weborama.fr
relap.mail.ru
rtb.com.ru
rtb.moe.video
s0.2mdn.net
sm.rtb.mts.ru
st.top100.ru
st6-20.vk.com
stat.advideo.ru
sun6-20.userapi.com
sun6-21.userapi.com
sun6-22.userapi.com
sun6-23.userapi.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.dsp.solta.io
sync.upravel.com
tech.rtb.mts.ru
thesame.tv
top-fwz1.mail.ru
tpc.googlesyndication.com
usocial.pro
vk.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
st6-20.vk.com
sun6-20.userapi.com
sun6-21.userapi.com
sun6-22.userapi.com
sun6-23.userapi.com
top-fwz1.mail.ru
vk.com
130.193.58.13
142.250.185.98
146.0.227.110
148.251.236.115
154.47.36.202
172.217.18.2
176.9.81.69
178.218.210.133
178.218.212.115
178.218.213.168
178.218.213.170
178.218.223.43
185.129.100.122
185.191.197.56
185.40.31.214
185.80.39.216
185.83.142.19
188.42.191.196
188.72.107.156
193.200.65.6
193.232.150.43
195.201.152.107
195.209.108.49
213.87.44.187
217.20.155.208
217.65.2.150
217.66.147.35
2606:4700::6810:5814
2a00:1148:db00::17
2a00:1148:db00::28
2a00:1450:4001:802::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2001
2a00:1450:4001:827::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::200e
2a02:6b8::1:119
2a02:6b8::90
2a06:98c1:3121::3
31.172.81.160
34.111.205.194
35.190.24.218
37.230.131.22
5.188.150.107
81.19.89.16
83.222.105.70
83.222.114.190
83.229.25.244
87.240.129.181
87.240.132.67
88.212.201.204
89.108.108.11
91.218.228.87
92.223.103.32
92.223.103.67
92.223.106.21
94.100.180.54
94.26.230.47
94.26.231.116
95.142.206.0
95.163.43.46
003dc3ce975b3a12a7822f71fa2a9ea0d7c1d33fd9930886a31be31b517ba1ef
02264561e0deeeb5ba56e7ee299b47363af979868cc68c9e08f620471d6f5160
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
1004beaee1e7e62ad8387aaae597926bce015d474b88a40f80e7caa6911f5386
117316d3d31f7a005b4db41da5c4e4398c9a5079203f7f7f66baa5a87b052c39
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a3831e778d8969aad8052ad463f9ecc63745c97c994c4e8b15c04e46f49b39
1409be790ad3bd66880a39159149954e6fad569b1aca1d073e7d75d026a03215
14647529dae16db25d2a92e0122fc2c552ceb0154195a9922bc7f7a1f258629a
15068ce173b5f59720a278d34c5d8bf34ea304f9f07749c10f07773dfecdc116
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
162c293d74338386b2c72a2cdd9ebe64a8a467ad70dda92db33646cd4da2d9d5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184c7a1c48929c7592bbb6525e0aa5d43199d6fb4ff8a6929abec51558513f94
19a908879f3864fd314b86f1f0f3492f1c128b4a81d0b12a84d5759940a1584b
1a875e0abd8b4a044ca48094a7e067a52388c0d022efbe77d995af2f1b26bce8
1db1c23ec42a6bc60d10989af067dd619ca65f356f06d649b3cd4365abb59f4a
1e6a5449728ebfc51d230927f284d732366fc61d350d279b924ce91cdb79bc3d
1fca7e2d421875b496a5a6bfe5857d62e277d9bf8dc41a7815481a680b3e1be6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28a347ed73180c5f35f31fe40df98ea7dd0ccab8c1408fd20fd3aaed2f349db2
2a9d5b8cc43f91e3b0778202acdbbbca8dcce6739ee07bc4fc782b10ba25b608
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325d787e2ad0665404b0e458592286f46bec3e4337d31f6060fb651da33af292
334cda11e7aa1e23faad3fb7eb37ec5a54c98e54291f4faa30aa4bd97db88e15
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
370cb61b5eb10543bd03238379be501ba33cccbe0ccd6da559ea6daf6c436f8d
39bba436acfbe6d2a6a58ac2fd2d902a7ac97857c7692fd77d86f98d4bef2af8
3c9056c90fad4a64c9a58d50fd5adc87628dc7ab4ab950aeb1fb8c10ba89d16e
3e4e65e7db3c40d4bb9c16f3e85e1e7ed107d564d25c56e3170b38da5460506f
3eaec0b5d43c86d9c734fdbb6f6d2e393e0ee6905950396c37e30e84b915c277
4059d8dac76ffba6a886a8993e62e832eb1dd9742ec7ea254862e2277bde40fc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45e8cf0daec45bbf1afbf1adadbe44daac2d00c46223cca1db8b3f31ad328763
4670fc4946c7edfb3c0358e0385a76f25cdb2cf97daf4396bb9b7fe2a16fb2d8
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
482e98612d38dd583b1ab50223bdbe7f59a6c96cafa4880a0191ae7ef8042507
485e3c6dee567f7280fa8a0224612e00bfb502cc239e175deda45147339aba40
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4ae8b0633d345429a3ef469bfaef071ef2b7fa51a35fb79b2d6f4122654aa839
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c57db11e8c67d39c670e6a2992787cf9d514d00afb0a27ace56e0a91eb74b99
4d50f79fdb320efa3f58c176d2bdb09fcc458be41aad03f55711bf8417d4a4db
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
52c08cdea4207c2e87bcd2989fa162051da50f790c2a818eed709290a3a66cc5
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
5961a07191615167af153a6508a18caadff81c2834a0059f4f0ced7f6dd2538c
5b6725689f9ca035bdd1f325690447c2cab1e9a27c39b3a3a6d702ab888236ac
5ccd99b4d8efb07f1583526b52bd05a10f55a4aa4826f1d77c416e435a6321a5
5f1f89123032d9a70ff9f5d98480062f69ac1a9e580a2bf6ac0eb3e38ac7e8c6
60425c13369d446b178f69df9e885ebcc3129b1bd6cfac3d37a9301074bbb5e9
60bbc99a33728db1950d9df204777e97176df3357badd7ab64346fbbd5e51608
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
667ac755297c00a4569a9fd997711e6e6089f5d655c89d09ac1d51221cac4d65
69f68e885d5443aefbb9333555cc5ac032588c035aed52163005fe7c3ebf3db6
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee
6aea6dfe6561984cdc5c54ead84d47d2cf29e48253ae282aef237404adad4661
6eed350b130e97a4239a9faf760ff20773157a3d7770ae42b83fd90155366827
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
76c13600404c98b05217316a6f7e018d0844d05e2a079e228eeb75035f3f3cde
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86
7ef4f6c06c96a2ef1374b8d3174b555c5c1b5295847afa7e3d2108e71416d978
7f1709833d4c156cffe2876d15348dfc393bfd1b3e064afa62c9d64fdf586d27
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
86fde15e08145b54c13d3cccbdd21b3b761adda79e9a2bc1fe54044e35e7fbe3
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4
8eb36aa538bda31b8d6ab392d62f8ba23e0dd6aa0a5a28a5f410761dcc58e269
91c3ed18d67e4991eab66a6c94eb46f9f5642770e6a63c3d9d8e8b93b554a721
92828518e4015579cf8d7101dfe0ed9e170d6ad09d75768766c3adb0c68fd771
94ba5e516e2757bd07e089f68695fbfb59021ec6912fc8b6ddb58049d63c9e36
9874a79199dea3848fa76aa85191a10bc396746b6f83b696038de72842bc7990
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090
9c9981570082f0c9e2dc51206ff296a57e9a72d1fd915fed947adf484ef2bd3a
9d61c7a0eb55637e24d168b7c74fe513992fbaa34b91b5567ee81f6f6e6e3687
9e389a0a8358fc62537e99102d8a3dceff3ca5bc2e4175b92c77ba786d4744d9
9fe4b186de87b21d9f395c8f5a129ebdf0e1ba24a24e224f4f1b07c2332eb681
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12200caff3678257611ab2f2ebce7457908f65c86fd7b072c0a34cda86c0486
a26b4febdb7690008890d735d5f32ecb59441835704251420f9bb3d4dd4417ea
a349ff483262fec531ee2cc40ab8db69c967ee32ff16e2508b4fda2d9a5b4ea7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a688da81ea7cf02998ad568d064240e0b11a10ff8b2c885c52f84ee174a93948
a6d968584e92c01f5bf29c9de2d18c8f8c81e5ac4f43357e97e20ff64839028e
a7953b4c69887d13b8242512869243830ac5dd9f64d521736ec46b0f5e6208d1
a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
a9c404b6b915758ccf256401134c07f48b7cd818f9dccf7518daf98dc2df535e
ac6c952c4e7c16886bd57b9bef455ab3b231baf11c6cba5d86e6c640e6efd9a9
ae36ff0ed37e7a4009c394da3cc89cef186ff91f743fd4246657eedc299a97c7
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2594d3db83f35e8e9badded9c3604dec32b825a3b7f1c30776e91e282df8531
b2bda46daced7341e2200375c965816b2b95f22cbbe9329fc09d7488e9bc4205
b6a0f1bd5c9d4d922b7abd16111f803453855e93927c1a52bd6b977856189b75
b6cb38e7943cacaac857705ddf6e9534d8e60bf86006feea8a1737ddfa148ef9
b9166fe3447219848f248c3bb9b052a948baf8b10713be00b9e1e89ebae15720
bbad4ff8fd5093b6c6942f79e915351cbfaa7ebf08783cf02748ed477cc7a84a
c38471abe21fcd667fb3e2328a6f035ae3cb2da69e4135ccca98172c5870e1d0
c4fb73fe08bfa7e2bf722a80312db681eef2bcd241752f5a5e98adb1da5fc863
c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375
c82a52cc2f5542e0c0390f2d4c0e3be7147fcdfcffcd946e556e4dbfb128ba04
c8f0f56344362696c76f83dea699bb8faa81830d16a3bcf3250a49b40d31b9e6
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
ce8c122f3d6499c8a07b5b0ba900e95a13f1399a11c5af87102a152a033a8e41
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8f6fc480553227663d734086fe1d999aabc7e7a3e1df3437b5607a8b58beff
d031f464130ac6bd181b343bbcf8df9aa8bfd843b65946f8f34a3b8c1e63ef19
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d393f388ed2427ea59cea2ccec0b4110fa50093cfdc04f9b6a3f08bc0fbf543c
d5621b1145fb2f42e5c394f47d3446150e5f463c38f90727c5aba4652000e503
d711a315971070911f9ad43220b8d16bd662015c6350040f7eaa2f7ab18db1f4
d7eefeda6c8559f00c4ea5549267673816b6d69118a6ddf16cc4c7359ce2323b
d989782ba2e619a35b3379f514bcc66a773e09212318f126a688fa59f42c5852
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778
db5d533abb20cd17fe6323f4202b9cf83b063ad023310bd3d88c5cbda077cd1b
dc7e56f0ea00b0017573ee3530a8d6cd4e5b710a99af7a0ebeefda8c677cbd01
dc87446f5df4011ee3c15b25c68235339b42888f3291ec316ecf54a1e7860bf0
dfcd684d3ded36f1cb5e4993cfd81df93dbdc969ac2540eb8257e30d33aaac4d
e1748bd2faf8b430d2990aef6024f115c4fee9a64fb22cd50442ce566638a201
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e124b7101373af6191dde84f6aefcc601c9f56e3f1b810b7e0796e38a2df13
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb5d3f03e20e79e5bc85d05308a0e1be2aa18ac84b79348ed5817a01587598ba
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82
ed89697436c213e02c99f290a0f8a3d20c4bde9ccdb2ddf025b0849cdfe11347
edd78ceafc944128477b74904a8e08e777f580c9d263e279efffcc7837b62c1d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe3d5f447ad4c9be314641f3004746cdca3ce0a8e30179897037a58cae9e6fd
f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb03ec5bba48b7c99c2965e9059a2fd9d7680a37a54531f4dd2322a1b0eff115
fbf0a830afe254a99c79b62c2cad9dc1e82697d2db8478ad4663a4f33e1272c8
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6