biodoma.ru Open in urlscan Pro
195.161.68.106  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

• http://connect.facebook.net/ru_RU/all.js HTTP 307
• https://connect.facebook.net/ru_RU/all.js

Request Chain 62

• https://googleads.g.doubleclick.net/pagead/adview?ai=CM-T0zMxzZc3BPPy3x_AP5f-pkAeqhMLbdP3TtZaHEvzBtauuARABILv67RFglYKAgLAHoAGl7ffFA8gBCakCYi2If_cOsj6oAwHIA8sEqgTbAU_Q1gFcwIsb3CzUn7dYAO6jgxHqYpR8wVQsK_x_3sMSKGZRxfiHVU_fVqpi2L8LSvD0P3C5cqJbbgigNFJHMsnSGHj9EM5r38Gj1bR90pBb0ebYzEIJurtnYyA-fJUhirbHd_8WK9Yxm1LaqTXQQA91Uf_d9YPXIvXKFB9fi3qgo_gmH5ej-vsJllp_6l2sHFMC1tRSSZthftFgDqU8zw4ePJdgSD_ZjkHO1K6JM0XYdIWmTAvLDAQHU_tnf7ZXSA7MpeayabKeoSdDxoGwzYWPutvTGTHw5rIX8cAEn_61hMQEiAXGxpbFTZIFBAgEGAGSBQQIBRgEoAYugAfDkog6qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ6JMK0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljFvou-o4GDA5oJcGh0dHBzOi8vd3d3LmZvbS5kZS9hbGxlcy13YXMtZGEta29tbXQ_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1iYW5uZXImdXRtX2NhbXBhaWduPWJiX2RlejIzJnV0bV9jb250ZW50PTIwMjSACgHICwGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi04MTQzOTk3OTUxOTkxNzk1GAA&sigh=JFURAZEjjc4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN-dvCzuAweomRUEfOjvleqbnGtLMuQ7F11L_YxTD94H2XLgqkVIlpBNKIfruPkqLCEu9JBFMAWFkj67HUCDDT2lu11ks0P5spA4QYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210419103188227944113%22,%22debug_reporting%22:true,%22destination%22:%22https://fom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951973541%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222645890525100689873%22}&andc=true

Request Chain 135

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1

Request Chain 136

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXPMzv81LNRBM3E2DYCeSQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1

Request Chain 137

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEO8oXVA0I3HkjoqTHrqAipw&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO8oXVA0I3HkjoqTHrqAipw%26google_cver%3D1

Request Chain 138

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxNjU4NDQ3ODQ0MzIyNTY2

Request Chain 144

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA0Rbn3oMEnR7mbE4mb7ths&google_cver=1&google_push=AXcoOmQzKtF61BAziHX4aebrlqGW1UDZhyyH8B9FsE3gMSO64-Z1sV_e5MwW6T9pkvE5PFfp1z7aQJPNsFMOdV8j-hiTzY01cUCdIPRP HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI5NDU3MzU4MTUzNjM2NzAxOQ==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA0Rbn3oMEnR7mbE4mb7ths&google_cver=1

Request Chain 145

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELHIy9Gvo2wuoaJR2s3SkIs&google_cver=1&google_push=AXcoOmRM3ZcnSPeE65FEAmsPhkLb1U7EcjApSRHyugXgktuKqK5-hDTMbYyq9WX71LVHQOI7GMnKE2uDAY6Il_g1kiReBeAc7ORXkWo5 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELHIy9Gvo2wuoaJR2s3SkIs&google_push=AXcoOmRM3ZcnSPeE65FEAmsPhkLb1U7EcjApSRHyugXgktuKqK5-hDTMbYyq9WX71LVHQOI7GMnKE2uDAY6Il_g1kiReBeAc7ORXkWo5

Request Chain 148

• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSp5hMPdboDyYWpFyzsg3HDI3_fpG7jvjbZSglcM_mSzmxNDc-nlUj1LoQC6xB-gF8B_XyiaDWAjYMoV0F62m7H7iR1xwQRoHVB&google_gid=CAESEJ1n6TT3Sui4zbioHBy7SBU&google_cver=1 HTTP 302
• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSp5hMPdboDyYWpFyzsg3HDI3_fpG7jvjbZSglcM_mSzmxNDc-nlUj1LoQC6xB-gF8B_XyiaDWAjYMoV0F62m7H7iR1xwQRoHVB&google_gid=CAESEJ1n6TT3Sui4zbioHBy7SBU&google_cver=1&rd=Y HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDkwMjExMjYwMDA4NDk1NTIwOTk1Mg%3D%3D&google_push=AXcoOmSp5hMPdboDyYWpFyzsg3HDI3_fpG7jvjbZSglcM_mSzmxNDc-nlUj1LoQC6xB-gF8B_XyiaDWAjYMoV0F62m7H7iR1xwQRoHVB

Request Chain 149

• https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO7YTfRIaV63Q2JPk8ntTD0&google_cver=1&google_push=AXcoOmR6O6wMcSQujAR6DhT_-sgpTOtL1Wy8zEc-OpDjTNK5d5-UGY1t5ok8PKE1N4OjNL5qEmZKM2AQMc9pOVN630U6WFxuGPwNe6PW HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR6O6wMcSQujAR6DhT_-sgpTOtL1Wy8zEc-OpDjTNK5d5-UGY1t5ok8PKE1N4OjNL5qEmZKM2AQMc9pOVN630U6WFxuGPwNe6PW

Request Chain 150

• https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHbplUe6rBL_9Hv-e3Ukyfo&google_cver=1&google_push=AXcoOmSkTUcvXRvj705xhjM861iZKF2cTDuE_505ffyftX6TOvjDgGWSFB2zBR3pxSSQBqyXzQmW0PuHGZe6-JiyBCRTbsEZ3n1YXHujgg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSkTUcvXRvj705xhjM861iZKF2cTDuE_505ffyftX6TOvjDgGWSFB2zBR3pxSSQBqyXzQmW0PuHGZe6-JiyBCRTbsEZ3n1YXHujgg HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 161

• https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOD50ZrARhDMBBiTATII7iDqJ_SHFYM HTTP 301
• https://tpc.googlesyndication.com/simgad/9582802623576457529

Request Chain 168

• https://um.simpli.fi/gp_match?google_gid=CAESELTT_GNjC-1HnemwtISejLo&google_cver=1&google_push=AXcoOmT43SC_O-xwnZcrfVdYGOr-OcUw0zhC3s9thfPqtm4CWeisUgE9ZGtFhoKkrqXrt1cwdjk_2_pQ3TIukigp71H1PBHdHUbZ_54Y HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ABC1AF80A1684413A1151D60FCDF8153&google_push=AXcoOmT43SC_O-xwnZcrfVdYGOr-OcUw0zhC3s9thfPqtm4CWeisUgE9ZGtFhoKkrqXrt1cwdjk_2_pQ3TIukigp71H1PBHdHUbZ_54Y

Request Chain 170

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFgUnkJeXSQXKqvrkWUpz8Q&google_cver=1&google_push=AXcoOmS1iZQh33_PY0Rh98UZw2MPmzuFuUCw6faIe2k8Y5SqjhzL3eAmEvyAlnYdfsdjhy44wMIk_10P0N7HCwwgdFtGJ1vsuKuqBXo HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS1iZQh33_PY0Rh98UZw2MPmzuFuUCw6faIe2k8Y5SqjhzL3eAmEvyAlnYdfsdjhy44wMIk_10P0N7HCwwgdFtGJ1vsuKuqBXo&google_hm=OHxGNk_WTyOUwIS-XgxVSxg

Request Chain 172

• https://d5p.de17a.com/cookies/google?google_gid=CAESEIDxDX0sHaiJ3-Ve7GB7ehw&google_cver=1&google_push=AXcoOmSA9cPU-vjVo7fZ3oELyB30WTn56aqZRB1yEGvFDrQeycQ4ZOhEMIygdF3TWXoB-DAAFO3FY7ve-_FwaJmCTAZNdfZRU-mo0sMT HTTP 302
• https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIDxDX0sHaiJ3-Ve7GB7ehw&google_cver=1&google_push=AXcoOmSA9cPU-vjVo7fZ3oELyB30WTn56aqZRB1yEGvFDrQeycQ4ZOhEMIygdF3TWXoB-DAAFO3FY7ve-_FwaJmCTAZNdfZRU-mo0sMT HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSA9cPU-vjVo7fZ3oELyB30WTn56aqZRB1yEGvFDrQeycQ4ZOhEMIygdF3TWXoB-DAAFO3FY7ve-_FwaJmCTAZNdfZRU-mo0sMT

Request Chain 173

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGr3Ff71TTQdS3plyFkSdno&google_cver=1&google_push=AXcoOmSUuw6HkrXQKrEwW-NIp67ph2Js04UBmut0gmNB4G8WTYT26ZUweI2e7LT1XtXkj-_aay6TRPXr1ledYTjVupl5ZqbvaYHDUsz0 HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGr3Ff71TTQdS3plyFkSdno&google_cver=1&google_push=AXcoOmSUuw6HkrXQKrEwW-NIp67ph2Js04UBmut0gmNB4G8WTYT26ZUweI2e7LT1XtXkj-_aay6TRPXr1ledYTjVupl5ZqbvaYHDUsz0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODU5Njg0ODc0Mzc3MjExNzcyNw&google_push=AXcoOmSUuw6HkrXQKrEwW-NIp67ph2Js04UBmut0gmNB4G8WTYT26ZUweI2e7LT1XtXkj-_aay6TRPXr1ledYTjVupl5ZqbvaYHDUsz0

Request Chain 177

• https://googleads.g.doubleclick.net/pagead/adview?ai=CUwOZzMxzZYXEPNvUgAfbgojwCqn_oNB0vor4m_ARo56d6v9AEAEgu_rtEWCVgoCAsAegAeiv7IgDyAEJqQJiLYh_9w6yPqgDAcgDywSqBOQBT9D67pneETog8cIGrxja_fUqfxRbXuzTi_UjFans0pn9Dxp649BpLinp-qr2coZ3I8Jlf1SdeMEmcWd6d-V7o4yLnQ1T9QsMZ6YcfW9KkD5asje5jqOed_Nyy1Fp_perjIFBpgbMz_D_CZOQ0rCC8Q74EPiihmzM7B3syOn6lGN8qSg7RF6sNL6Y3hmxBpcfDBnI37gmdrOW-CgkSqZ2jJqkCdz6arZHH9dF9y3OVN5hAho-rBGGxkkDXdrS_ZNDsOMIMj1JHWBrQRkDWrL3t9SXzqCL2evKIIearjUn2abmVNJrwAToqvT1wgSIBfqp7JFNkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4DQk3eoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQlJgE0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliRr4u-o4GDA5oJHWh0dHBzOi8vd3d3Lm5lYnVsdXMuYml6L2RlL2RlgAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItODE0Mzk5Nzk1MTk5MTc5NRgA&sigh=07gYnvmKNcE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNqNV0pxsXXTYP8Gy8mNmBGMt2C3n5uEvAk5Gj5JxToaa9XJNcfDeAO3UTUEzZSunYkyCvseF_xoJtqdr1fxqpXvmF4EhbOddESBgB&template_id=494&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229352755905764983891%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216678706917203188081%22}&andc=true

Request Chain 179

• https://googleads.g.doubleclick.net/pagead/adview?ai=CberyzMxzZYbEPNvUgAfbgojwCu6Pi8p0tOaXps4Sp9WMqOpBEAEgu_rtEWCVgoCAsAegAYOsjaoqyAEJqQJiLYh_9w6yPqgDAcgDywSqBOwBT9BqaAwF6K4E-tZUYDNOidvOBUqbnrRht4r0S61-0hG9N-hx6yo3ffoHud6XUAF9TQ1ctA-88_ZMSapgJzll9wQha8GWGLgf8ZsddVBb75uSsxDY_mlS4rn6-spfmlYANtBZQvl3nZe18Zhjtm3-WanIFtjsA2N272oeQFSUtKLO_rHXtAcWD1G-XIZ8h9CHVDuwO0pIsGSFtHnXNMxTvZbpCJv0Hr5bA4Ee_5CKbS-MkNc86p92IFj5AOzahoOWAeOP6xAPExCR-ZVMk4V8pYWAwrExvGclt5iW20X7UsnFD8iz8Why7hBnqsLABK7xzY_JBIgF27CCzE2gBi6AB4Pk3YkFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQwPAb0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliRr4u-o4GDA5oJNmh0dHBzOi8vbm92YXBvc3QuY29tL3VrLWRlL2ludGVybmF0aW9uYWwvc2hpcHBpbmctY29zdIAKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2BMD0BUBmBYBgBcBshccChoIABIUcHViLTgxNDM5OTc5NTE5OTE3OTUYAA&sigh=zZXYI6sTHT8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNqNV0pxsXXTYP8Gy8mNmBGMt2C3n5uEvAk5Gj5JxToaa9XJNcfDeAO3UTUEzZSunYkyCvseF_xoJtqdr1fxqpXvmF4EhbOddESBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22783498413115066715%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211362588163%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22386343309578812865%22}&andc=true

Request Chain 180

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEBdGk5YCUbBzlvOQb2gV9dc&google_cver=1&google_push=AXcoOmSVWIEWpB-PwlNsLBXai4D3VPqcvkxfyVNRBofO_6O7WJjdb6epUfbCAnA5ZZbYVqGw3uX57QocUvAu-0dFO0gfKOLI4atdvTmJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSVWIEWpB-PwlNsLBXai4D3VPqcvkxfyVNRBofO_6O7WJjdb6epUfbCAnA5ZZbYVqGw3uX57QocUvAu-0dFO0gfKOLI4atdvTmJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBdGk5YCUbBzlvOQb2gV9dc&google_cver=1&google_push=AXcoOmSVWIEWpB-PwlNsLBXai4D3VPqcvkxfyVNRBofO_6O7WJjdb6epUfbCAnA5ZZbYVqGw3uX57QocUvAu-0dFO0gfKOLI4atdvTmJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSVWIEWpB-PwlNsLBXai4D3VPqcvkxfyVNRBofO_6O7WJjdb6epUfbCAnA5ZZbYVqGw3uX57QocUvAu-0dFO0gfKOLI4atdvTmJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 181

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFgUnkJeXSQXKqvrkWUpz8Q&google_cver=1&google_push=AXcoOmRbtmMKeJ3NR8a9nHO8NgGWddqTurD59ovD1Qa-it22pHWzvUnhPvk67sdQrxO4PAA21oxVh759YC7p8oFi0dpn8IBhW78t-YY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRbtmMKeJ3NR8a9nHO8NgGWddqTurD59ovD1Qa-it22pHWzvUnhPvk67sdQrxO4PAA21oxVh759YC7p8oFi0dpn8IBhW78t-YY&google_hm=ZzooCeJRSDqLwHoabJ3sWhg

Request Chain 182

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKQOdSk88P6Yl2yAb_fAYjA&google_cver=1&google_push=AXcoOmTbrZ94vOk0ll6AmI3w0Lrj0m25d0OznVTec3RD2CluSYy5n2hBhYgPkEKHtM2JBIN9QMY04xy2VOdeR-d6Z6J8_PrJXizhgVCd HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDQxMTgwNTI5NTM3NjUyNA%3D%3D&google_push=AXcoOmTbrZ94vOk0ll6AmI3w0Lrj0m25d0OznVTec3RD2CluSYy5n2hBhYgPkEKHtM2JBIN9QMY04xy2VOdeR-d6Z6J8_PrJXizhgVCd

Request Chain 183

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEP0_tVKixkVPtJwx_njXBYM&google_cver=1&google_push=AXcoOmTxdIqs0NQigP6GAuAOewKSsa5tcRLxBo76g-JMAz0v-xtZiEtAZ5HrhhCRD0OmF7vYI0noqKVoljDoDXxMiI43QtVLlgOniVM HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Cifv-oyBRJsjfY6UNiw3Iw&google_push=AXcoOmTxdIqs0NQigP6GAuAOewKSsa5tcRLxBo76g-JMAz0v-xtZiEtAZ5HrhhCRD0OmF7vYI0noqKVoljDoDXxMiI43QtVLlgOniVM

Request Chain 186

• https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO7YTfRIaV63Q2JPk8ntTD0&google_cver=1&google_push=AXcoOmSdo1bYTifA5Dvc-wGUkCeP_Hs_pBHfckMA12CxmpeQ-kNBCpKYKS8MHxsEjRa4TCRsWPV4JWKVvGXc5NlygWWabo6gQBEjAO0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSdo1bYTifA5Dvc-wGUkCeP_Hs_pBHfckMA12CxmpeQ-kNBCpKYKS8MHxsEjRa4TCRsWPV4JWKVvGXc5NlygWWabo6gQBEjAO0

Request Chain 188

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEBdGk5YCUbBzlvOQb2gV9dc&google_cver=1&google_push=AXcoOmQUdFpbUfwD9BwInGwUHSA-nM9b0Uk7iH05HxhdobcLyb3wz3Ah_uj4bISFy1hMjac1Ib0i-4OQ2HFyT4ElM70SkFkRddF7fhE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQUdFpbUfwD9BwInGwUHSA-nM9b0Uk7iH05HxhdobcLyb3wz3Ah_uj4bISFy1hMjac1Ib0i-4OQ2HFyT4ElM70SkFkRddF7fhE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBdGk5YCUbBzlvOQb2gV9dc&google_cver=1&google_push=AXcoOmQUdFpbUfwD9BwInGwUHSA-nM9b0Uk7iH05HxhdobcLyb3wz3Ah_uj4bISFy1hMjac1Ib0i-4OQ2HFyT4ElM70SkFkRddF7fhE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQUdFpbUfwD9BwInGwUHSA-nM9b0Uk7iH05HxhdobcLyb3wz3Ah_uj4bISFy1hMjac1Ib0i-4OQ2HFyT4ElM70SkFkRddF7fhE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 189

• https://um.simpli.fi/gp_match?google_gid=CAESELTT_GNjC-1HnemwtISejLo&google_cver=1&google_push=AXcoOmRKZrytrUHWpMjh9WRGo4ljPnMNyC41B_wql_iz7jxjaz0TbZ5ZWI9Vd0TvaQspI6wEdKIeg8cosnArHjID_E5G4oCVYFGE1ag HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=65EAE4739BE648548C8920CEAFF7D5E2&google_push=AXcoOmRKZrytrUHWpMjh9WRGo4ljPnMNyC41B_wql_iz7jxjaz0TbZ5ZWI9Vd0TvaQspI6wEdKIeg8cosnArHjID_E5G4oCVYFGE1ag

Request Chain 190

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFgUnkJeXSQXKqvrkWUpz8Q&google_cver=1&google_push=AXcoOmSCTVCwtQghpuAUOTEDIUpK5ndgjALbnm-zQhuOeEAEWHGevjKwK2ANWQevihs_sPCT429IJpR4nEAvqJ7jk6DyCNdIrulP89c HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSCTVCwtQghpuAUOTEDIUpK5ndgjALbnm-zQhuOeEAEWHGevjKwK2ANWQevihs_sPCT429IJpR4nEAvqJ7jk6DyCNdIrulP89c&google_hm=a1EElZ7ySGOD-bbqbQiC-Bg

Request Chain 192

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEP0_tVKixkVPtJwx_njXBYM&google_cver=1&google_push=AXcoOmSHngcsiXGMw7C-LqGxjUkao27Bmo3_S0M8v1atef9Irxt_X314lbmURd6nlCbOn-p5zgYpMuRDInYem8sP9NdFa-7pwuVYxA4 HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KGmrd2c6QMsMxC6ZrkqUcA&google_push=AXcoOmSHngcsiXGMw7C-LqGxjUkao27Bmo3_S0M8v1atef9Irxt_X314lbmURd6nlCbOn-p5zgYpMuRDInYem8sP9NdFa-7pwuVYxA4

Request Chain 193

• https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO7YTfRIaV63Q2JPk8ntTD0&google_cver=1&google_push=AXcoOmSonOuC0bpdX2KfieTmRDfiKqaTnBq2lqWVH7VAjsIvhsyJyWqgfthfPo5EfhqkiAotcfyUNOwZQ7OV7eCp73tQhFHgZhxPiA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSonOuC0bpdX2KfieTmRDfiKqaTnBq2lqWVH7VAjsIvhsyJyWqgfthfPo5EfhqkiAotcfyUNOwZQ7OV7eCp73tQhFHgZhxPiA

Request Chain 194

• https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHbplUe6rBL_9Hv-e3Ukyfo&google_cver=1&google_push=AXcoOmS48U1Pqpy59GqKpDNFVdn9tttIFRpWVDxo-wsJ-iYx5cgfX0ZduGIe7BQ0mmILRb4kRpnKdfxRU-Xmm7macjOiWp6x8aJkjR4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS48U1Pqpy59GqKpDNFVdn9tttIFRpWVDxo-wsJ-iYx5cgfX0ZduGIe7BQ0mmILRb4kRpnKdfxRU-Xmm7macjOiWp6x8aJkjR4 HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 199

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1

Request Chain 200

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXPMzv81LNRBM3E2DYCeSQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1

Request Chain 201

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEO8oXVA0I3HkjoqTHrqAipw&google_cver=1

Request Chain 202

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxNjU4NDQ3ODQ0MzIyNTY2

Request Chain 208

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1

Request Chain 209

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXPMzv81LNRBM3E2DYCeSQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1

Request Chain 210

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEO8oXVA0I3HkjoqTHrqAipw&google_cver=1

Request Chain 211

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxNjU4NDQ3ODQ0MzIyNTY2

286 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
10 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response biodoma.ru/	69 KB 70 KB	873ms 85ms	Document text/html	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / PHP/5.6.38 Resource Hash ed0ad36f54d89e92d565042f70ca95ce949ac0727f8cc6601b7e73f58f22280b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control max-age=3, must-revalidate Connection keep-alive Content-Type text/html; charset=UTF-8 Date Sat, 09 Dec 2023 02:11:24 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 Transfer-Encoding chunked Vary Accept-Encoding,Cookie X-Powered-By PHP/5.6.38
GET H/1.1	200 OK	style.css biodoma.ru/wp-content/themes/ThrillingTheme/	14 KB 14 KB	74ms 74ms	Stylesheet text/css	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/style.css Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash e19b0351ab466012cf91f5bffcb7546e08138a361cab7e9eddf7a844ce6fdaf8 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 18 Apr 2018 09:38:56 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "36e7-56a1c3944ec00" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 14055
GET H/1.1	200 OK	960.css biodoma.ru/wp-content/themes/ThrillingTheme/	4 KB 4 KB	135ms 68ms	Stylesheet text/css	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/960.css Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 9b03ce6b5584b3234c41c8047b547e8232ab5272864c6fbace6c72102cf8372b Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 29 Jan 2020 09:45:36 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "ecf-59d4433cd9000" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 3791
GET H/1.1	200 OK	suckerfish.js Show response biodoma.ru/wp-content/themes/ThrillingTheme/includes/js/	338 B 614 B	204ms 68ms	Script application/javascript	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/includes/js/suckerfish.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash abb948e1b3e5bc4a1a337c9cef53d205ae28d3be3594649a3ffff4a19ecc62e0 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:32:14 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "152-4942b19312b80" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 338
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	150 KB 51 KB	151ms 97ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 419dd8cd5ec0071cae04e30f0b1b21c2105370bd54abe6733e1aaef378fa5aa6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:24 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51834 x-xss-protection 0 server cafe etag 156951476364437491 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sat, 09 Dec 2023 02:11:24 GMT
GET H/1.1	200 OK	style.min.css biodoma.ru/wp-includes/css/dist/block-library/	40 KB 40 KB	136ms 68ms	Stylesheet text/css	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.3.16 Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Fri, 13 May 2022 15:41:10 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "a055-5dee680eba893" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 41045
GET H/1.1	200 OK	style.min.css biodoma.ru/wp-content/plugins/juiz-social-post-sharer/skins/2/	7 KB 7 KB	153ms 76ms	Stylesheet text/css	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-content/plugins/juiz-social-post-sharer/skins/2/style.min.css?ver=2.3.2 Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash f01af2c255090e6bcd85c14c0bec6f3c4438600f012891d7c5938073a88f2da3 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 09 Aug 2023 11:52:55 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "1b96-6027c1ec69153" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 7062
GET H/1.1	200 OK	jquery.js Show response biodoma.ru/wp-includes/js/jquery/	95 KB 95 KB	215ms 71ms	Script application/javascript	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Fri, 17 May 2019 04:25:54 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "17a69-5890dc7401880" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 96873
GET H/1.1	200 OK	jquery-migrate.min.js Show response biodoma.ru/wp-includes/js/jquery/	10 KB 10 KB	231ms 76ms	Script application/javascript	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Fri, 20 May 2016 06:11:28 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "2748-5333ff613c400" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 10056
GET H/1.1	200 OK	dropcap_style.css biodoma.ru/wp-content/plugins/dropcap_first/	191 B 452 B	176ms 89ms	Stylesheet text/css	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-content/plugins/dropcap_first/dropcap_style.css Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash dea783666f70020e37467a47d73e558f3e1feb662af4240445cf6b4bc0354d7f Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:16:28 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "bf-4942ae0ce5b00" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 191
GET H/1.1	200 OK	2-thrillingorange.css biodoma.ru/wp-content/themes/ThrillingTheme/styles/	809 B 1 KB	196ms 67ms	Stylesheet text/css	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/styles/2-thrillingorange.css Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash ae4e231bc40356acdf5fac8e34b7840e0f1bf2f32adf5c586985fa8ff4f477c0 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:32:14 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "329-4942b19312b80" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 809
GET H/1.1	200 OK	thumb.php biodoma.ru/wp-content/themes/ThrillingTheme/	32 KB 33 KB	89ms 89ms	Image image/jpeg	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/thumb.php?src=http://biodoma.ru/wp-content/uploads/2021/03/tukovatel-1919-500x253.jpg&h=195&w=540&zc=1&q=95 Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / PHP/5.6.38 Resource Hash cebfa571108e0eee12ef2ce20a3bb2e7044a8b2803ff093adc1f080a1417cbf1 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Fri, 16 Apr 2021 16:53:28 Server Apache/2.4.6 (CentOS) PHP/5.6.38 X-Powered-By PHP/5.6.38 Content-Type image/jpeg Cache-Control max-age=9999, must-revalidate Connection keep-alive Content-Length 33176 Expires Sat, 09 Dec 2023 04:58:03GMT
GET H/1.1	200 OK	thumb.php biodoma.ru/wp-content/themes/ThrillingTheme/	29 KB 29 KB	68ms 68ms	Image image/jpeg	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/thumb.php?src=http://biodoma.ru/wp-content/uploads/2019/04/dveri_biodomaru_3-333x500.jpg&h=195&w=540&zc=1&q=95 Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / PHP/5.6.38 Resource Hash 471ca8bc6998a955569baee8096f3f4b1d6c931dcc712982b7bcca1c0a7c72b5 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Fri, 16 Apr 2021 17:21:12 Server Apache/2.4.6 (CentOS) PHP/5.6.38 X-Powered-By PHP/5.6.38 Content-Type image/jpeg Cache-Control max-age=9999, must-revalidate Connection keep-alive Content-Length 29637 Expires Sat, 09 Dec 2023 04:58:03GMT
GET H/1.1	200 OK	thumb.php biodoma.ru/wp-content/themes/ThrillingTheme/	52 KB 52 KB	69ms 69ms	Image image/jpeg	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/thumb.php?src=http://biodoma.ru/wp-content/uploads/2019/04/bioua3.jpg&h=195&w=540&zc=1&q=95 Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / PHP/5.6.38 Resource Hash 1894985c7e47938056029d49837baa13f35d1ff21680bc463a7c8c06c5472612 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Sun, 20 Jun 2021 17:33:30 Server Apache/2.4.6 (CentOS) PHP/5.6.38 X-Powered-By PHP/5.6.38 Content-Type image/jpeg Cache-Control max-age=9999, must-revalidate Connection keep-alive Content-Length 53140 Expires Sat, 09 Dec 2023 04:58:03GMT
GET H/1.1	200 OK	thumb.php biodoma.ru/wp-content/themes/ThrillingTheme/	71 KB 71 KB	72ms 72ms	Image image/jpeg	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/thumb.php?src=http://biodoma.ru/wp-content/uploads/2019/04/drovnica-biodomaru-12.jpg&h=195&w=540&zc=1&q=95 Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / PHP/5.6.38 Resource Hash 17ce81293d56e847340690c8be64b97437216b4a05a57e592a37810f378cbae0 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Fri, 16 Apr 2021 16:34:19 Server Apache/2.4.6 (CentOS) PHP/5.6.38 X-Powered-By PHP/5.6.38 Content-Type image/jpeg Cache-Control max-age=9999, must-revalidate Connection keep-alive Content-Length 72240 Expires Sat, 09 Dec 2023 04:58:03GMT
GET H/1.1	200 OK	thumb.php biodoma.ru/wp-content/themes/ThrillingTheme/	35 KB 35 KB	89ms 89ms	Image image/jpeg	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/thumb.php?src=http://biodoma.ru/wp-content/uploads/2019/03/len2.jpg&h=195&w=540&zc=1&q=95 Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / PHP/5.6.38 Resource Hash 565f8b13f8b866236bc277f00402eccd97afe8abdbf81baf1373ea808651ad87 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Fri, 16 Apr 2021 17:04:10 Server Apache/2.4.6 (CentOS) PHP/5.6.38 X-Powered-By PHP/5.6.38 Content-Type image/jpeg Cache-Control max-age=9999, must-revalidate Connection keep-alive Content-Length 35352 Expires Sat, 09 Dec 2023 04:58:03GMT
GET H/1.1	200 OK	thumb.php biodoma.ru/wp-content/themes/ThrillingTheme/	41 KB 42 KB	70ms 69ms	Image image/jpeg	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/thumb.php?src=http://biodoma.ru/wp-content/uploads/2018/07/pol-uteplitel-500x466.jpg&h=195&w=540&zc=1&q=95 Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / PHP/5.6.38 Resource Hash 028da4321921f9e6ee0a4be487413a9a3e3116b1c8cf7b2a36ad9b4bdeb701d1 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Fri, 16 Apr 2021 16:45:53 Server Apache/2.4.6 (CentOS) PHP/5.6.38 X-Powered-By PHP/5.6.38 Content-Type image/jpeg Cache-Control max-age=9999, must-revalidate Connection keep-alive Content-Length 42203 Expires Sat, 09 Dec 2023 04:58:03GMT
GET H/1.1	200 OK	thumb.php biodoma.ru/wp-content/themes/ThrillingTheme/	33 KB 33 KB	75ms 75ms	Image image/jpeg	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/thumb.php?src=http://biodoma.ru/wp-content/uploads/2017/04/alycha1.jpg&h=195&w=540&zc=1&q=95 Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / PHP/5.6.38 Resource Hash f1391d9a836faf27be9fa8b4802ed7a171f1ff978ce2927aa6b30adb14ba50ef Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Fri, 16 Apr 2021 16:56:27 Server Apache/2.4.6 (CentOS) PHP/5.6.38 X-Powered-By PHP/5.6.38 Content-Type image/jpeg Cache-Control max-age=9999, must-revalidate Connection keep-alive Content-Length 33907 Expires Sat, 09 Dec 2023 04:58:03GMT
GET H/1.1	200 OK	ico-rss-trans.png biodoma.ru/wp-content/themes/ThrillingTheme/images/	3 KB 3 KB	65ms 65ms	Image image/png	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/images/ico-rss-trans.png Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 3cc7fab6b266d8f0e82857f944f8d2192144c7f0948eed776cc3305a7a5757e3 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:31:56 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "cbc-4942b181e8300" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 3260
GET H/1.1	200 OK	search-trans.png biodoma.ru/wp-content/themes/ThrillingTheme/images/	6 KB 6 KB	68ms 68ms	Image image/png	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/images/search-trans.png Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 3367ebe31c528c85b0cb66e79ca53a49df289859bb6343bb43c47f9457062c7c Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:32:02 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "17f4-4942b187a1080" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 6132
GET H/1.1	200 OK	cat2.gif biodoma.ru/wp-content/uploads/2013/04/	7 KB 7 KB	71ms 71ms	Image image/gif	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/uploads/2013/04/cat2.gif Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 8348ce705d96173d027ab8bb81aef2231a5492a13a6192135e3eeb60a451a896 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Tue, 16 Apr 2013 18:07:14 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "1ab0-4da7e3d2df880" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 6832
GET H/1.1	200 OK	zhitov.gif biodoma.ru/wp-content/uploads/2010/03/	1 KB 2 KB	88ms 88ms	Image image/gif	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/uploads/2010/03/zhitov.gif Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 4466c32b49a63e841bd8bcf68d99f3d74d8eb334d3bf64abf8fcb2f0730e4a92 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:35:04 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "52e-4942b23532a00" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 1326
GET H/1.1	200 OK	biodomainfo.gif biodoma.ru/wp-content/uploads/	3 KB 3 KB	70ms 70ms	Image image/gif	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/uploads/biodomainfo.gif Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 79567928f7254f25b282e979240ae90c6478c5afdb2a3e9b51c1d28022adea82 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Sun, 04 Jan 2015 10:30:08 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "ca2-50bd10ecdec00" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 3234
GET H/1.1	200 OK	faq.gif biodoma.ru/wp-content/uploads/	9 KB 9 KB	69ms 69ms	Image image/gif	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/uploads/faq.gif Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash b828395191dfe06b4f7524b50f07e58ce21f781edbef79e4b23dcfd3920f9048 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Mon, 14 Nov 2011 11:59:04 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "230d-4b1b098dfb200" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 8973
GET H/1.1	200 OK	wordpress-trans.png biodoma.ru/wp-content/themes/ThrillingTheme/images/	1 KB 1 KB	70ms 70ms	Image image/png	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/images/wordpress-trans.png Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 68d79fba8bf55f4b45b9d6ed542ec081e8b0acb3d2df220d95dfe91a5abd56af Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:32:08 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "4de-4942b18d59e00" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1246
GET H/1.1	200 OK	juiz-social-post-sharer.min.js Show response biodoma.ru/wp-content/plugins/juiz-social-post-sharer/assets/js/	15 KB 15 KB	73ms 73ms	Script application/javascript	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-content/plugins/juiz-social-post-sharer/assets/js/juiz-social-post-sharer.min.js?ver=2.3.2 Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 916e471dd6b88abd9579906e0512abfdc09cc1cdcf4db26778885b7f678aa5a6 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 09 Aug 2023 11:52:55 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "3b5a-6027c1ec6c41b" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 15194
GET H/1.1	200 OK	wp-embed.min.js Show response biodoma.ru/wp-includes/js/	1 KB 2 KB	74ms 73ms	Script application/javascript	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-includes/js/wp-embed.min.js?ver=5.3.16 Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 37c5f58f12814dd0ecc28f15b7765c6bcd31a9479d330b4ef896e140bf89dc38 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Tue, 16 May 2023 19:22:06 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "5a3-5fbd47ca86545" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1443
GET H/1.1	200 OK	jquery-1.2.1.pack.js Show response biodoma.ru/wp-content/themes/ThrillingTheme/includes/js/	27 KB 27 KB	70ms 69ms	Script application/javascript	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/includes/js/jquery-1.2.1.pack.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 675a68ab60ce5068044d9a49a989dbf7cf5f051eece9f9d8f32faa1e89dc3912 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:32:12 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "6a0b-4942b1912a700" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 27147
GET H/1.1	200 OK	tabs.js Show response biodoma.ru/wp-content/themes/ThrillingTheme/includes/js/	1 KB 2 KB	79ms 78ms	Script application/javascript	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/includes/js/tabs.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash a5c47c0cd3cd4da0b79dbb3756f615c955ad4f7e61f017371fd45e5231468ee9 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:32:12 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "509-4942b1912a700" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1289
GET H/1.1	200 OK	wp-emoji-release.min.js Show response biodoma.ru/wp-includes/js/	14 KB 14 KB	77ms 77ms	Script application/javascript	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Full URL http://biodoma.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.3.16 Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Fri, 13 May 2022 15:41:10 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "3619-5dee680ead1bb" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 13849
GET H/1.1	200 Ok	context.js Show response an.yandex.ru/system/	342 KB 100 KB	142ms 80ms	Script text/javascript	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL http://an.yandex.ru/system/context.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol HTTP/1.1 Server 2a02:6b8::90 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash b337f6c1437021282e29d34f00513980454189e75a7b269b0c167147d83cc983 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://biodoma.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Strict-Transport-Security max-age=31536000 Content-Encoding gzip X-Yandex-Req-Id 1702087884626085-1576669259225049296000229-production-app-host-sas-pcode-348 Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private, max-age=3600 Timing-Allow-Origin * Keep-Alive timeout=600 X-Robots-Tag noindex, noarchive, nofollow Expires Sat, 09 Dec 2023 03:11:24 GMT
GET H/1.1	200 OK	bgr.jpg biodoma.ru/wp-content/themes/ThrillingTheme/styles/thrillingorange/	627 B 891 B	158ms 87ms	Image image/jpeg	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/styles/thrillingorange/bgr.jpg Requested by Host: biodoma.ru URL: http://biodoma.ru/wp-content/themes/ThrillingTheme/styles/2-thrillingorange.css Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 135052d8aaaafba194238cd93238ab01a907712d72f5ba0bb4daf98a9ebda675 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/wp-content/themes/ThrillingTheme/styles/2-thrillingorange.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:32:22 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "273-4942b19ab3d80" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 627
GET H/1.1	200 OK	bgr-box-trans.png biodoma.ru/wp-content/themes/ThrillingTheme/images/	151 B 413 B	134ms 69ms	Image image/png	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/images/bgr-box-trans.png Requested by Host: biodoma.ru URL: http://biodoma.ru/wp-content/themes/ThrillingTheme/styles/2-thrillingorange.css Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash b8ed6888cbf2eb2098935247a012f71e16c84a989a4afc6dcd56c7036a46332a Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/wp-content/themes/ThrillingTheme/styles/2-thrillingorange.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:31:48 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "97-4942b17a47100" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 151
GET H/1.1	200 OK	ico-comments.gif biodoma.ru/wp-content/themes/ThrillingTheme/images/	327 B 590 B	67ms 67ms	Image image/gif	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/images/ico-comments.gif Requested by Host: biodoma.ru URL: http://biodoma.ru/wp-content/themes/ThrillingTheme/style.css Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 44b06ce11b2f8a76a1db2c8cb880b971888df93cfe3bb05ecc281ea40f6c4b41 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/wp-content/themes/ThrillingTheme/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:31:54 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "147-4942b17fffe80" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 327
GET H/1.1	200 OK	ico-continue-trans.png biodoma.ru/wp-content/themes/ThrillingTheme/images/	859 B 1 KB	133ms 69ms	Image image/png	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/images/ico-continue-trans.png Requested by Host: biodoma.ru URL: http://biodoma.ru/wp-content/themes/ThrillingTheme/style.css Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash a5adff5d0928bc02c0ec50f3d5ce88267c2266c6d070fdb6f89e412f6ba9af86 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/wp-content/themes/ThrillingTheme/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:31:54 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "35b-4942b17fffe80" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 859
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/	399 KB 135 KB	92ms 91ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8143997951991795&plah=biodoma.ru&bust=31080064 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 179795c9ed97551f7233a4abc80296894259140dbb9bfd78bb9eb77f0fe08088 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:24 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 137975 x-xss-protection 0 server cafe etag 2475652678540422657 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 09 Dec 2023 02:11:24 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 103C	9 KB 4 KB	73ms 22ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://biodoma.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 24194 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 19:28:10 GMT etag 5585625838579639069 expires Fri, 22 Dec 2023 19:28:10 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ac79c1fc3f4859b7f5ad.js Show response yastatic.net/partner-code-bundles/925414/	14 KB 5 KB	309ms 176ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/925414/ac79c1fc3f4859b7f5ad.js Requested by Host: an.yandex.ru URL: http://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 7de14293a00f3a08ca677a236acb46a444c5d750d41c6f1a865f7d206a041ea4 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer http://biodoma.ru/ Origin http://biodoma.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 01:23:37 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 4788 last-modified Fri, 08 Dec 2023 15:30:09 GMT etag "c5a9119a659639a0a48087c790a00e73" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Mon, 08 Dec 2053 08:47:25 GMT
GET H2	200	95568e19e7b545bb4320.js Show response yastatic.net/partner-code-bundles/925414/	24 KB 8 KB	306ms 174ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/925414/95568e19e7b545bb4320.js Requested by Host: an.yandex.ru URL: http://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 35791a0a568287fd20da5facf5eb7bbfd717719be54b020874cb71e2985f6d79 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer http://biodoma.ru/ Origin http://biodoma.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 01:23:37 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 7945 last-modified Fri, 08 Dec 2023 15:30:09 GMT etag "2a9241dc2707f8ca6e0c58a96acee926" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Mon, 08 Dec 2053 08:47:25 GMT
GET H2	200	385866b9b5a01ce8598e.js Show response yastatic.net/partner-code-bundles/925414/	118 KB 24 KB	309ms 177ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/925414/385866b9b5a01ce8598e.js Requested by Host: an.yandex.ru URL: http://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 35ef6a5812cd5efdd975b0d93543348b65e352ad79c69441136f880a99545dc4 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer http://biodoma.ru/ Origin http://biodoma.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 01:23:37 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 24546 last-modified Fri, 08 Dec 2023 15:30:08 GMT etag "19571a7377b7928c0926e050406a3861" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Mon, 08 Dec 2053 08:47:25 GMT
GET H2	200	host.js Show response yastatic.net/safeframe-bundles/0.83/	33 KB 9 KB	304ms 172ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/safeframe-bundles/0.83/host.js Requested by Host: an.yandex.ru URL: http://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer http://biodoma.ru/ Origin http://biodoma.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:03:37 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 8878 last-modified Wed, 03 Nov 2021 13:42:58 GMT etag "f80882bf67cf261aa08d636da095149a" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Mon, 08 Dec 2053 08:47:25 GMT
GET H2	200	text-variable-full.woff2 yastatic.net/s3/home/fonts/ys/3/	25 KB 26 KB	246ms 116ms	Font font/woff2	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2 Requested by Host: an.yandex.ru URL: http://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer http://biodoma.ru/ Origin http://biodoma.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 01:03:37 GMT strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 26004 x-amz-meta-owner {"role":"admin","login":"4eb0da"} last-modified Mon, 25 Apr 2022 14:02:39 GMT etag "7f0cdaf91230f9789ca4162aedff612e" vary Accept-Encoding x-nginx-request-id 88b9774e0295f570 report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} access-control-allow-origin * content-type font/woff2 cache-control public, max-age=31556952 accept-ranges bytes timing-allow-origin * expires Sun, 08 Dec 2024 08:00:37 GMT
GET H2	200	e7c97ee5f3e0e48c880c.js Show response yastatic.net/partner-code-bundles/925414/	59 KB 15 KB	302ms 175ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/925414/e7c97ee5f3e0e48c880c.js Requested by Host: an.yandex.ru URL: http://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 0bbba55316cd58f431f68be99551249796b217070c3c5590d3cc15cd63f35612 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer http://biodoma.ru/ Origin http://biodoma.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 01:23:37 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 14831 last-modified Fri, 08 Dec 2023 15:30:09 GMT etag "d17346a9c625d38da1404606421f031d" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Mon, 08 Dec 2053 08:47:25 GMT
GET H2	200	45b38d32d1ac376c1534.js Show response yastatic.net/partner-code-bundles/925414/	599 KB 115 KB	154ms 154ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/925414/45b38d32d1ac376c1534.js Requested by Host: an.yandex.ru URL: http://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash d4a7135dd00586b0f9a153709d8c2fe94e1cfa781bc8049bd780d71d2888f9c0 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer http://biodoma.ru/ Origin http://biodoma.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 01:13:37 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 117485 last-modified Fri, 08 Dec 2023 15:30:08 GMT etag "e99d3cab7568a025d5e99120cc7612ee" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Mon, 08 Dec 2053 08:47:25 GMT
GET H2	200	all.js Show response connect.facebook.net/ru_RU/ Redirect Chain http://connect.facebook.net/ru_RU/all.js https://connect.facebook.net/ru_RU/all.js	3 KB 3 KB	83ms 27ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/ru_RU/all.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H2 Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5b3d48a8890181a71876cca4cd1c1a45311bb7d5457177c2dd86342a9afd212f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 09 Dec 2023 02:11:24 GMT content-md5 t1ABJclxO9NXPDoUfOnlRA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1685 reporting-endpoints x-fb-debug 1lUF1gJv3K14DGS7dmA7XzTEmcxsq5B26n8yrPFb6xIuRIGN3eYvi9MPsyC3kA+V2LHHikcKRCCp7R9YNBioZw== x-fb-content-md5 4d9c1a1cdb3de657c6062c95438b307a cross-origin-opener-policy same-origin-allow-popups etag "0b5a7c9d358b297ac68a07f826bc81e7" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 09 Dec 2023 02:22:25 GMT Redirect headers Location https://connect.facebook.net/ru_RU/all.js#xfbml=1&appId=165570960176857 Non-Authoritative-Reason HSTS Cross-Origin-Resource-Policy Cross-Origin
GET H/1.1	200 OK	ico-star-trans.png biodoma.ru/wp-content/themes/ThrillingTheme/images/	295 B 558 B	71ms 71ms	Image image/png	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/images/ico-star-trans.png Requested by Host: biodoma.ru URL: http://biodoma.ru/wp-content/themes/ThrillingTheme/style.css Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 9241deceead4aff23ed1dacc62ecf170f90280daf40adc4b49e31250f27a5108 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/wp-content/themes/ThrillingTheme/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:31:56 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "127-4942b181e8300" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 295
GET H/1.1	200 OK	bgr-footer.gif biodoma.ru/wp-content/themes/ThrillingTheme/styles/thrillingorange/	271 B 534 B	79ms 79ms	Image image/gif	195.161.68.106 RTCOMM-AS
General Check archive.org Show headers Download Go to Show image Full URL http://biodoma.ru/wp-content/themes/ThrillingTheme/styles/thrillingorange/bgr-footer.gif Requested by Host: biodoma.ru URL: http://biodoma.ru/wp-content/themes/ThrillingTheme/styles/2-thrillingorange.css Protocol HTTP/1.1 Server 195.161.68.106 , Russian Federation, ASN8342 (RTCOMM-AS, RU), Reverse DNS srv237-vps-st.jino.ru Software Apache/2.4.6 (CentOS) PHP/5.6.38 / Resource Hash 325fd895c04149297c044043698e103bd9ed5d76aeb4542ad98834669319abd0 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/wp-content/themes/ThrillingTheme/styles/2-thrillingorange.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Sat, 09 Dec 2023 02:11:24 GMT Last-Modified Wed, 03 Nov 2010 19:32:22 GMT Server Apache/2.4.6 (CentOS) PHP/5.6.38 ETag "10f-4942b19ab3d80" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 271
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame DB5C	405 KB 71 KB	770ms 768ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&adk=1812271804&adf=3025194257&lmt=1702087884&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&dt=1702087884725&bpp=10&bdt=572&idt=216&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=420253416730&frm=20&pv=2&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=231 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8143997951991795&plah=biodoma.ru&bust=31080064 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2b0b6e24d76c4f2b779cbc4e9a414e2e156a718de50cda805c831adbd0abfc86 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://biodoma.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 72481 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 02:11:25 GMT expires Sat, 09 Dec 2023 02:11:25 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame D115	124 KB 41 KB	434ms 434ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=1188771638&adf=427404348&pi=t.aa~a.1361838460~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1702087884&rafmt=1&to=qs&pwprc=3297081025&format=960x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087884735&bpp=2&bdt=582&idt=228&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8143997951991795&plah=biodoma.ru&bust=31080064 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ade0f249f0873d239aaeb79d54e5aaa569488d401bfd73913782f89aa5937ac2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://biodoma.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 41925 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 02:11:25 GMT expires Sat, 09 Dec 2023 02:11:25 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	all.js Show response connect.facebook.net/ru_RU/	300 KB 85 KB	52ms 26ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/ru_RU/all.js?hash=05d6fefa81c7fa93c14bd3bf70e8b26e Requested by Host: connect.facebook.net URL: http://connect.facebook.net/ru_RU/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f9e2b287d5a853cf28250c5a09164ecb1c8f71132eb7d365b27f9bdfd9a43f5b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://biodoma.ru/ Origin http://biodoma.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 09 Dec 2023 02:11:25 GMT content-md5 FjTaDf9eQGtoeAHZ6J6wew== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 86543 reporting-endpoints x-fb-debug ISz3lixNOoyZQUYvmzzbwyXjDvNOR3SVEppAtfWAxUZNbV4i/mEZ8/FLYhxB7uK09Qs3cbvdeqGegwvft9gzkQ== x-fb-content-md5 7a3094ee3c2f60c669cdd6acb8eac823 cross-origin-opener-policy same-origin-allow-popups etag "5192660708bda3082c42c5e0d9037759" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Sun, 08 Dec 2024 00:33:43 GMT
GET H2	200	status www.facebook.com/x/oauth/	0 0	116ms 54ms	Fetch text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/x/oauth/status?client_id=165570960176857&input_token&origin=1&redirect_uri=http%3A%2F%2Fbiodoma.ru%2F&sdk=joey&wants_cookie_data=false Requested by Host: connect.facebook.net URL: https://connect.facebook.net/ru_RU/all.js?hash=05d6fefa81c7fa93c14bd3bf70e8b26e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=15552000; preload date Sat, 09 Dec 2023 02:11:25 GMT x-content-type-options nosniff nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 reporting-endpoints default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown" pragma no-cache x-fb-debug oCBMuNz+VNkjm/O7/QJ8jdwIqh+JPOAREVTEzKWmPIVv8NrWpExVEG+juIcW1zOFW2fZCDc7N4GhC4P43AlFhw== fb-s unknown report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"} content-type text/plain; charset=UTF-8 access-control-allow-origin http://biodoma.ru origin-agent-cluster ?0 access-control-expose-headers fb-s fb-error-description "This endpoint may only be called from an HTTPS Origin." access-control-allow-credentials true permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=() cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/ Frame D115	4 KB 1 KB	88ms 33ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=1188771638&adf=427404348&pi=t.aa~a.1361838460~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1702087884&rafmt=1&to=qs&pwprc=3297081025&format=960x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087884735&bpp=2&bdt=582&idt=228&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 09 Dec 2023 02:11:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 09 Dec 2023 01:20:02 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 09 Dec 2023 02:11:25 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame D115	2 KB 903 B	77ms 26ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=1188771638&adf=427404348&pi=t.aa~a.1361838460~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1702087884&rafmt=1&to=qs&pwprc=3297081025&format=960x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087884735&bpp=2&bdt=582&idt=228&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:55:12 GMT content-encoding br x-content-type-options nosniff age 26173 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:55:12 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame D115	24 KB 9 KB	76ms 27ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=1188771638&adf=427404348&pi=t.aa~a.1361838460~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1702087884&rafmt=1&to=qs&pwprc=3297081025&format=960x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087884735&bpp=2&bdt=582&idt=228&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:54:43 GMT content-encoding br x-content-type-options nosniff age 26202 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:54:43 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame D115	3 KB 1 KB	80ms 30ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=1188771638&adf=427404348&pi=t.aa~a.1361838460~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1702087884&rafmt=1&to=qs&pwprc=3297081025&format=960x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087884735&bpp=2&bdt=582&idt=228&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 14967 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame D115	20 KB 9 KB	72ms 23ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=1188771638&adf=427404348&pi=t.aa~a.1361838460~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1702087884&rafmt=1&to=qs&pwprc=3297081025&format=960x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087884735&bpp=2&bdt=582&idt=228&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 19754 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame D115	202 KB 64 KB	149ms 92ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=1188771638&adf=427404348&pi=t.aa~a.1361838460~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1702087884&rafmt=1&to=qs&pwprc=3297081025&format=960x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087884735&bpp=2&bdt=582&idt=228&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 09 Dec 2023 02:11:25 GMT
GET H2	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame D115	37 KB 16 KB	77ms 23ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=1188771638&adf=427404348&pi=t.aa~a.1361838460~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1702087884&rafmt=1&to=qs&pwprc=3297081025&format=960x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087884735&bpp=2&bdt=582&idt=228&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 06 Dec 2023 04:32:39 GMT content-encoding gzip x-content-type-options nosniff age 250726 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Wed, 06 Dec 2023 04:10:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 05 Mar 2024 04:32:39 GMT
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/5920508019341549372/ Frame D115	44 KB 44 KB	91ms 43ms	Image image/jpeg	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/5920508019341549372/14763004658117789537?w=600&h=314&tw=1&q=75 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=1188771638&adf=427404348&pi=t.aa~a.1361838460~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1702087884&rafmt=1&to=qs&pwprc=3297081025&format=960x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087884735&bpp=2&bdt=582&idt=228&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55cd3e33c698bb0f55adf18c6f3227c1273cb67527fdd467db8e222f9b4fc85f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:01:42 GMT x-content-type-options nosniff age 11383 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45248 x-xss-protection 0 last-modified Thu, 30 Nov 2023 12:49:47 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 07 Dec 2024 23:01:42 GMT
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/14358676811266547245/ Frame D115	5 KB 5 KB	87ms 40ms	Image image/png	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/14358676811266547245/14763004658117789537?w=100&h=100&tw=1&q=75 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=1188771638&adf=427404348&pi=t.aa~a.1361838460~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1702087884&rafmt=1&to=qs&pwprc=3297081025&format=960x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087884735&bpp=2&bdt=582&idt=228&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd3f990530e3518188d42d27bc6d167e0f0d8a9448658b046d87b1a715c232c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:05:28 GMT x-content-type-options nosniff age 357 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4908 x-xss-protection 0 last-modified Thu, 30 Nov 2023 13:49:15 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 08 Dec 2024 02:05:28 GMT
GET DATA	200 OK	truncated / Frame D115	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ba8d80cbbc1ce05728e1343696c2bce0276a2b7533e360bf52c3270542dfa432 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame D115	16 KB 16 KB	74ms 22ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:55:14 GMT x-content-type-options nosniff age 22571 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 19:55:14 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame D115	15 KB 15 KB	78ms 28ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:59:57 GMT x-content-type-options nosniff age 25888 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 18:59:57 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame D115 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CM-T0zMxzZc3BPPy3x_AP5f-pkAeqhMLbdP3TtZaHEvzBtauuARABILv67RFglYKAgLAHoAGl7ffFA8gBCakCYi2If_cOsj6oAwHIA8sEqgTbAU_Q1gFcwIsb3CzUn7dYAO6jgxHqYpR8wVQ... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210419103188227944113%22,%22debug_reporting%22:true,%22destination%22:%22https://fom.de%22,%22event_report_window%22:%22259...	0 0	304ms 258ms	Fetch text/css	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210419103188227944113%22,%22debug_reporting%22:true,%22destination%22:%22https://fom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951973541%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222645890525100689873%22}&andc=true Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H3 Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:25 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"10419103188227944113","debug_reporting":true,"destination":"https://fom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951973541"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"2645890525100689873"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 09 Dec 2023 02:11:25 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Sat, 09 Dec 2023 02:11:25 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10419103188227944113","debug_reporting":true,"destination":"https://fom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951973541"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"2645890525100689873"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response pagead2.googlesyndication.com/bg/ Frame 8B74	50 KB 19 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=1188771638&adf=427404348&pi=t.aa~a.1361838460~rp.4&w=960&fwrn=4&fwrnh=100&lmt=1702087884&rafmt=1&to=qs&pwprc=3297081025&format=960x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087884735&bpp=2&bdt=582&idt=228&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=230 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:18 GMT content-encoding br x-content-type-options nosniff age 367327 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19601 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 03 Dec 2024 20:09:18 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	116ms 55ms	Preflight text/html	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210419103188227944113%22,%22debug_reporting%22:true,%22destination%22:%22https://fom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951973541%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222645890525100689873%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Sat, 09 Dec 2023 02:11:25 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	114ms 70ms	XHR application/json	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8143997951991795&plah=biodoma.ru&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b55fb9045b1a65a11a92d5bb7fc94df2bf5430e0050e4cc24777beae55f63662 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:25 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12327 x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/	160 KB 55 KB	71ms 71ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/reactive_library_fy2021.js?bust=31080064 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8143997951991795&plah=biodoma.ru&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f0a61fc40cf68f891b6bae6c39045fa1219e21174265953d9e58adec6bfd1240 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:25 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56018 x-xss-protection 0 server cafe etag 11142011129839892218 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sat, 09 Dec 2023 02:11:25 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 57B0	107 KB 46 KB	409ms 409ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8143997951991795&plah=biodoma.ru&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2529733c3bd8e71df30c2ff66aa0950a197d474b555cd4101f5aec38ad27958f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://biodoma.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46577 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 02:11:26 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 50DA	47 KB 17 KB	382ms 382ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8143997951991795&plah=biodoma.ru&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a238e76dda2ddc9644516f720403cb8c421d85444c6205f4325a8d3afc2ac71a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://biodoma.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 17345 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 02:11:26 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 06EF	107 KB 45 KB	384ms 383ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8143997951991795&plah=biodoma.ru&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0c19d0de9da4e92595a5afe45a03627f05de58cc148cd08d1d3958f49aba97f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://biodoma.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46433 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 02:11:26 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 7DFE	107 KB 45 KB	398ms 397ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8143997951991795&plah=biodoma.ru&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 816725145acde1a74391f135d65de74ee2fb9c236b7ae7914f9afbfe97d27dfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://biodoma.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46470 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 02:11:26 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 3201	9 KB 4 KB	20ms 20ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8143997951991795&plah=biodoma.ru&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://biodoma.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 20507 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 20:29:38 GMT etag 5585625838579639069 expires Fri, 22 Dec 2023 20:29:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame EFC2	9 KB 4 KB	20ms 20ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8143997951991795&plah=biodoma.ru&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://biodoma.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 20507 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 20:29:38 GMT etag 5585625838579639069 expires Fri, 22 Dec 2023 20:29:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 4AEB	9 KB 4 KB	21ms 20ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8143997951991795&plah=biodoma.ru&bust=31080064 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://biodoma.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 20507 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 20:29:38 GMT etag 5585625838579639069 expires Fri, 22 Dec 2023 20:29:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	36ms 36ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8143997951991795&plah=biodoma.ru&bust=31080064 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 09 Dec 2023 02:11:25 GMT
GET H2	200	afr.php Show response ads.eu.criteo.com/delivery/r/ Frame 569A	204 KB 56 KB	396ms 106ms	Document text/html	2a02:2638:3::12 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXPMzAAPIgQK4CpbAAIBW_zwtaHGs_skTi1mSA&u=%7C5IhOIMvx3cIR3XRr3l0pUWxzPgkj%2FbvG8ijCDaSUeOs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-tDF6f8mMoGcMzrlX8TrBHbGRnRkDtz4mhTkQoRcoay2Lz696RF5Ah2r28vhCb5oEUhPtBBpHQgHP91dVQaywFRhBYUJXI4KZ0uthLLGt9TVJTcEnPP5n97X-_-oRDLDY3xL9gkhvGnL6BvKBqkWkHi8WM0OWvvwrbePTDK3CpP2rUc6TCXxicUid2ZQZefDdpim8j7Ut6kbA8NwUGpbKfYN2Z-CiyUDb9Bu7JJKhmn0EoLJlDmZzf4f79iIKn2A8nm5tPCEmpPIj6G-xBsliviT3c2uCU0Fz4JiC5D6zN0_AK0plQG3zDmdg4eI1xZR5mbIW0D-qgwuZylDz5LsqtDIt6-udYVHF-ROic23olv-i5Xpjw806z5DSseTEBJuECtR_eWGUm4syPXemBgvHQHrvIpVlWjlfTjAmHajEmRLqlZtgm29lZMHCYl6ExEDAwiLcARTjvQTT_w8x2XLZAx-RamVqebYunxxl0gR75qzBGKfLKP6Bkm7Ln7prMflY-TG7DmOfBPoykdcl8bvIxmrAk5KPBWnpk4uK9r0fQP3yMSb36eXkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpstzMxzZYTEPNvUgAfbgojwCsme0rFczfHi3YgBwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTTAU_QvS4pEUYMfpF1cApNY0ZjXqtJxPWPGwdnq73WxlyJOJ-n9agPeTnRxT2UDuDlyZC65DThCoFe85DdqhywH4hGeI3HCWR81d8NO2w_iS0MD8jjpnFXwHS33u8Qf8aDRnGtj00j3vyKic6Z7YrKvvcihVMnakzPzSWouBC6CzAUd0TEcWgERn-k3b0soX60vu_NcQLxOQYm5m49lH82QdcUjh0DyXqz28osufPt72G0Ev0FH0HNhsiOBGE7bGoyA0yB7MDKaqz3M_K2FUjZbFPwDiCABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliRr4u-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_ieY5aBLHFJGG2jXw2RxHcM8-dQ%26client%3Dca-pub-8143997951991795%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash fd0af5453f61b74af5ca7033b8374342c12622cabbc5d4343bf9b1991f1328cb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 02:11:25 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=lsq2-ji5Xv7oah-bN3tsstgAIP_2bNsDWYp9VXLm_wmn57tomteCF5KSUUHPkICOdX8x44TLdPoZRwjzhn34usjJq3a7_WvQGNqMSREnJBI3d5EHN7qdq_dVQeNen8tTV3QGF49U1ZJBwyhm57bb5PfQ0Tl_ZlNjAtj0KynghnFvNfrLwjrYY0ybqmylplEHCmjSGtzY3QO9n-C_BhPMhxXVS1IyDk-N-wMTmmChH04GD6--cOgy7ms_UF8dl4xj_Hta1Q"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 60622764 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 3201	3 KB 1 KB	25ms 22ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 14967 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 3201	20 KB 8 KB	22ms 20ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 19754 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 3201	202 KB 64 KB	246ms 244ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 09 Dec 2023 02:11:25 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame EFC2	2 KB 822 B	227ms 226ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:55:12 GMT content-encoding br x-content-type-options nosniff age 26173 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:55:12 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame EFC2	24 KB 9 KB	231ms 230ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:54:43 GMT content-encoding br x-content-type-options nosniff age 26202 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:54:43 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame EFC2	3 KB 1 KB	234ms 234ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 14967 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame EFC2	20 KB 8 KB	233ms 233ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 19754 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame EFC2	204 KB 64 KB	237ms 236ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d3470dc8af1dd6fc8b6c59a0a3d3632969c68fe410cf5c9530e253a3b7327e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65597 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702058669129730" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 09 Dec 2023 02:11:26 GMT
GET H2	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame EFC2	37 KB 15 KB	226ms 225ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 06 Dec 2023 04:32:39 GMT content-encoding gzip x-content-type-options nosniff age 250726 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Wed, 06 Dec 2023 04:10:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 05 Mar 2024 04:32:39 GMT
GET H2	200	css fonts.googleapis.com/ Frame 4AEB	14 KB 1 KB	225ms 225ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 09 Dec 2023 02:11:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 09 Dec 2023 01:17:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 09 Dec 2023 02:11:25 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4AEB	2 KB 822 B	236ms 236ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:55:12 GMT content-encoding br x-content-type-options nosniff age 26174 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:55:12 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 4AEB	24 KB 9 KB	235ms 235ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:54:43 GMT content-encoding br x-content-type-options nosniff age 26203 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 18:54:43 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4AEB	3 KB 1 KB	242ms 242ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 14968 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4AEB	20 KB 8 KB	236ms 236ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 19755 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 4AEB	202 KB 64 KB	269ms 268ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 09 Dec 2023 02:11:26 GMT
GET H2	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame 4AEB	37 KB 15 KB	223ms 222ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 06 Dec 2023 04:32:39 GMT content-encoding gzip x-content-type-options nosniff age 250727 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Wed, 06 Dec 2023 04:10:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 05 Mar 2024 04:32:39 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/13661577449739120370/ Frame 4AEB	22 KB 22 KB	243ms 243ms	Image image/jpeg	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/13661577449739120370/14763004658117789537?w=400&h=209&tw=1&q=75 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1c25e3e0f12db2fc1d34a386d884220fd7105aa4deaeaff2d908973f6e69620c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 23:00:39 GMT x-content-type-options nosniff age 11447 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22813 x-xss-protection 0 last-modified Fri, 01 Dec 2023 15:43:47 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 07 Dec 2024 23:00:39 GMT
GET DATA	200 OK	truncated / Frame 4AEB	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 4AEB	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame A4DF	13 KB 5 KB	228ms 228ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://biodoma.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 10072 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:23:34 GMT expires Sat, 07 Dec 2024 23:23:34 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 6DF7	829 B 1 KB	275ms 32ms	Document text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 0be32052842d1056e2f1ad58953371e252fa0e51d286c96f4f329b3b61700b77 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Z51we7H6_XTRfQ-pGfVGkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://biodoma.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-Z51we7H6_XTRfQ-pGfVGkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 02:11:26 GMT expires Sat, 09 Dec 2023 02:11:26 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 06EF	42 B 63 B	61ms 56ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANtUZBynRROZyMomZdStEq_eDKy183fZ7-THdlfv8Wo1CJSoLp5wZIo0ZNh_ygoBQSh8_IQysL-qiPaDMpCAIxKujwTjtZOX6972thTagp1HcnRl0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 06EF	3 KB 1 KB	28ms 24ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 14968 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 06EF	20 KB 8 KB	29ms 25ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 19755 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 06EF	202 KB 64 KB	88ms 84ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 09 Dec 2023 02:11:26 GMT
GET H2	200	dr Show response as.ad4m.at/ad/ Frame DA11	2 KB 3 KB	110ms 44ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1gkpw0hmm0smbnatgph9ek4ha5dk79zx4yrprfxa5kp67x19ey3v5kah1frfj4d399dheh8dyr3t5gjm9sgc64xmq3jdjfsznfjr379we1c72gqmzx8reg27skvpax4zh4yp8n1n26cekxq6j3atsbzqrkd3xjrp4xg4bps0n1zsswt1a1rd2qwpqqgxhpc97pnd47rveqj62qmxvwwr7t2yqy58985bn44jyxcn17jbzbfmt52mt37sgzgmz713ht0zhdwcmvd4qhe6475vmb49rm1zwvj8rzaav83d1178qq633080eta5xny3s0bwekxgfprym566nsb6k05aw7ststr72b8vpxsw29sn0f003z5pby1306vf92jfbeamrqwsjqm20e057w5sa60ye5skjjwdde169bhq5qjx2gmx0246zr4r2xhnjec057k58wc0b10p84&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%26client%3Dca-pub-8143997951991795%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1506997177bbcb9c192007d97c9f3355f1600cc0c58a9ca62e2cf16156161ee0 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 8329b7a93af53831-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 02:11:26 GMT expires 0 nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} permissions-policy accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=() pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1821	3 KB 1 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 14968 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame B212	1 KB 643 B	23ms 23ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 19892 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 20:39:54 GMT etag 48472445140208031 expires Sat, 09 Dec 2023 20:39:54 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1821	20 KB 8 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 19755 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 1821	0 0	30ms 29ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRE9yMbRRDj0UEuHtqPv3nB5NG1TwImXN4HcwgjNdb7hqU2senM9_BkNN5mMhm8EqzWiLwA75lovh9HcEDeO2YtFm5CPQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 1821	202 KB 64 KB	154ms 153ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 09 Dec 2023 02:11:26 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 2771	624 B 242 B	65ms 64ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNXtfomXCxT2YwpVX0ZH-nLq197CHkYOjU_hilwL8I1u61zUUbt_1H545LduppFHxR0am7vGbX3ODRheLH4BGvvERLR1nS83h9y7cmmkTqzRq_qmlwBZW0tjYlZLEd6N7DE-61vOLIyXwt5oIMPHFok_H_KZ5RgsbtIsdn8DBE01poaKgUs Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 02:11:26 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 06EF	111 KB 39 KB	91ms 22ms	Script text/javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:51:26 GMT content-encoding gzip x-content-type-options nosniff age 22800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 09 Dec 2023 19:51:26 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 06EF	7 KB 3 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:08:09 GMT content-encoding br x-content-type-options nosniff age 25397 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3071 x-xss-protection 0 server cafe etag 10674441169935035545 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 19:08:09 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 06EF	24 KB 9 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:00:00 GMT content-encoding br x-content-type-options nosniff age 25886 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 19:00:00 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 06EF	41 KB 14 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:05:08 GMT content-encoding br x-content-type-options nosniff age 29178 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 18:05:08 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7DFE	42 B 63 B	58ms 57ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Do2A1rwep4P-PW6ovOJuVvh0YfzzMUT36n78ZSai7Wl1s_Hm4lF12iOZdvVOMFEMW0rZadIHkrDuVKZF_Y76FZdz4oiqZUMZjPRFY9j1hjIO4mlfw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 7DFE	3 KB 1 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 14968 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 7DFE	20 KB 8 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 19755 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 7DFE	0 0	29ms 29ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmSOz3dtMkXksMUPKfF3HYR5ONJ4z8HKBxR-GVdw0mfwWojrNQYs5DaXyuJM1zIPgJpOv6IKLFKGUNACZIHLAnl_kZ-A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 7DFE	202 KB 64 KB	82ms 82ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 09 Dec 2023 02:11:26 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 57B0	42 B 63 B	62ms 61ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DrkbydNDpSf2EhwLXcQ-WduocLI2-vernPVror-I6CMadClyDduhemXYzAeWP554qkNVcztc69xSYQUphm5uAeYLjHNHOoC1qXOy-yPSnsnT2VJ-4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 57B0	3 KB 1 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:58 GMT content-encoding br x-content-type-options nosniff age 14968 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 22:01:58 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 57B0	20 KB 8 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 20:42:11 GMT content-encoding br x-content-type-options nosniff age 19755 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8581 x-xss-protection 0 server cafe etag 5638635208567908330 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 20:42:11 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 57B0	0 0	33ms 30ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkbGrGDj9-9nvnfC7rjMxQrQA2x0VoDf_5rLWYTC9OF89ac-u72uI1z93ogg6Mu_0Ho9_29Qs4SqJlwEZFUSeHIQvs7Q Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 57B0	202 KB 64 KB	124ms 124ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65145 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1701866768669483" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 09 Dec 2023 02:11:26 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 0EBA	1 KB 643 B	24ms 23ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 19892 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 20:39:54 GMT etag 48472445140208031 expires Sat, 09 Dec 2023 20:39:54 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 2213	624 B 242 B	113ms 112ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNVC8W2J0OhmTEJZUVn1owbSRB5blbu5YDdHyF4M3_ZrXvy1KW_fWMMryGhq3FEJLxznrAGcGLKaYK7Wrc6khCX-hTpJ7zBP2Skic0XHf-Vo5SXXwrvYVdR4jun_kn_mqwIxYD9USE8p-LqzJthDeEAJxkpyxktMeDzK6Ivzmn9jNvoTDu4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 02:11:26 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 7DFE	111 KB 39 KB	58ms 48ms	Script text/javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:51:26 GMT content-encoding gzip x-content-type-options nosniff age 22800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 09 Dec 2023 19:51:26 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 7DFE	7 KB 3 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:08:09 GMT content-encoding br x-content-type-options nosniff age 25397 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3071 x-xss-protection 0 server cafe etag 10674441169935035545 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 19:08:09 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 7DFE	24 KB 9 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:00:00 GMT content-encoding br x-content-type-options nosniff age 25886 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 19:00:00 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 7DFE	41 KB 14 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:05:08 GMT content-encoding br x-content-type-options nosniff age 29178 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 18:05:08 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame C874	1 KB 643 B	25ms 25ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 19892 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 20:39:54 GMT etag 48472445140208031 expires Sat, 09 Dec 2023 20:39:54 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame F63A	624 B 242 B	158ms 158ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNWEZdOaHbmzqiFtzumDYbAY-GolO4LZ0UHiL2ZUOGT14CRVlcr4vRES_tS0OqXHIcTf1CyAzwn6Q8t03WhEp13zPlaHPRuam4Af34SzW7RVwI_RG-1f5ScKVyBcWPsKSMVrRyj_pwfiEaerOO39bhjf0AWKl2dLRW6Xyr2uCF3YRx9MKWw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 02:11:26 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 57B0	111 KB 39 KB	63ms 63ms	Script text/javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:51:26 GMT content-encoding gzip x-content-type-options nosniff age 22800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 09 Dec 2023 19:51:26 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 57B0	7 KB 3 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:08:09 GMT content-encoding br x-content-type-options nosniff age 25397 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3071 x-xss-protection 0 server cafe etag 10674441169935035545 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 19:08:09 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 57B0	24 KB 9 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 19:00:00 GMT content-encoding br x-content-type-options nosniff age 25886 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9318 x-xss-protection 0 server cafe etag 3562968281324141506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 22 Dec 2023 19:00:00 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 57B0	41 KB 14 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:05:08 GMT content-encoding br x-content-type-options nosniff age 29178 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 18:05:08 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 6B1A	1 KB 643 B	26ms 26ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 19892 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 20:39:54 GMT etag 48472445140208031 expires Sat, 09 Dec 2023 20:39:54 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 2771 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1	43 B 340 B	47ms 47ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNXtfomXCxT2YwpVX0ZH-nLq197CHkYOjU_hilwL8I1u61zUUbt_1H545LduppFHxR0am7vGbX3ODRheLH4BGvvERLR1nS83h9y7cmmkTqzRq_qmlwBZW0tjYlZLEd6N7DE-61vOLIyXwt5oIMPHFok_H_KZ5RgsbtIsdn8DBE01poaKgUs Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4dfn1GQ4%2FbKYnTGZO9DzsCYRwBR3dCZOK%2FTlNyK981VhPdj7f0gEtXoHSb01rd2%2Fr%2FRIIxM9138Nk5CLg%2F0WUd8h%2FmJalJl6VbrjO1Yy03BWimkPDa1FXgMywtMO8ALcojvAitFUf2p8A%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8329b7aa2e924504-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 2771 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXPMzv81LNRBM3E2DYCeSQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1	43 B 736 B	47ms 47ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNXtfomXCxT2YwpVX0ZH-nLq197CHkYOjU_hilwL8I1u61zUUbt_1H545LduppFHxR0am7vGbX3ODRheLH4BGvvERLR1nS83h9y7cmmkTqzRq_qmlwBZW0tjYlZLEd6N7DE-61vOLIyXwt5oIMPHFok_H_KZ5RgsbtIsdn8DBE01poaKgUs Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgF%2FPESN2Q0s9PD48IrLFG8%2BuCWgZnF4KwgeVnk9Mw0hyto4WHDpHrkfy1NKYBzvxQ%2FQOIM%2Fb6BuN4S3evuo%2BZ1vhXwULYBzZFRa6Z2o2z5Kov0qpUjSvkf7hR01q0OrAzj4FyOR1cU8NA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8329b7aabc904541-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame 2771 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEO8oXVA0I3HkjoqTHrqAipw&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO8oXVA0I3HkjoqTHrqAipw%26google_cver%3D1	43 B 889 B	47ms 46ms	Image image/gif	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO8oXVA0I3HkjoqTHrqAipw%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNXtfomXCxT2YwpVX0ZH-nLq197CHkYOjU_hilwL8I1u61zUUbt_1H545LduppFHxR0am7vGbX3ODRheLH4BGvvERLR1nS83h9y7cmmkTqzRq_qmlwBZW0tjYlZLEd6N7DE-61vOLIyXwt5oIMPHFok_H_KZ5RgsbtIsdn8DBE01poaKgUs Protocol H2 Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT an-x-request-uuid 7a2b8fc9-7267-40df-97a7-018539807bf9 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 217.114.218.24; 217.114.218.24; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT an-x-request-uuid 1c736850-04d3-414a-ab16-9595f5dab597 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO8oXVA0I3HkjoqTHrqAipw%26google_cver%3D1 cache-control no-store, no-cache, private x-proxy-origin 217.114.218.24; 217.114.218.24; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2771 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxNjU4NDQ3ODQ0MzIyNTY2	170 B 188 B	40ms 39ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxNjU4NDQ3ODQ0MzIyNTY2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNXtfomXCxT2YwpVX0ZH-nLq197CHkYOjU_hilwL8I1u61zUUbt_1H545LduppFHxR0am7vGbX3ODRheLH4BGvvERLR1nS83h9y7cmmkTqzRq_qmlwBZW0tjYlZLEd6N7DE-61vOLIyXwt5oIMPHFok_H_KZ5RgsbtIsdn8DBE01poaKgUs Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT an-x-request-uuid 7a6b7714-070c-41af-9774-f990d2688651 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxNjU4NDQ3ODQ0MzIyNTY2 x-proxy-origin 217.114.218.24; 217.114.218.24; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET DATA	200 OK	truncated / Frame 4AEB	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0d8c860d679cb4601f5b8bfa68b9fd343d178f1b23fdbd637e40f2a6ba430055 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 1821	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e814266883161d81e4f52e10d900ce551b3094dac06030d5611ac19c7ff7cfcf Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 06EF	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1053863a7f5fc2839673ae10ff6f3a5cfc8b34c78183cb7f072516845c081d1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 4AEB	33 KB 33 KB	24ms 23ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 06 Dec 2023 21:01:51 GMT x-content-type-options nosniff age 191375 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 05 Dec 2024 21:01:51 GMT
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 4AEB	15 KB 15 KB	33ms 32ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5825c88b68a498c8b3d8d34f0090a625f063a366c8f3cbebf51e7657623fb13b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 16:45:44 GMT x-content-type-options nosniff age 33942 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15352 x-xss-protection 0 last-modified Tue, 23 May 2023 16:34:46 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Dec 2024 16:45:44 GMT
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B212 Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA0Rbn3oMEnR7mbE4mb7ths&google_cver=1&google_push=AXcoOmQzKtF61BAziHX4aebrlqGW1UDZhyyH8B9FsE3gMSO64-Z1sV_e5MwW6T9pkvE5PFfp1z7aQJPNsFMOdV8j-hiTzY01cUCdIPRP https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI5NDU3MzU4MTUzNjM2NzAxOQ==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA0Rbn3oMEnR7mbE4mb7ths&google_cver=1	43 B 398 B	29ms 28ms	Image image/gif	2001:678:cb4:bbbb::11 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA0Rbn3oMEnR7mbE4mb7ths&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H2 Server 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sat, 09 Dec 2023 02:11:25 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEA0Rbn3oMEnR7mbE4mb7ths&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame B212 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELHIy9Gvo2wuoaJR2s3SkIs&google_push=AXcoOmRM3ZcnSPeE65FEAmsPhkLb1U7EcjApSRHyugXgktuKqK5-hDTMbY...	170 B 188 B	44ms 43ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELHIy9Gvo2wuoaJR2s3SkIs&google_push=AXcoOmRM3ZcnSPeE65FEAmsPhkLb1U7EcjApSRHyugXgktuKqK5-hDTMbYyq9WX71LVHQOI7GMnKE2uDAY6Il_g1kiReBeAc7ORXkWo5 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-cph2320045-CPH pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1702087886.435159,VS0,VE95 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELHIy9Gvo2wuoaJR2s3SkIs&google_push=AXcoOmRM3ZcnSPeE65FEAmsPhkLb1U7EcjApSRHyugXgktuKqK5-hDTMbYyq9WX71LVHQOI7GMnKE2uDAY6Il_g1kiReBeAc7ORXkWo5 cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H2	451	466606.gif id.rlcdn.com/ Frame B212	0 98 B	100ms 33ms	Image text/plain	35.244.174.68 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmRDjUTx74tT_7brnLxEWC10P3iO88I0R2MafCJuy8ZYjqzcmgRMgYwERpmAUjJCRfGxSmlgSaFb2vJdLLGgW29Xe6KdTSDLQrzs&google_gid=CAESEO1zXTbfE-CzpQaMzH4puDU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	sync x.bidswitch.net/ Frame B212	43 B 145 B	226ms 27ms	Image image/gif	18.197.244.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAQhJJ4yX6kKhoovWARMtF0&google_cver=1&google_push=AXcoOmRcDRvw712Abnxn4PO6VDs6bM-ujqmy94aLWIUrVDcFFXHk-foslICn9sJGaPJnrIPoLD0awfNiRvm0uJuNpu4YCShg4v6vrMRB Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.197.244.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-197-244-187.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame B212 Redirect Chain https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSp5hMP... https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSp5hMP... https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDkwMjExMjYwMDA4NDk1NTIwOTk1Mg%3D%3D&google_push=AXcoOmSp5hMPdboDyYWpFyzsg3HDI3_fpG7jvjbZSglcM_mSzmxNDc-nlUj1LoQC6xB-gF...	170 B 188 B	32ms 31ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDkwMjExMjYwMDA4NDk1NTIwOTk1Mg%3D%3D&google_push=AXcoOmSp5hMPdboDyYWpFyzsg3HDI3_fpG7jvjbZSglcM_mSzmxNDc-nlUj1LoQC6xB-gF8B_XyiaDWAjYMoV0F62m7H7iR1xwQRoHVB Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMDkwMjExMjYwMDA4NDk1NTIwOTk1Mg%3D%3D&google_push=AXcoOmSp5hMPdboDyYWpFyzsg3HDI3_fpG7jvjbZSglcM_mSzmxNDc-nlUj1LoQC6xB-gF8B_XyiaDWAjYMoV0F62m7H7iR1xwQRoHVB pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT cache-control max-age=0, no-cache, no-store strict-transport-security max-age=2628000 content-length 0 expires Sat, 09 Dec 2023 02:11:26 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame B212 Redirect Chain https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO7YTfRIaV63Q2JPk8ntTD0&google_cver=1&google_push=AXcoOmR6O6wMcSQujAR6DhT_-sgpTOtL1Wy8zEc-OpDjTNK5d5-UGY1t5ok8PKE1N4OjNL5qEmZKM2AQMc9p... https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR6O6wMcSQujAR6DhT_-sgpTOtL1Wy8zEc-OpDjTNK5d5-UGY1t5ok8PKE1N4OjNL5qEmZKM2AQMc9pOVN630U6WFxuGPwNe6PW	170 B 243 B	62ms 61ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR6O6wMcSQujAR6DhT_-sgpTOtL1Wy8zEc-OpDjTNK5d5-UGY1t5ok8PKE1N4OjNL5qEmZKM2AQMc9pOVN630U6WFxuGPwNe6PW Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H2 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR6O6wMcSQujAR6DhT_-sgpTOtL1Wy8zEc-OpDjTNK5d5-UGY1t5ok8PKE1N4OjNL5qEmZKM2AQMc9pOVN630U6WFxuGPwNe6PW strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
GET H2	200	report sync.teads.tv/um/ Frame B212 Redirect Chain https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHbplUe6rBL_... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSkTUcvXRvj705xhjM861iZKF2cTDuE_505ffyftX6TOvjDgGWSFB2zBR3pxSSQBqyXzQmW0PuHGZe6-JiyBCRTbsEZ3n1YXHujgg https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 163 B	77ms 77ms	Image image/gif	2.19.217.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H2 Server 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-217-101.deploy.static.akamaitechnologies.com Software pekko-http/1.0.0 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers expires Sat, 09 Dec 2023 02:11:26 GMT pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT cache-control max-age=0, no-cache, no-store server pekko-http/1.0.0 content-length 23 content-type image/gif Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame B212	0 49 B	120ms 70ms	Image text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IFWn_AyrCowKO3BuazDcQXXFtcmb2ABoBz74JHjwf1ymLO7wRXXgn7BBN1g6z0vH9SRsalmw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	default.css as.ad4m.at/ad/style/0.1.50/one-ad/ Frame DA11	115 KB 14 KB	32ms 31ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1gkpw0hmm0smbnatgph9ek4ha5dk79zx4yrprfxa5kp67x19ey3v5kah1frfj4d399dheh8dyr3t5gjm9sgc64xmq3jdjfsznfjr379we1c72gqmzx8reg27skvpax4zh4yp8n1n26cekxq6j3atsbzqrkd3xjrp4xg4bps0n1zsswt1a1rd2qwpqqgxhpc97pnd47rveqj62qmxvwwr7t2yqy58985bn44jyxcn17jbzbfmt52mt37sgzgmz713ht0zhdwcmvd4qhe6475vmb49rm1zwvj8rzaav83d1178qq633080eta5xny3s0bwekxgfprym566nsb6k05aw7ststr72b8vpxsw29sn0f003z5pby1306vf92jfbeamrqwsjqm20e057w5sa60ye5skjjwdde169bhq5qjx2gmx0246zr4r2xhnjec057k58wc0b10p84&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%26client%3Dca-pub-8143997951991795%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/dr?ed=1gkpw0hmm0smbnatgph9ek4ha5dk79zx4yrprfxa5kp67x19ey3v5kah1frfj4d399dheh8dyr3t5gjm9sgc64xmq3jdjfsznfjr379we1c72gqmzx8reg27skvpax4zh4yp8n1n26cekxq6j3atsbzqrkd3xjrp4xg4bps0n1zsswt1a1rd2qwpqqgxhpc97pnd47rveqj62qmxvwwr7t2yqy58985bn44jyxcn17jbzbfmt52mt37sgzgmz713ht0zhdwcmvd4qhe6475vmb49rm1zwvj8rzaav83d1178qq633080eta5xny3s0bwekxgfprym566nsb6k05aw7ststr72b8vpxsw29sn0f003z5pby1306vf92jfbeamrqwsjqm20e057w5sa60ye5skjjwdde169bhq5qjx2gmx0246zr4r2xhnjec057k58wc0b10p84&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%26client%3Dca-pub-8143997951991795%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2229003 cf-polished origSize=118430 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Thu, 02 Nov 2023 10:26:17 GMT server cloudflare etag W/"486507ccce9ac587d11c0ef3f32a109a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AYsK173XvjXIwR2iDyRAzkytyY5JMVzRF3naN5KoL4bRkXawvH2svNHdiDX3K%2B6GV4mazgjCcxauiQFcQzwTemsyAbKpw7vC%2Be23ue9Q4F0oYV0NEnALeBwLWbhNVZ32VvlrvPvZOU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=86400 cf-ray 8329b7a99b253831-FRA expires Sun, 10 Dec 2023 02:11:26 GMT
GET H2	200	r62eglto.js Show response ad4m.at/ Frame DA11	24 KB 10 KB	43ms 34ms	Script application/javascript	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/r62eglto.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1gkpw0hmm0smbnatgph9ek4ha5dk79zx4yrprfxa5kp67x19ey3v5kah1frfj4d399dheh8dyr3t5gjm9sgc64xmq3jdjfsznfjr379we1c72gqmzx8reg27skvpax4zh4yp8n1n26cekxq6j3atsbzqrkd3xjrp4xg4bps0n1zsswt1a1rd2qwpqqgxhpc97pnd47rveqj62qmxvwwr7t2yqy58985bn44jyxcn17jbzbfmt52mt37sgzgmz713ht0zhdwcmvd4qhe6475vmb49rm1zwvj8rzaav83d1178qq633080eta5xny3s0bwekxgfprym566nsb6k05aw7ststr72b8vpxsw29sn0f003z5pby1306vf92jfbeamrqwsjqm20e057w5sa60ye5skjjwdde169bhq5qjx2gmx0246zr4r2xhnjec057k58wc0b10p84&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%26client%3Dca-pub-8143997951991795%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 Nov 2023 09:14:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 233798 etag W/"aa3e81d21ff1f0e18f4862e53a794952" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vegP884m0yxOcy1cKVi8%2FfE5WPh%2FlfDf8xD%2BGLDxBGQsA%2BxqawGlF%2FdDbN6jn65uMd%2F3Uo%2FnY84gjwXmR0kQHedyl98l103JY7S1D8YaAHZfr5zQcYduzBIm%2BhKBEg8%2BOZWkzHg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 cf-ray 8329b7a9ab2e3831-FRA alt-svc h3=":443"; ma=86400 expires Wed, 06 Dec 2023 09:14:48 GMT
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame 569A	2 KB 1 KB	118ms 37ms	Image image/svg+xml	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXPMzAAPIgQK4CpbAAIBW_zwtaHGs_skTi1mSA&u=%7C5IhOIMvx3cIR3XRr3l0pUWxzPgkj%2FbvG8ijCDaSUeOs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-tDF6f8mMoGcMzrlX8TrBHbGRnRkDtz4mhTkQoRcoay2Lz696RF5Ah2r28vhCb5oEUhPtBBpHQgHP91dVQaywFRhBYUJXI4KZ0uthLLGt9TVJTcEnPP5n97X-_-oRDLDY3xL9gkhvGnL6BvKBqkWkHi8WM0OWvvwrbePTDK3CpP2rUc6TCXxicUid2ZQZefDdpim8j7Ut6kbA8NwUGpbKfYN2Z-CiyUDb9Bu7JJKhmn0EoLJlDmZzf4f79iIKn2A8nm5tPCEmpPIj6G-xBsliviT3c2uCU0Fz4JiC5D6zN0_AK0plQG3zDmdg4eI1xZR5mbIW0D-qgwuZylDz5LsqtDIt6-udYVHF-ROic23olv-i5Xpjw806z5DSseTEBJuECtR_eWGUm4syPXemBgvHQHrvIpVlWjlfTjAmHajEmRLqlZtgm29lZMHCYl6ExEDAwiLcARTjvQTT_w8x2XLZAx-RamVqebYunxxl0gR75qzBGKfLKP6Bkm7Ln7prMflY-TG7DmOfBPoykdcl8bvIxmrAk5KPBWnpk4uK9r0fQP3yMSb36eXkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpstzMxzZYTEPNvUgAfbgojwCsme0rFczfHi3YgBwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTTAU_QvS4pEUYMfpF1cApNY0ZjXqtJxPWPGwdnq73WxlyJOJ-n9agPeTnRxT2UDuDlyZC65DThCoFe85DdqhywH4hGeI3HCWR81d8NO2w_iS0MD8jjpnFXwHS33u8Qf8aDRnGtj00j3vyKic6Z7YrKvvcihVMnakzPzSWouBC6CzAUd0TEcWgERn-k3b0soX60vu_NcQLxOQYm5m49lH82QdcUjh0DyXqz28osufPt72G0Ev0FH0HNhsiOBGE7bGoyA0yB7MDKaqz3M_K2FUjZbFPwDiCABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliRr4u-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_ieY5aBLHFJGG2jXw2RxHcM8-dQ%26client%3Dca-pub-8143997951991795%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 03 Dec 2024 02:11:26 GMT
GET H2	200	adchoices_de.svg static.criteo.net/flash/icon/ Frame 569A	2 KB 1 KB	119ms 38ms	Image image/svg+xml	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_de.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXPMzAAPIgQK4CpbAAIBW_zwtaHGs_skTi1mSA&u=%7C5IhOIMvx3cIR3XRr3l0pUWxzPgkj%2FbvG8ijCDaSUeOs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-tDF6f8mMoGcMzrlX8TrBHbGRnRkDtz4mhTkQoRcoay2Lz696RF5Ah2r28vhCb5oEUhPtBBpHQgHP91dVQaywFRhBYUJXI4KZ0uthLLGt9TVJTcEnPP5n97X-_-oRDLDY3xL9gkhvGnL6BvKBqkWkHi8WM0OWvvwrbePTDK3CpP2rUc6TCXxicUid2ZQZefDdpim8j7Ut6kbA8NwUGpbKfYN2Z-CiyUDb9Bu7JJKhmn0EoLJlDmZzf4f79iIKn2A8nm5tPCEmpPIj6G-xBsliviT3c2uCU0Fz4JiC5D6zN0_AK0plQG3zDmdg4eI1xZR5mbIW0D-qgwuZylDz5LsqtDIt6-udYVHF-ROic23olv-i5Xpjw806z5DSseTEBJuECtR_eWGUm4syPXemBgvHQHrvIpVlWjlfTjAmHajEmRLqlZtgm29lZMHCYl6ExEDAwiLcARTjvQTT_w8x2XLZAx-RamVqebYunxxl0gR75qzBGKfLKP6Bkm7Ln7prMflY-TG7DmOfBPoykdcl8bvIxmrAk5KPBWnpk4uK9r0fQP3yMSb36eXkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpstzMxzZYTEPNvUgAfbgojwCsme0rFczfHi3YgBwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTTAU_QvS4pEUYMfpF1cApNY0ZjXqtJxPWPGwdnq73WxlyJOJ-n9agPeTnRxT2UDuDlyZC65DThCoFe85DdqhywH4hGeI3HCWR81d8NO2w_iS0MD8jjpnFXwHS33u8Qf8aDRnGtj00j3vyKic6Z7YrKvvcihVMnakzPzSWouBC6CzAUd0TEcWgERn-k3b0soX60vu_NcQLxOQYm5m49lH82QdcUjh0DyXqz28osufPt72G0Ev0FH0HNhsiOBGE7bGoyA0yB7MDKaqz3M_K2FUjZbFPwDiCABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliRr4u-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_ieY5aBLHFJGG2jXw2RxHcM8-dQ%26client%3Dca-pub-8143997951991795%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-763" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 03 Dec 2024 02:11:26 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame 569A	308 B 636 B	90ms 41ms	Image image/svg+xml	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXPMzAAPIgQK4CpbAAIBW_zwtaHGs_skTi1mSA&u=%7C5IhOIMvx3cIR3XRr3l0pUWxzPgkj%2FbvG8ijCDaSUeOs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-tDF6f8mMoGcMzrlX8TrBHbGRnRkDtz4mhTkQoRcoay2Lz696RF5Ah2r28vhCb5oEUhPtBBpHQgHP91dVQaywFRhBYUJXI4KZ0uthLLGt9TVJTcEnPP5n97X-_-oRDLDY3xL9gkhvGnL6BvKBqkWkHi8WM0OWvvwrbePTDK3CpP2rUc6TCXxicUid2ZQZefDdpim8j7Ut6kbA8NwUGpbKfYN2Z-CiyUDb9Bu7JJKhmn0EoLJlDmZzf4f79iIKn2A8nm5tPCEmpPIj6G-xBsliviT3c2uCU0Fz4JiC5D6zN0_AK0plQG3zDmdg4eI1xZR5mbIW0D-qgwuZylDz5LsqtDIt6-udYVHF-ROic23olv-i5Xpjw806z5DSseTEBJuECtR_eWGUm4syPXemBgvHQHrvIpVlWjlfTjAmHajEmRLqlZtgm29lZMHCYl6ExEDAwiLcARTjvQTT_w8x2XLZAx-RamVqebYunxxl0gR75qzBGKfLKP6Bkm7Ln7prMflY-TG7DmOfBPoykdcl8bvIxmrAk5KPBWnpk4uK9r0fQP3yMSb36eXkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpstzMxzZYTEPNvUgAfbgojwCsme0rFczfHi3YgBwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTTAU_QvS4pEUYMfpF1cApNY0ZjXqtJxPWPGwdnq73WxlyJOJ-n9agPeTnRxT2UDuDlyZC65DThCoFe85DdqhywH4hGeI3HCWR81d8NO2w_iS0MD8jjpnFXwHS33u8Qf8aDRnGtj00j3vyKic6Z7YrKvvcihVMnakzPzSWouBC6CzAUd0TEcWgERn-k3b0soX60vu_NcQLxOQYm5m49lH82QdcUjh0DyXqz28osufPt72G0Ev0FH0HNhsiOBGE7bGoyA0yB7MDKaqz3M_K2FUjZbFPwDiCABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliRr4u-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_ieY5aBLHFJGG2jXw2RxHcM8-dQ%26client%3Dca-pub-8143997951991795%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Tue, 03 Dec 2024 02:11:26 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame 569A	293 B 621 B	89ms 39ms	Image image/svg+xml	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXPMzAAPIgQK4CpbAAIBW_zwtaHGs_skTi1mSA&u=%7C5IhOIMvx3cIR3XRr3l0pUWxzPgkj%2FbvG8ijCDaSUeOs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-tDF6f8mMoGcMzrlX8TrBHbGRnRkDtz4mhTkQoRcoay2Lz696RF5Ah2r28vhCb5oEUhPtBBpHQgHP91dVQaywFRhBYUJXI4KZ0uthLLGt9TVJTcEnPP5n97X-_-oRDLDY3xL9gkhvGnL6BvKBqkWkHi8WM0OWvvwrbePTDK3CpP2rUc6TCXxicUid2ZQZefDdpim8j7Ut6kbA8NwUGpbKfYN2Z-CiyUDb9Bu7JJKhmn0EoLJlDmZzf4f79iIKn2A8nm5tPCEmpPIj6G-xBsliviT3c2uCU0Fz4JiC5D6zN0_AK0plQG3zDmdg4eI1xZR5mbIW0D-qgwuZylDz5LsqtDIt6-udYVHF-ROic23olv-i5Xpjw806z5DSseTEBJuECtR_eWGUm4syPXemBgvHQHrvIpVlWjlfTjAmHajEmRLqlZtgm29lZMHCYl6ExEDAwiLcARTjvQTT_w8x2XLZAx-RamVqebYunxxl0gR75qzBGKfLKP6Bkm7Ln7prMflY-TG7DmOfBPoykdcl8bvIxmrAk5KPBWnpk4uK9r0fQP3yMSb36eXkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpstzMxzZYTEPNvUgAfbgojwCsme0rFczfHi3YgBwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTTAU_QvS4pEUYMfpF1cApNY0ZjXqtJxPWPGwdnq73WxlyJOJ-n9agPeTnRxT2UDuDlyZC65DThCoFe85DdqhywH4hGeI3HCWR81d8NO2w_iS0MD8jjpnFXwHS33u8Qf8aDRnGtj00j3vyKic6Z7YrKvvcihVMnakzPzSWouBC6CzAUd0TEcWgERn-k3b0soX60vu_NcQLxOQYm5m49lH82QdcUjh0DyXqz28osufPt72G0Ev0FH0HNhsiOBGE7bGoyA0yB7MDKaqz3M_K2FUjZbFPwDiCABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliRr4u-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_ieY5aBLHFJGG2jXw2RxHcM8-dQ%26client%3Dca-pub-8143997951991795%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Tue, 03 Dec 2024 02:11:26 GMT
GET H2	200	lg.php cat.nl3.eu.criteo.com/delivery/ Frame 569A	43 B 348 B	111ms 32ms	Image image/gif	178.250.1.6 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=vmAKUN6CE6D-1zVCyUDLT1rTLHThtvym818XjyP_cAzl0s0Bk2G5V7pNK0vMHYf8IvFhN5LRqO7Xbn9tV-tIPkqHBAEClVbCzPm0DuZWKTIOHhD5rqeGrHtKelwfBsa8C_7wc7jXeL5eMLClR3PFGZQlv3CyZwNn_lR-UmBf-mUl-tFxc_pNLfn-qRiwjmapx-gibDdRgj1hBvZxkuKs36sFCD2IkOIJgdl8H9hEFLQVSA2JxscVtxj2UK72e1dHB-imHThpg9xYR2Z9GIhKKKNb6o1jpquQgUyf4LO1DCH4qFc8KtNE9i2g1lVCFcMwkKlb1Fv-Z9HM-M_CWWRJV1euos7xI2-1Z5bXfqO5T5TtKkcdAz1v8a0jYOW_lM3x6VMfzdiAywrGl3EeGbUs6JQfABTIdbvEchSX_7dJziCmCtCTQaTm8m_1-9r_03UIjUuyhA Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXPMzAAPIgQK4CpbAAIBW_zwtaHGs_skTi1mSA&u=%7C5IhOIMvx3cIR3XRr3l0pUWxzPgkj%2FbvG8ijCDaSUeOs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-tDF6f8mMoGcMzrlX8TrBHbGRnRkDtz4mhTkQoRcoay2Lz696RF5Ah2r28vhCb5oEUhPtBBpHQgHP91dVQaywFRhBYUJXI4KZ0uthLLGt9TVJTcEnPP5n97X-_-oRDLDY3xL9gkhvGnL6BvKBqkWkHi8WM0OWvvwrbePTDK3CpP2rUc6TCXxicUid2ZQZefDdpim8j7Ut6kbA8NwUGpbKfYN2Z-CiyUDb9Bu7JJKhmn0EoLJlDmZzf4f79iIKn2A8nm5tPCEmpPIj6G-xBsliviT3c2uCU0Fz4JiC5D6zN0_AK0plQG3zDmdg4eI1xZR5mbIW0D-qgwuZylDz5LsqtDIt6-udYVHF-ROic23olv-i5Xpjw806z5DSseTEBJuECtR_eWGUm4syPXemBgvHQHrvIpVlWjlfTjAmHajEmRLqlZtgm29lZMHCYl6ExEDAwiLcARTjvQTT_w8x2XLZAx-RamVqebYunxxl0gR75qzBGKfLKP6Bkm7Ln7prMflY-TG7DmOfBPoykdcl8bvIxmrAk5KPBWnpk4uK9r0fQP3yMSb36eXkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpstzMxzZYTEPNvUgAfbgojwCsme0rFczfHi3YgBwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTTAU_QvS4pEUYMfpF1cApNY0ZjXqtJxPWPGwdnq73WxlyJOJ-n9agPeTnRxT2UDuDlyZC65DThCoFe85DdqhywH4hGeI3HCWR81d8NO2w_iS0MD8jjpnFXwHS33u8Qf8aDRnGtj00j3vyKic6Z7YrKvvcihVMnakzPzSWouBC6CzAUd0TEcWgERn-k3b0soX60vu_NcQLxOQYm5m49lH82QdcUjh0DyXqz28osufPt72G0Ev0FH0HNhsiOBGE7bGoyA0yB7MDKaqz3M_K2FUjZbFPwDiCABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliRr4u-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_ieY5aBLHFJGG2jXw2RxHcM8-dQ%26client%3Dca-pub-8143997951991795%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 2176136 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	shopping encrypted-tbn2.gstatic.com/ Frame EFC2	28 KB 29 KB	100ms 24ms	Image image/jpeg	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRfL3rq18n9KAN47vssaSeXbg26Mozm1-W6w1Bzr-JaWh1R5xoxY-M_wbNvJg&usqp=CAI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Tue, 05 Dec 2023 19:50:49 GMT x-content-type-options nosniff age 282037 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28680 x-xss-protection 0 last-modified Tue, 02 Jan 2024 08:02:34 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Wed, 04 Dec 2024 19:50:49 GMT
GET H2	200	shopping encrypted-tbn3.gstatic.com/ Frame EFC2	19 KB 20 KB	91ms 23ms	Image image/jpeg	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQC21pg6-ou2qV7vmW3SKpXIsF4A7C5P8IZb9tHa905MLIFfYzV3mU0VguTsQ&usqp=CAI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 82b91c403bb4593185c877340c69d6b279f57903e9ebeffac57536b748058d5e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Wed, 06 Dec 2023 17:10:39 GMT x-content-type-options nosniff age 205247 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19478 x-xss-protection 0 last-modified Tue, 02 Jan 2024 05:18:55 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Thu, 05 Dec 2024 17:10:39 GMT
GET H3	200	9582802623576457529 tpc.googlesyndication.com/simgad/ Frame EFC2 Redirect Chain https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOD50ZrARhDMBBiTATII7iDqJ_SHFYM https://tpc.googlesyndication.com/simgad/9582802623576457529	8 KB 8 KB	24ms 23ms	Image image/jpeg	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/9582802623576457529 Protocol H3 Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b484baff6b012cc823568d095cdb50a81ec0e32759264b2a094353d92a5380bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 13:40:45 GMT x-content-type-options nosniff age 45041 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7848 x-xss-protection 0 last-modified Thu, 26 Oct 2023 17:44:38 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 07 Dec 2024 13:40:45 GMT Redirect headers date Sat, 09 Dec 2023 01:30:23 GMT x-content-type-options nosniff server cafe age 2463 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://tpc.googlesyndication.com/simgad/9582802623576457529 content-type text/html; charset=UTF-8 cache-control public, max-age=2592000 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 08 Jan 2024 01:30:23 GMT
GET DATA	200 OK	truncated / Frame EFC2	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5cb43e44b0f4f56ebd8fdd2bfe5c0f98c744ec4c7582ca7828a167634e7470a9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame B148	38 KB 13 KB	24ms 22ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 320401 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 05 Dec 2023 09:11:25 GMT expires Wed, 04 Dec 2024 09:11:25 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 6DF7	0 0	59ms 58ms	Image text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=809912790101252&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H3	200	a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response pagead2.googlesyndication.com/bg/ Frame 7B1D	50 KB 19 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:18 GMT content-encoding br x-content-type-options nosniff age 367328 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19601 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 03 Dec 2024 20:09:18 GMT
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame A4DF	39 KB 15 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:59 GMT content-encoding br x-content-type-options nosniff age 14967 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:01:59 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame 0EBA	35 B 463 B	87ms 24ms	Image image/gif	2620:116:800d:21:5ed4:8d5d:fed7:f5ef AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIH214h1XX6zjUaw6gULPOE&google_cver=1&google_push=AXcoOmQAy2zbwX9fBX-XaFF5SPOK1zjx04U_KPK23rW2cWcjJ2qBe9LrvJb2ZhU9g5qbZKN17ku53w5Z71dO5iudoIhDRcgDpnam1Rtj Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 0EBA Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESELTT_GNjC-1HnemwtISejLo&google_cver=1&google_push=AXcoOmT43SC_O-xwnZcrfVdYGOr-OcUw0zhC3s9thfPqtm4CWeisUgE9ZGtFhoKkrqXrt1cwdjk_2_pQ3TIukigp71H1PBHdHUbZ_54Y https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ABC1AF80A1684413A1151D60FCDF8153&google_push=AXcoOmT43SC_O-xwnZcrfVdYGOr-OcUw0zhC3s9thfPqtm4CWeisUgE9ZGtFhoKkrqXrt1cwdjk_2_pQ3TIukig...	170 B 188 B	45ms 43ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ABC1AF80A1684413A1151D60FCDF8153&google_push=AXcoOmT43SC_O-xwnZcrfVdYGOr-OcUw0zhC3s9thfPqtm4CWeisUgE9ZGtFhoKkrqXrt1cwdjk_2_pQ3TIukigp71H1PBHdHUbZ_54Y Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ABC1AF80A1684413A1151D60FCDF8153&google_push=AXcoOmT43SC_O-xwnZcrfVdYGOr-OcUw0zhC3s9thfPqtm4CWeisUgE9ZGtFhoKkrqXrt1cwdjk_2_pQ3TIukigp71H1PBHdHUbZ_54Y access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 08 Dec 2023 02:11:26 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame 0EBA	70 B 149 B	151ms 48ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEA8kpi-orOasit6lT4JNp1k&google_cver=1&google_push=AXcoOmQxJIhLsrBtNpiIE7By1MR8W7wz3P15dpL2SoYyyLvuSSXZ8S9bvlMHkm0Kgsn1UPWlPAI7sjmzQZobG-AgnsA-8KgvYzC0n3I Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT server Kestrel content-length 70 content-type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame 0EBA Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFgUnkJeXSQXKqvrkWUpz8Q&google_cver=1&google_push=AXcoOmS1iZQh33_PY0Rh98UZw2MPmzuFuUCw6faIe2k8Y5SqjhzL3eAmEvyAlnYdfsdjhy44wMIk_10P0N7... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS1iZQh33_PY0Rh98UZw2MPmzuFuUCw6faIe2k8Y5SqjhzL3eAmEvyAlnYdfsdjhy44wMIk_10P0N7HCwwgdFtGJ1vsuKuqBXo&google_hm=OHxGNk_WTyOUwIS-X...	170 B 188 B	38ms 36ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS1iZQh33_PY0Rh98UZw2MPmzuFuUCw6faIe2k8Y5SqjhzL3eAmEvyAlnYdfsdjhy44wMIk_10P0N7HCwwgdFtGJ1vsuKuqBXo&google_hm=OHxGNk_WTyOUwIS-XgxVSxg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS1iZQh33_PY0Rh98UZw2MPmzuFuUCw6faIe2k8Y5SqjhzL3eAmEvyAlnYdfsdjhy44wMIk_10P0N7HCwwgdFtGJ1vsuKuqBXo&google_hm=OHxGNk_WTyOUwIS-XgxVSxg content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame 0EBA	0 119 B	105ms 33ms	Image text/plain	34.96.105.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPo3Py4pfAbxeY_M1prHg3U&google_cver=1&google_push=AXcoOmRCXPvjWlY9vOBpiXXl00doNDqqu0xoat6rxaRK9pjl9FUiMaAkz_aACL5N_E5iLxYavLC86mEnjfmKwEQXoeTKlWqA_uTEOx8 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	pixel cm.g.doubleclick.net/ Frame 0EBA Redirect Chain https://d5p.de17a.com/cookies/google?google_gid=CAESEIDxDX0sHaiJ3-Ve7GB7ehw&google_cver=1&google_push=AXcoOmSA9cPU-vjVo7fZ3oELyB30WTn56aqZRB1yEGvFDrQeycQ4ZOhEMIygdF3TWXoB-DAAFO3FY7ve-_FwaJmCTAZNdfZ... https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIDxDX0sHaiJ3-Ve7GB7ehw&google_cver=1&google_push=AXcoOmSA9cPU-vjVo7fZ3oELyB30WTn56aqZRB1yEGvFDrQeycQ4ZOhEMIygdF3TWXoB-DAAFO3FY7ve-_FwaJmCTAZNd... https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSA9cPU-vjVo7fZ3oELyB30WTn56aqZRB1yEGvFDrQeycQ4ZOhEMIygdF3TWXoB-DAAFO3FY7ve-_FwaJmCTAZNdfZRU-mo0sMT	170 B 188 B	42ms 42ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSA9cPU-vjVo7fZ3oELyB30WTn56aqZRB1yEGvFDrQeycQ4ZOhEMIygdF3TWXoB-DAAFO3FY7ve-_FwaJmCTAZNdfZRU-mo0sMT Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSA9cPU-vjVo7fZ3oELyB30WTn56aqZRB1yEGvFDrQeycQ4ZOhEMIygdF3TWXoB-DAAFO3FY7ve-_FwaJmCTAZNdfZRU-mo0sMT content-length 0 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H3	200	pixel cm.g.doubleclick.net/ Frame 0EBA Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGr3Ff71TTQdS3plyFkSdno&google_cver=1&google_push=AXcoOmSUuw6HkrXQKrEwW-NIp67ph2Js04UBmut0gmNB4G8WTYT26ZUweI2e7LT1XtXkj-_aay6TRPXr... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGr3Ff71TTQdS3plyFkSdno&google_cver=1&google_push=AXcoOmSUuw6HkrXQKrEwW-NIp67ph2Js04UBmut0gmNB4G8WTYT26ZUweI2e7LT1XtXkj-_aay6... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODU5Njg0ODc0Mzc3MjExNzcyNw&google_push=AXcoOmSUuw6HkrXQKrEwW-NIp67ph2Js04UBmut0gmNB4G8WTYT26ZUweI2e7LT1XtXkj-_aay6TRP...	170 B 188 B	43ms 43ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODU5Njg0ODc0Mzc3MjExNzcyNw&google_push=AXcoOmSUuw6HkrXQKrEwW-NIp67ph2Js04UBmut0gmNB4G8WTYT26ZUweI2e7LT1XtXkj-_aay6TRPXr1ledYTjVupl5ZqbvaYHDUsz0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODU5Njg0ODc0Mzc3MjExNzcyNw&google_push=AXcoOmSUuw6HkrXQKrEwW-NIp67ph2Js04UBmut0gmNB4G8WTYT26ZUweI2e7LT1XtXkj-_aay6TRPXr1ledYTjVupl5ZqbvaYHDUsz0 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 0EBA	0 50 B	60ms 57ms	Image text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jcnf1sDuNb0e2aJxJJOl08xpF5EDcGhYWf539EvBRXtde4T0oG-gkG8FBlW23LjzxTrGnY Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3324746307&pi=t.aa~a.3843686183~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280&nras=5&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=2150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET DATA	200 OK	truncated / Frame 57B0	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2696e083f7124f1c2782aef8fb1b98cd0b8e3dfc4b20804578131eab8ce0a6ef Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 7DFE	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 186ce0a34b2a7ffa2904c674529be37f08a246d3ba02759bdc1cba7b027e03b5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame EFC2 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CUwOZzMxzZYXEPNvUgAfbgojwCqn_oNB0vor4m_ARo56d6v9AEAEgu_rtEWCVgoCAsAegAeiv7IgDyAEJqQJiLYh_9w6yPqgDAcgDywSqBOQBT9D67pneETog8cIGrxja_fUqfxRbXuzTi_U... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229352755905764983891%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%2...	0 0	62ms 62ms	Fetch text/css	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229352755905764983891%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216678706917203188081%22}&andc=true Protocol H3 Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"9352755905764983891","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"16678706917203188081"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 09 Dec 2023 02:11:26 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9352755905764983891","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"16678706917203188081"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame A082	38 KB 13 KB	23ms 23ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 320401 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 05 Dec 2023 09:11:25 GMT expires Wed, 04 Dec 2024 09:11:25 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 4AEB Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CberyzMxzZYbEPNvUgAfbgojwCu6Pi8p0tOaXps4Sp9WMqOpBEAEgu_rtEWCVgoCAsAegAYOsjaoqyAEJqQJiLYh_9w6yPqgDAcgDywSqBOwBT9BqaAwF6K4E-tZUYDNOidvOBUqbnrRht4r... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22783498413115066715%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:%2...	0 0	61ms 61ms	Fetch text/css	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22783498413115066715%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211362588163%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22386343309578812865%22}&andc=true Protocol H3 Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"783498413115066715","debug_reporting":true,"destination":"https://novapost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11362588163"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"386343309578812865"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 09 Dec 2023 02:11:26 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"783498413115066715","debug_reporting":true,"destination":"https://novapost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11362588163"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"386343309578812865"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	i.match s.tribalfusion.com/z/ Frame C874 Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEBdGk5YCUbBzlvOQb2gV9dc&google_cver=1&google_push=AXcoOmSVWIEWpB-PwlNsLBXai4D3VPqcvkxfyVNRBofO_6O7WJjdb6epUfbCAnA5ZZbYVqGw3uX57QocUvAu-0dFO0gfKOLI4atdv... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBdGk5YCUbBzlvOQb2gV9dc&google_cver=1&google_push=AXcoOmSVWIEWpB-PwlNsLBXai4D3VPqcvkxfyVNRBofO_6O7WJjdb6epUfbCAnA5ZZbYVqGw3uX57QocUvAu-0dFO0gfKOLI4at...	43 B 426 B	186ms 182ms	Image image/gif	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBdGk5YCUbBzlvOQb2gV9dc&google_cver=1&google_push=AXcoOmSVWIEWpB-PwlNsLBXai4D3VPqcvkxfyVNRBofO_6O7WJjdb6epUfbCAnA5ZZbYVqGw3uX57QocUvAu-0dFO0gfKOLI4atdvTmJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSVWIEWpB-PwlNsLBXai4D3VPqcvkxfyVNRBofO_6O7WJjdb6epUfbCAnA5ZZbYVqGw3uX57QocUvAu-0dFO0gfKOLI4atdvTmJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H2 Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 8329b7abcdc5718b-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 363 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBdGk5YCUbBzlvOQb2gV9dc&google_cver=1&google_push=AXcoOmSVWIEWpB-PwlNsLBXai4D3VPqcvkxfyVNRBofO_6O7WJjdb6epUfbCAnA5ZZbYVqGw3uX57QocUvAu-0dFO0gfKOLI4atdvTmJ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSVWIEWpB-PwlNsLBXai4D3VPqcvkxfyVNRBofO_6O7WJjdb6epUfbCAnA5ZZbYVqGw3uX57QocUvAu-0dFO0gfKOLI4atdvTmJ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 8329b7aa7d0f718b-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame C874 Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFgUnkJeXSQXKqvrkWUpz8Q&google_cver=1&google_push=AXcoOmRbtmMKeJ3NR8a9nHO8NgGWddqTurD59ovD1Qa-it22pHWzvUnhPvk67sdQrxO4PAA21oxVh759YC7... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRbtmMKeJ3NR8a9nHO8NgGWddqTurD59ovD1Qa-it22pHWzvUnhPvk67sdQrxO4PAA21oxVh759YC7p8oFi0dpn8IBhW78t-YY&google_hm=ZzooCeJRSDqLwHoab...	170 B 188 B	35ms 35ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRbtmMKeJ3NR8a9nHO8NgGWddqTurD59ovD1Qa-it22pHWzvUnhPvk67sdQrxO4PAA21oxVh759YC7p8oFi0dpn8IBhW78t-YY&google_hm=ZzooCeJRSDqLwHoabJ3sWhg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:25 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRbtmMKeJ3NR8a9nHO8NgGWddqTurD59ovD1Qa-it22pHWzvUnhPvk67sdQrxO4PAA21oxVh759YC7p8oFi0dpn8IBhW78t-YY&google_hm=ZzooCeJRSDqLwHoabJ3sWhg content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame C874 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKQOdSk88P6Yl2yAb_fAYjA&google_cver=1&google_push=AXcoOmTbrZ94vOk0ll6AmI3w0Lrj0m25d0OznVTec3RD2CluSYy5n2hBhYgPkEKHtM2JBIN9QMY04xy2VOdeR-... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDQxMTgwNTI5NTM3NjUyNA%3D%3D&google_push=AXcoOmTbrZ94vOk0ll6AmI3w0Lrj0m25d0OznVTec3RD2CluSYy5n2hBhYgPkEKHtM2JBIN9QMY04xy2VOdeR-d6Z6...	170 B 188 B	36ms 35ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDQxMTgwNTI5NTM3NjUyNA%3D%3D&google_push=AXcoOmTbrZ94vOk0ll6AmI3w0Lrj0m25d0OznVTec3RD2CluSYy5n2hBhYgPkEKHtM2JBIN9QMY04xy2VOdeR-d6Z6J8_PrJXizhgVCd Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMDQxMTgwNTI5NTM3NjUyNA%3D%3D&google_push=AXcoOmTbrZ94vOk0ll6AmI3w0Lrj0m25d0OznVTec3RD2CluSYy5n2hBhYgPkEKHtM2JBIN9QMY04xy2VOdeR-d6Z6J8_PrJXizhgVCd Date Sat, 09 Dec 2023 02:11:26 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H3	200	pixel cm.g.doubleclick.net/ Frame C874 Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEP0_tVKixkVPtJwx_njXBYM&google_cver=1&google_push=AXcoOmTxdIqs0NQigP6GAuAOewKSsa5tcRLxBo76g-JMAz0v-xtZiEtAZ5HrhhCRD0OmF7vYI0noqKVoljDoDXxM... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Cifv-oyBRJsjfY6UNiw3Iw&google_push=AXcoOmTxdIqs0NQigP6GAuAOewKSsa5tcRLxBo76g-JMAz0v-xtZiEtAZ5HrhhCRD0OmF7vYI0noqKVoljDoDXxMiI43QtVLlgOniVM	170 B 188 B	49ms 48ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Cifv-oyBRJsjfY6UNiw3Iw&google_push=AXcoOmTxdIqs0NQigP6GAuAOewKSsa5tcRLxBo76g-JMAz0v-xtZiEtAZ5HrhhCRD0OmF7vYI0noqKVoljDoDXxMiI43QtVLlgOniVM Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 09 Dec 2023 02:11:26 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Cifv-oyBRJsjfY6UNiw3Iw&google_push=AXcoOmTxdIqs0NQigP6GAuAOewKSsa5tcRLxBo76g-JMAz0v-xtZiEtAZ5HrhhCRD0OmF7vYI0noqKVoljDoDXxMiI43QtVLlgOniVM x-host tde-deliveryengine-production-5989b845bf-nc52r alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	sync x.bidswitch.net/ Frame C874	43 B 146 B	147ms 26ms	Image image/gif	18.197.244.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAQhJJ4yX6kKhoovWARMtF0&google_cver=1&google_push=AXcoOmTLTNvFF_tbjtbuzJT8Yx5TYCbn-I8i0DAqDat0uQRyjPjrA--_CRDO0ve_lATjI5TBUvr_OTQZwCRKuM4zeKKdgYmGM8UE5Go Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.197.244.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-197-244-187.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame C874	43 B 363 B	96ms 29ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR-s8VBVEVxrxY2yzU6mAQRseDC_CdoIHucmzuZqpBiwTmzAvJIBCsLOqt-H5d512YGS2YgTMhevpT3IoUEtxus5RgVcHRq4dXo&google_gid=CAESEB2qxSYME9SiXyhAs1fiFp8&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:25 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 212971 expires Sat, 09 Dec 2023 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame C874 Redirect Chain https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO7YTfRIaV63Q2JPk8ntTD0&google_cver=1&google_push=AXcoOmSdo1bYTifA5Dvc-wGUkCeP_Hs_pBHfckMA12CxmpeQ-kNBCpKYKS8MHxsEjRa4TCRsWPV4JWKVvGXc... https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSdo1bYTifA5Dvc-wGUkCeP_Hs_pBHfckMA12CxmpeQ-kNBCpKYKS8MHxsEjRa4TCRsWPV4JWKVvGXc5NlygWWabo6gQBEjAO0	170 B 232 B	50ms 48ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSdo1bYTifA5Dvc-wGUkCeP_Hs_pBHfckMA12CxmpeQ-kNBCpKYKS8MHxsEjRa4TCRsWPV4JWKVvGXc5NlygWWabo6gQBEjAO0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H2 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSdo1bYTifA5Dvc-wGUkCeP_Hs_pBHfckMA12CxmpeQ-kNBCpKYKS8MHxsEjRa4TCRsWPV4JWKVvGXc5NlygWWabo6gQBEjAO0 strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame C874	0 40 B	51ms 50ms	Image text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgFSUyyyiaEjifqdZI_Y0PEfIDATv7yvBV1JUxAJ_VVI6z2rt_F9wGIZMkbZHDDKiu9oKu Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=2575368326&pi=t.aa~a.3843670837~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=0&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280%2C340x280%2C580x280&nras=6&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=3731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	i.match s.tribalfusion.com/z/ Frame 6B1A Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEBdGk5YCUbBzlvOQb2gV9dc&google_cver=1&google_push=AXcoOmQUdFpbUfwD9BwInGwUHSA-nM9b0Uk7iH05HxhdobcLyb3wz3Ah_uj4bISFy1hMjac1Ib0i-4OQ2HFyT4ElM70SkFkRddF7f... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBdGk5YCUbBzlvOQb2gV9dc&google_cver=1&google_push=AXcoOmQUdFpbUfwD9BwInGwUHSA-nM9b0Uk7iH05HxhdobcLyb3wz3Ah_uj4bISFy1hMjac1Ib0i-4OQ2HFyT4ElM70SkFkRddF...	43 B 397 B	203ms 184ms	Image image/gif	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBdGk5YCUbBzlvOQb2gV9dc&google_cver=1&google_push=AXcoOmQUdFpbUfwD9BwInGwUHSA-nM9b0Uk7iH05HxhdobcLyb3wz3Ah_uj4bISFy1hMjac1Ib0i-4OQ2HFyT4ElM70SkFkRddF7fhE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQUdFpbUfwD9BwInGwUHSA-nM9b0Uk7iH05HxhdobcLyb3wz3Ah_uj4bISFy1hMjac1Ib0i-4OQ2HFyT4ElM70SkFkRddF7fhE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H2 Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 8329b7abcdc2718b-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 367 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBdGk5YCUbBzlvOQb2gV9dc&google_cver=1&google_push=AXcoOmQUdFpbUfwD9BwInGwUHSA-nM9b0Uk7iH05HxhdobcLyb3wz3Ah_uj4bISFy1hMjac1Ib0i-4OQ2HFyT4ElM70SkFkRddF7fhE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQUdFpbUfwD9BwInGwUHSA-nM9b0Uk7iH05HxhdobcLyb3wz3Ah_uj4bISFy1hMjac1Ib0i-4OQ2HFyT4ElM70SkFkRddF7fhE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 8329b7aa7d0d718b-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6B1A Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESELTT_GNjC-1HnemwtISejLo&google_cver=1&google_push=AXcoOmRKZrytrUHWpMjh9WRGo4ljPnMNyC41B_wql_iz7jxjaz0TbZ5ZWI9Vd0TvaQspI6wEdKIeg8cosnArHjID_E5G4oCVYFGE1ag https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=65EAE4739BE648548C8920CEAFF7D5E2&google_push=AXcoOmRKZrytrUHWpMjh9WRGo4ljPnMNyC41B_wql_iz7jxjaz0TbZ5ZWI9Vd0TvaQspI6wEdKIeg8cosnArHjI...	170 B 188 B	43ms 41ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=65EAE4739BE648548C8920CEAFF7D5E2&google_push=AXcoOmRKZrytrUHWpMjh9WRGo4ljPnMNyC41B_wql_iz7jxjaz0TbZ5ZWI9Vd0TvaQspI6wEdKIeg8cosnArHjID_E5G4oCVYFGE1ag Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=65EAE4739BE648548C8920CEAFF7D5E2&google_push=AXcoOmRKZrytrUHWpMjh9WRGo4ljPnMNyC41B_wql_iz7jxjaz0TbZ5ZWI9Vd0TvaQspI6wEdKIeg8cosnArHjID_E5G4oCVYFGE1ag access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 08 Dec 2023 02:11:26 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6B1A Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFgUnkJeXSQXKqvrkWUpz8Q&google_cver=1&google_push=AXcoOmSCTVCwtQghpuAUOTEDIUpK5ndgjALbnm-zQhuOeEAEWHGevjKwK2ANWQevihs_sPCT429IJpR4nEA... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSCTVCwtQghpuAUOTEDIUpK5ndgjALbnm-zQhuOeEAEWHGevjKwK2ANWQevihs_sPCT429IJpR4nEAvqJ7jk6DyCNdIrulP89c&google_hm=a1EElZ7ySGOD-bbqb...	170 B 188 B	41ms 39ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSCTVCwtQghpuAUOTEDIUpK5ndgjALbnm-zQhuOeEAEWHGevjKwK2ANWQevihs_sPCT429IJpR4nEAvqJ7jk6DyCNdIrulP89c&google_hm=a1EElZ7ySGOD-bbqbQiC-Bg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:25 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSCTVCwtQghpuAUOTEDIUpK5ndgjALbnm-zQhuOeEAEWHGevjKwK2ANWQevihs_sPCT429IJpR4nEAvqJ7jk6DyCNdIrulP89c&google_hm=a1EElZ7ySGOD-bbqbQiC-Bg content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame 6B1A	0 174 B	82ms 32ms	Image text/plain	34.96.105.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPo3Py4pfAbxeY_M1prHg3U&google_cver=1&google_push=AXcoOmQrsXvPn1jmWizWnxgbWdLgJ4s0Wb0pXy3eNlAm4XVGcQ_KH32u13frgLtYUDDX2yf5TIVR_WN9M8KQ6DcMcqA2JDwv-Vlhjms Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	pixel cm.g.doubleclick.net/ Frame 6B1A Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEP0_tVKixkVPtJwx_njXBYM&google_cver=1&google_push=AXcoOmSHngcsiXGMw7C-LqGxjUkao27Bmo3_S0M8v1atef9Irxt_X314lbmURd6nlCbOn-p5zgYpMuRDInYem8sP... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KGmrd2c6QMsMxC6ZrkqUcA&google_push=AXcoOmSHngcsiXGMw7C-LqGxjUkao27Bmo3_S0M8v1atef9Irxt_X314lbmURd6nlCbOn-p5zgYpMuRDInYem8sP9NdFa-7pwuVYxA4	170 B 188 B	42ms 41ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KGmrd2c6QMsMxC6ZrkqUcA&google_push=AXcoOmSHngcsiXGMw7C-LqGxjUkao27Bmo3_S0M8v1atef9Irxt_X314lbmURd6nlCbOn-p5zgYpMuRDInYem8sP9NdFa-7pwuVYxA4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 09 Dec 2023 02:11:26 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KGmrd2c6QMsMxC6ZrkqUcA&google_push=AXcoOmSHngcsiXGMw7C-LqGxjUkao27Bmo3_S0M8v1atef9Irxt_X314lbmURd6nlCbOn-p5zgYpMuRDInYem8sP9NdFa-7pwuVYxA4 x-host tde-deliveryengine-production-5989b845bf-82dq7 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 6B1A Redirect Chain https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO7YTfRIaV63Q2JPk8ntTD0&google_cver=1&google_push=AXcoOmSonOuC0bpdX2KfieTmRDfiKqaTnBq2lqWVH7VAjsIvhsyJyWqgfthfPo5EfhqkiAotcfyUNOwZQ7OV... https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSonOuC0bpdX2KfieTmRDfiKqaTnBq2lqWVH7VAjsIvhsyJyWqgfthfPo5EfhqkiAotcfyUNOwZQ7OV7eCp73tQhFHgZhxPiA	170 B 232 B	68ms 66ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSonOuC0bpdX2KfieTmRDfiKqaTnBq2lqWVH7VAjsIvhsyJyWqgfthfPo5EfhqkiAotcfyUNOwZQ7OV7eCp73tQhFHgZhxPiA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H2 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSonOuC0bpdX2KfieTmRDfiKqaTnBq2lqWVH7VAjsIvhsyJyWqgfthfPo5EfhqkiAotcfyUNOwZQ7OV7eCp73tQhFHgZhxPiA strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
GET H2	200	report sync.teads.tv/um/ Frame 6B1A Redirect Chain https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHbplUe6rBL_... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS48U1Pqpy59GqKpDNFVdn9tttIFRpWVDxo-wsJ-iYx5cgfX0ZduGIe7BQ0mmILRb4kRpnKdfxRU-Xmm7macjOiWp6x8aJkjR4 https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 163 B	75ms 75ms	Image image/gif	2.19.217.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H2 Server 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-217-101.deploy.static.akamaitechnologies.com Software pekko-http/1.0.0 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers expires Sat, 09 Dec 2023 02:11:26 GMT pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT cache-control max-age=0, no-cache, no-store server pekko-http/1.0.0 content-length 23 content-type image/gif Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 6B1A	0 49 B	62ms 62ms	Image text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0jHpmZTO8ghcuzuBdRuohDRr6IlDzZ_3JojvAg1Ddze-Kz3xdZDc3iYYRBQ4CNaL3XxK3QA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=7974983&adf=3885145982&pi=t.aa~a.3843683326~rp.4&w=580&fwrn=1&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=580x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1624&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280&nras=3&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=330&ady=1346&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 95E5	38 KB 13 KB	23ms 23ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 320401 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 05 Dec 2023 09:11:25 GMT expires Wed, 04 Dec 2024 09:11:25 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/11984882093727697085/ Frame 19BD	18 KB 5 KB	70ms 23ms	Document text/html	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ac9ce4f7866ce89377bbac5dee43394fd46752e2795bd703f625ebff3c36eab5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 8690 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5005 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:46:36 GMT expires Sat, 07 Dec 2024 23:46:36 GMT last-modified Wed, 06 Dec 2023 15:53:01 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view ad.doubleclick.net/pcs/ Frame 06EF	0 0	144ms 69ms	Fetch image/gif	142.250.185.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjssUgRz9_Lp2i_CY4SITFPxZOUNy94DkSvwhzSt_E65dqX3ZGwLncXCB8dSHHd1o8U5ppOegIA1xKp8oWv9rbu017eteGThnDpWKXhJ1AvGURcRLM09cRlaHiLumKqC6CwS60TvdEEEfhEnm9e_O1s9eE1JZV1_0jvr9fq_H2FHjjLz3tuznY4d4Zf-2AScaFeMN5A_jf9yqlVZH0zSoGZ9cBlV8TpHHFw8hNChRzbQPfuXNHi8lU3DxO0XBVVdWLC4piF8HG2UCUZ7P91lpqpwkptrMCWik_E8C_Zc2mPScger22rzBovUaJw3rLf8qEIEBr46JaFVi8N1gWXv0nik7-NDaDDHRU_3hJZnzwWZ8grRHgUD7B_Ase6ow5FynqFZBgRkgL9AzscuN_L5dblOZOjICTDgfLeonrf-ajv26GrCLOfy_FKahIN-S1MUwjGpopoU-_QAmbd-AunYw0k9-zU_D5Z395BSx_fR-pQQs5xlglVPaqbUiApQmOj3mt2Pes0IVyZa9hj7spkY4TnyvaoL69rpkdUOq72ZlmrgzW33_L393G35senY3cg5G2TRPQ7AfvDQEa8X1L0ee4I-E1G5uU_j12bbIy_lXNQPFrMlwmI-wbT399-UfMaYxzuJJ_ZE29CSTMoS0xJ56fc-HoGrRKHcrMkRIWp9W8tMPeLL_gR_YRPs4cxsnOceCad0jHNL87Hmnq9qkP1X6bIpt1IfU2_ILV_RzoBfE6WCgxIpundr35Q7Qd358O4DJe8SOM22rgj5gdv097sQZHRdYsULDFSApb0qrE3IfeEG1JYpOn1PRdWFFkgze0cRX64JWMtDwxIdmHBLk9bGIcEGnkIvaJAmcC3EInFn09_GHM6zSXZj5LWpSG7CG5VNd4TKJuE837d-yCYAiD-15-mtrSttX4QPS2HOJQP1s3vvXbenKQSweogqxNeelhjmjiNZ9_-35m83_-Z-A9zPP5S9pxk1Qn1Ls5BF0ZABakYo84Wv2uCvQqPL3mpbqThZ5HV5mIt6BMfF2qoufou_80swbIqsuCLukhrgxJmS2K-O0Zlo_6aDi-RNqUx4hnUHY0DBiCX2DH93TPj9U--1gX74ikAPTaa2BWvzl0T5zqpE8qQNLZMuX8a76bhhlMTtIZDeHlD8R1OVzRTBkhS4pXv0g0YZaC03cavwAXe4XcSF9ozxPxrEYc98gnSFwK5sE3gmOrZMoX2AxMkmh4bQApa0xSQkho0oyju_cToUJgFmVeHcrBbn_i4tkST73LMzjEyJbCTfe5jfANLXVmYUio6uuzCoiqp1sN31E9iphQC5upLgr6RUHJr8bTfLLH-Fo1rprLxKlmkav_xWIuh7Foevgba7EiQBQ9p24LuGyaqnkKAMMdRdgKmwuvR1O_Dz-I7M_zfYW9Uq_SWI873DcL5Dxiw&sai=AMfl-YRpBBIF_aZGsx7G63uMP_h43RYVDwJPfDdifaeGO03Wkximq7i70XimceMePgqZOAs8QwhLc7g-tqbpd-XCJFBibVwG0buNDlBjq8Wn67lRBQYq5mMM6dyhBso6iDYjolIuEwFo76U6-JSu-5RY4-obsn-DMiwV4oBCSubVrJ_AJDRV3gpZDrvWwMxPl5QInWQ9yyS4KmTWgNVUxhLiaRyM0e-naZ9IQf4rw4CedPzaxQSoBygX0I5MsKFObJLRfQIGHz2yATbutkgef9SlQJsipVGIO8De26nfv5I0GIkFQTJTm7aWxxUryLbqczckNt4CmiPFs4roC3IxKNyGfMc8r6OwfG5X6pQOvWamTTjoTHEG3d2FhfHsdxgKmEFXLSQfDaFG-cizDNpSgGE4Dr7ryLOLun6ntJG0z1Gx2SoK&sig=Cg0ArKJSzAkwdEhIJNhCEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9uaW5qYWtpdGNoZW4uZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=206&cbvp=1&cstd=205&cisv=r20231206.52736&arae=0&ftch=1&adurl= Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 2213 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1	43 B 732 B	56ms 54ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNVC8W2J0OhmTEJZUVn1owbSRB5blbu5YDdHyF4M3_ZrXvy1KW_fWMMryGhq3FEJLxznrAGcGLKaYK7Wrc6khCX-hTpJ7zBP2Skic0XHf-Vo5SXXwrvYVdR4jun_kn_mqwIxYD9USE8p-LqzJthDeEAJxkpyxktMeDzK6Ivzmn9jNvoTDu4 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMyd8QLEvAVme4WVe3BPn%2B8AsTmsWVRuNIrskxSi2jKcfrdzrkOHaezZwT6lfQRQdGGSq%2BXvdere7v8eN0Ay7xypGblur8xfOxiSfppwV4mv4aJ0ZWOhty8XLbzlsdOcfuKYB%2Bhn8H3raA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8329b7aaac7e4541-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 2213 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXPMzv81LNRBM3E2DYCeSQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1	43 B 736 B	48ms 47ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNVC8W2J0OhmTEJZUVn1owbSRB5blbu5YDdHyF4M3_ZrXvy1KW_fWMMryGhq3FEJLxznrAGcGLKaYK7Wrc6khCX-hTpJ7zBP2Skic0XHf-Vo5SXXwrvYVdR4jun_kn_mqwIxYD9USE8p-LqzJthDeEAJxkpyxktMeDzK6Ivzmn9jNvoTDu4 Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qP0Tj7roq1s35TKBnT90DxwPfFLb1nSBrzTdA9gBicFq%2FwQrR%2BIIUfvUmvYqnLj4Sq46Yr%2F960vXiznKtzntuvl0vT4oza0xIp9Xbjfne%2FFjJlTY49JXJgGJObjOPscYMYa9oZAK%2BlAfGw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8329b7aabc8c4541-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 2213 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEO8oXVA0I3HkjoqTHrqAipw&google_cver=1	43 B 839 B	40ms 40ms	Image image/gif	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEO8oXVA0I3HkjoqTHrqAipw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNVC8W2J0OhmTEJZUVn1owbSRB5blbu5YDdHyF4M3_ZrXvy1KW_fWMMryGhq3FEJLxznrAGcGLKaYK7Wrc6khCX-hTpJ7zBP2Skic0XHf-Vo5SXXwrvYVdR4jun_kn_mqwIxYD9USE8p-LqzJthDeEAJxkpyxktMeDzK6Ivzmn9jNvoTDu4 Protocol H2 Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT an-x-request-uuid f51f3dcf-313e-436f-a3d0-77770583667f server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 217.114.218.24; 217.114.218.24; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEO8oXVA0I3HkjoqTHrqAipw&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2213 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxNjU4NDQ3ODQ0MzIyNTY2	170 B 188 B	63ms 62ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxNjU4NDQ3ODQ0MzIyNTY2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNVC8W2J0OhmTEJZUVn1owbSRB5blbu5YDdHyF4M3_ZrXvy1KW_fWMMryGhq3FEJLxznrAGcGLKaYK7Wrc6khCX-hTpJ7zBP2Skic0XHf-Vo5SXXwrvYVdR4jun_kn_mqwIxYD9USE8p-LqzJthDeEAJxkpyxktMeDzK6Ivzmn9jNvoTDu4 Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT an-x-request-uuid 75b3f45f-074f-4d56-b9f6-d4485cefae62 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxNjU4NDQ3ODQ0MzIyNTY2 x-proxy-origin 217.114.218.24; 217.114.218.24; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response pagead2.googlesyndication.com/bg/ Frame 2283	50 KB 19 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:18 GMT content-encoding br x-content-type-options nosniff age 367328 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19601 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 03 Dec 2024 20:09:18 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/11984882093727697085/ Frame CCB3	18 KB 5 KB	48ms 26ms	Document text/html	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ac9ce4f7866ce89377bbac5dee43394fd46752e2795bd703f625ebff3c36eab5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 8690 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5005 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:46:36 GMT expires Sat, 07 Dec 2024 23:46:36 GMT last-modified Wed, 06 Dec 2023 15:53:01 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view ad.doubleclick.net/pcs/ Frame 7DFE	0 0	119ms 71ms	Fetch image/gif	142.250.185.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjsuZ7U_lb5F2Rp6tXdtid3erZ4T5R1WL53nE1k2pN1oodEcS2bsLh66xNT-p7rEpd64Hw4hGf5evNwsj6_ADukHi06fByywDmCddWGfxLvjNjlMIY-ET_mIZ5kbE7OgjR3FTHG_an7MvQOeDK5OF__Ik9exA2-gSNVXUlSSiaeK5KLQhNqM8SJKM9bWvAmpn3Alcc4JcKdo0fYdLAq5ZcNjzaUTkJGBugxYV4Sd3_5spIpJsHtEsPeT3ClakCFbbAf9vhWz7FDVWptT3Qa-WcEei0sTQ0GdeG44aYSuQqfOHnu_E0xmscAk78JnmVFDMNtlrxys2mNrRG_Pe9n1EcoF-VRNlP9BkZSB9pM_ZY_YMBzbPRqi_hlFkenl3nKOB5wfnAseQU7GPq6Kwp91RVysK4qGy0nvEpD_7UkGTMzi4FxLf9tJwoQ67V-Cpx5cvCEhvm-bQjrxw8hGPaUIb90rgJEQ9nq9ipBMPMI05CcLGo8Dz_541NifJF6QMQaITn_m5DHnLgq0BLHhibdDg6W8_bYW-cW1Vit7y1NiCGPiqd-BQL-Mx3o9Ue2Zj2lCMchu4--EI9puoGIQOk2QmIfBK_eQ7XgiXOK84sKOrFR5tgfcUPGT84C9LNQqyi3IiGPqJOTiK5m4Zkny6g-hRM-oRZLc6vNsW0boo-qJJNmZN5fU0oXKpyU6VIO1GDHNJvI71gIeqKg8HmtslJlR9MjOGT2BmBdw-pD2FIBVqrLtg9ukdcFO-SlF96gggkvOuiDyf4SW0IMxWQMv8yzFyYUfaRqBInqQrWWu6ZoY--4tWcwoObDWGC08pESU_kyLsyivqMbjAqooCPKP2hbnlIWK-Egkcmp_P9GagZOtscsUYg1A3-yJTo5mAYcOaYjMHPFIXIb64_wBO0ykX4toaJRNyMjbUSKkv4-ZJ7kFC8_YtM9tYSCs3_DYAqzrCqI8unF46MT8l_gfvHIVTv_TXPzhH0sVP4XZpiOgOzRKEihbbXz124ds86zwrLtPYY7k4QS_RAop9uhZcEt0edCJi0UK8skBNEc58syAgdb8S0ncCLkYOk3nyocmtdZ-U_cZc6-xHPxW7wmwJCxWn33SFJapQlmC1218ydlxqeCiEbLvEmHhgtdLmDJZl3cTn3miSepA1fTdsJuhDMmtl8rSvEvvmwF3rbhvsJDe58ZQOmG8wV2tMAyxSpHSCceVpstKPRtTQr3tcbl7Fq7YXhjmbPyEimbqoTqo2gYQSXq_rf0R-leXkqqNPDn0a47hqrA5sDJv73V1RpnYxmj0KR5qEDywSbCaeWs5kGW4TaavsYjVNH8Sk5xtk4_pHWbDtX3acYTLkrypFoKURxwFtqEsR34eZSXvZC3yTldZZN0Iv39_fs7Za9akUo5J4AhWgKnV5_EaYnshpvLxseqdTUnNITDTK&sai=AMfl-YS4ETnDDFK_QBrDvIpuWl9a0IarT80fQyX_SC048xG_cCf_b5_FlW6ZiDgSpxl9YdJBXwK9xE87mEbtlyOGG1f0NuHPFvr4C9cCIbLe5A3kssKS7pbCHSzfpfxH6XYFdSZ1l2WCz1NtM-xrGO2VTUVImOq_P1uwBBI-2V-9eIVEaZZhQbGn5VerrOXI5K1lKWiQzCq7A0dqjXCpI6bQ9-ZjOqQ5Z7yzcYNAAQMzKrsMNSaDEgH261CDYFI43qeBngtNOb2qqibHsLlNTkumWWHK0ZNAWEEoUV_6IeslRq7d1_WbhJzTZUINdgw7VFQPZM2uX-7rP0pW6An35IgNMXrq7HGbGhX2mDL8edEsUD216kx_9eev6P3ZNdjBMx8kOJqPeihK3_FCSzaisy8QbwkEU_bzEicEfJD8iIO-Cpu8&sig=Cg0ArKJSzCpA42OyKCITEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9uaW5qYWtpdGNoZW4uZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=172&cbvp=1&cstd=171&cisv=r20231206.94792&arae=0&ftch=1&adurl= Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/11984882093727697085/ Frame E198	18 KB 5 KB	22ms 22ms	Document text/html	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ac9ce4f7866ce89377bbac5dee43394fd46752e2795bd703f625ebff3c36eab5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 8690 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5005 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 23:46:36 GMT expires Sat, 07 Dec 2024 23:46:36 GMT last-modified Wed, 06 Dec 2023 15:53:01 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view ad.doubleclick.net/pcs/ Frame 57B0	0 0	93ms 73ms	Fetch image/gif	142.250.185.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjsvXadw6LBt0FJ-nsQ5MfD2yzwdlyKjr1m7Szjlt8ewcPzbkq1aGZz2YoBYIldI7pA51QU-2kmAg_hnXy4Lbx3Db_CJorVDD8EqXmpFENpn8qESKMc3jjoqQXd_MsbGq5u6qEl12jtyGpgDN_V5fiTPZeJO_t34lbUO9JxsNY9sqj72-oPaqiwykyGRnCHzcZSOiRs2xc-RGzYqx9_Po9v1QElYIKtowIY3Ov--I1mEA7sgNoGww0fjGeT0qKWDjK6y5508oHxZ5oIW9N5xA4qKRls3vywqYyIyXfG2X56NGkNmCzymG1iHUaufYW037qnPbJUBI69fqBVLQmIbSqzTyWekivjdhZSIlvKK1kSaGoOh5PuAmgfrzDptIK6OaWmWDtPNrbyNSg6RUPkr2A0e6rrQxcqDmw_hfInwOctjw5iqgrnSMhrv2T7hYbuuDGF8JWAh7qiHHpiQXfnp3WSUO_opNZHP8X8CLQNKjct_eT2pB5DLUylUYeP3vjPGnNcDiBSJZ5FmjoWJ6eIXKcbpJ-sVv8XE8mN_a7LGmai-PNuqLPLY0o6TWY139QUWRuSO-4kIU312tvN-nVXOltpcLASx00VgUQxdiMPkMTDOFxb9KfX6lYq3ojiyv2t9K1z62h6Rq5LTDjh6jTLL_ELy4Wic5A7pfSWHZBTDbWmjh6dsT6Dx_-HnUq3fNbAY8ZXdFThSilcaqJEqXKC96Bn6XPy6DK6KGO3VbKDHQlJC_QVXQ_z-IWnpna2nU-pFftK7JpJlU7jRb3k2ECeFVeJNFC3pMtgjGZzXxt85awU9DU3AnRc6euOr2v3gyooKG2Z5OD59AX5QZuFfSajej5mC_AitTjmCtz0PSuK6oowDn-Fx2Pe_qqwBJFclAUK8IY7LpkSmWiPowFT4hcBNTvaZANwwq_m0g3K4QLQni8-ghy_LKMUqKIRZtpFuMqFIdHvonQq6nQa9RhOzIhyEEznmOGgT4muJwXr5iYPyrvSx8aibAPgRIKa3io98lDvoYIfFPxvBlMVZYKB9-xuOHMjHFT9X8P9ispf7tHDf0vpAKBXkAF2tIhqzCnSDTdKOX8_Kj04gkmC9VxxJLillgCOB4BFs7jThUD1TIcmcord_4akJxWvBfZLQbvE352ItVg05cRz-OolEEkgKyxeM8RujS36Fe7hMUsceRwu4DrVb5eSZGqycS6fcWgFRllSWV5XXahu3HApGkyHlaEekJrSKdluw2kgSWCjBVWAe6aRPQ7p3tKEv45xsgqEZS0Z_f6u7TI2D476ZJCW-NmLN5S6f09CGYUktZ256_t9ufxhUviLnC9t3HPjh_D9-jehuYC4bDMJfT1aFGzu4Dky8AYoL8INr3ePQQ4_7hvQYt9pr4_Mo-q4UPnmivpIc8oHHnpx3kqWhXVT9iQnbNMklIwn-y&sai=AMfl-YQvJ121q0eHa8E0M9PaYg9woO_3ld10UOqokcaWtYG3xXOIzggVNd_6iZ9n-z_UN2pjGKDHOA1KnTgWdWTlB1WGpyRprZC31BdzsQWEM3wraPV_Lsb9hQKTErosRJhjzXOd3sQhNEfc5Nnd59N0nBBj-a1KXWugW4ttWMiT5aW-dzVwUBTMZcXu5fKfEHGFmIJh62qU3RiPDhyp-bcD2E3WD5weC5HVPsy9-iTNOm4lbNrAQkeyh9-aaLwcZeaiEDWH8VEmRXwDvGGVZkHOfa3gQtUCPt3zsBYovpRdmtRR879E17xo4wYKtUQJRSjONaOQJzbFjBeP3HrOn7zFuN13m8vdgm9nK5M4humdaJhSpoO_huoZ7jSelgOs7CjDGyzsbLPLSrszxDSgAxaAGFzRPCMXdEATktd15NiPJHGc&sig=Cg0ArKJSzIgYMVgOgNaVEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9uaW5qYWtpdGNoZW4uZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=189&cbvp=1&cstd=188&cisv=r20231206.64927&arae=0&ftch=1&adurl= Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame F63A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1	43 B 740 B	46ms 46ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNWEZdOaHbmzqiFtzumDYbAY-GolO4LZ0UHiL2ZUOGT14CRVlcr4vRES_tS0OqXHIcTf1CyAzwn6Q8t03WhEp13zPlaHPRuam4Af34SzW7RVwI_RG-1f5ScKVyBcWPsKSMVrRyj_pwfiEaerOO39bhjf0AWKl2dLRW6Xyr2uCF3YRx9MKWw Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzxkoXOCygfTvUZp3YD3g5ZfnRRBJwgJQgflrAwNCGpH1eJ2woK6BsJ%2F%2FwVK0k0mxDCNVTU8YQOHhKqfBimd7L8AiYS4Q%2B8Ku9rCU%2BR9ztrL%2BTUx1CVepO%2Bcvuk%2FOXsVz8kPsSFICaj65w%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8329b7aacca34541-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame F63A Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXPMzv81LNRBM3E2DYCeSQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1	43 B 737 B	47ms 47ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNWEZdOaHbmzqiFtzumDYbAY-GolO4LZ0UHiL2ZUOGT14CRVlcr4vRES_tS0OqXHIcTf1CyAzwn6Q8t03WhEp13zPlaHPRuam4Af34SzW7RVwI_RG-1f5ScKVyBcWPsKSMVrRyj_pwfiEaerOO39bhjf0AWKl2dLRW6Xyr2uCF3YRx9MKWw Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEAWcJCjm0dBYHIopt37YFazNhg7yZVVNRY0T2pP7IaRp6KOC%2BkmWOGy1NWXC7fhiacnLmRd%2BPlw%2FOheefyDXCfYH1I0fwjdYKRKleOQPIiw4llWS%2BzIkqCD9M%2F2qoKYfd4wKHLpxVBRgg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8329b7ab3ceb4541-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVknnEdr1avUQPA3_jnM5Q&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame F63A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEO8oXVA0I3HkjoqTHrqAipw&google_cver=1	43 B 838 B	38ms 38ms	Image image/gif	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEO8oXVA0I3HkjoqTHrqAipw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNWEZdOaHbmzqiFtzumDYbAY-GolO4LZ0UHiL2ZUOGT14CRVlcr4vRES_tS0OqXHIcTf1CyAzwn6Q8t03WhEp13zPlaHPRuam4Af34SzW7RVwI_RG-1f5ScKVyBcWPsKSMVrRyj_pwfiEaerOO39bhjf0AWKl2dLRW6Xyr2uCF3YRx9MKWw Protocol H2 Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT an-x-request-uuid ec0a2367-dcab-4884-8d0e-4d04a9975696 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 217.114.218.24; 217.114.218.24; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEO8oXVA0I3HkjoqTHrqAipw&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame F63A Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxNjU4NDQ3ODQ0MzIyNTY2	170 B 188 B	36ms 35ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxNjU4NDQ3ODQ0MzIyNTY2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe4vAEQ6KLfwQIYqMHagAIwAQ&v=APEucNWEZdOaHbmzqiFtzumDYbAY-GolO4LZ0UHiL2ZUOGT14CRVlcr4vRES_tS0OqXHIcTf1CyAzwn6Q8t03WhEp13zPlaHPRuam4Af34SzW7RVwI_RG-1f5ScKVyBcWPsKSMVrRyj_pwfiEaerOO39bhjf0AWKl2dLRW6Xyr2uCF3YRx9MKWw Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT an-x-request-uuid a208d1f6-0215-45e3-ae05-ebbcd9a7fc55 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcxNjU4NDQ3ODQ0MzIyNTY2 x-proxy-origin 217.114.218.24; 217.114.218.24; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame 569A	12 KB 6 KB	44ms 44ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXPMzAAPIgQK4CpbAAIBW_zwtaHGs_skTi1mSA&u=%7C5IhOIMvx3cIR3XRr3l0pUWxzPgkj%2FbvG8ijCDaSUeOs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-tDF6f8mMoGcMzrlX8TrBHbGRnRkDtz4mhTkQoRcoay2Lz696RF5Ah2r28vhCb5oEUhPtBBpHQgHP91dVQaywFRhBYUJXI4KZ0uthLLGt9TVJTcEnPP5n97X-_-oRDLDY3xL9gkhvGnL6BvKBqkWkHi8WM0OWvvwrbePTDK3CpP2rUc6TCXxicUid2ZQZefDdpim8j7Ut6kbA8NwUGpbKfYN2Z-CiyUDb9Bu7JJKhmn0EoLJlDmZzf4f79iIKn2A8nm5tPCEmpPIj6G-xBsliviT3c2uCU0Fz4JiC5D6zN0_AK0plQG3zDmdg4eI1xZR5mbIW0D-qgwuZylDz5LsqtDIt6-udYVHF-ROic23olv-i5Xpjw806z5DSseTEBJuECtR_eWGUm4syPXemBgvHQHrvIpVlWjlfTjAmHajEmRLqlZtgm29lZMHCYl6ExEDAwiLcARTjvQTT_w8x2XLZAx-RamVqebYunxxl0gR75qzBGKfLKP6Bkm7Ln7prMflY-TG7DmOfBPoykdcl8bvIxmrAk5KPBWnpk4uK9r0fQP3yMSb36eXkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpstzMxzZYTEPNvUgAfbgojwCsme0rFczfHi3YgBwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTTAU_QvS4pEUYMfpF1cApNY0ZjXqtJxPWPGwdnq73WxlyJOJ-n9agPeTnRxT2UDuDlyZC65DThCoFe85DdqhywH4hGeI3HCWR81d8NO2w_iS0MD8jjpnFXwHS33u8Qf8aDRnGtj00j3vyKic6Z7YrKvvcihVMnakzPzSWouBC6CzAUd0TEcWgERn-k3b0soX60vu_NcQLxOQYm5m49lH82QdcUjh0DyXqz28osufPt72G0Ev0FH0HNhsiOBGE7bGoyA0yB7MDKaqz3M_K2FUjZbFPwDiCABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliRr4u-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_ieY5aBLHFJGG2jXw2RxHcM8-dQ%26client%3Dca-pub-8143997951991795%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 03 Dec 2024 02:11:26 GMT
POST H2	200	all csm.eu.criteo.net/ Frame 569A	0 128 B	118ms 40ms	Ping text/plain	2a02:2638:3::1a ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=lsq2-ji5Xv7oah-bN3tsstgAIP_2bNsDWYp9VXLm_wmn57tomteCF5KSUUHPkICOdX8x44TLdPoZRwjzhn34usjJq3a7_WvQGNqMSREnJBI3d5EHN7qdq_dVQeNen8tTV3QGF49U1ZJBwyhm57bb5PfQ0Tl_ZlNjAtj0KynghnFvNfrLwjrYY0ybqmylplEHCmjSGtzY3QO9n-C_BhPMhxXVS1IyDk-N-wMTmmChH04GD6--cOgy7ms_UF8dl4xj_Hta1Q&sds=2&rev=89682&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXPMzAAPIgQK4CpbAAIBW_zwtaHGs_skTi1mSA&u=%7C5IhOIMvx3cIR3XRr3l0pUWxzPgkj%2FbvG8ijCDaSUeOs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-tDF6f8mMoGcMzrlX8TrBHbGRnRkDtz4mhTkQoRcoay2Lz696RF5Ah2r28vhCb5oEUhPtBBpHQgHP91dVQaywFRhBYUJXI4KZ0uthLLGt9TVJTcEnPP5n97X-_-oRDLDY3xL9gkhvGnL6BvKBqkWkHi8WM0OWvvwrbePTDK3CpP2rUc6TCXxicUid2ZQZefDdpim8j7Ut6kbA8NwUGpbKfYN2Z-CiyUDb9Bu7JJKhmn0EoLJlDmZzf4f79iIKn2A8nm5tPCEmpPIj6G-xBsliviT3c2uCU0Fz4JiC5D6zN0_AK0plQG3zDmdg4eI1xZR5mbIW0D-qgwuZylDz5LsqtDIt6-udYVHF-ROic23olv-i5Xpjw806z5DSseTEBJuECtR_eWGUm4syPXemBgvHQHrvIpVlWjlfTjAmHajEmRLqlZtgm29lZMHCYl6ExEDAwiLcARTjvQTT_w8x2XLZAx-RamVqebYunxxl0gR75qzBGKfLKP6Bkm7Ln7prMflY-TG7DmOfBPoykdcl8bvIxmrAk5KPBWnpk4uK9r0fQP3yMSb36eXkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpstzMxzZYTEPNvUgAfbgojwCsme0rFczfHi3YgBwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTTAU_QvS4pEUYMfpF1cApNY0ZjXqtJxPWPGwdnq73WxlyJOJ-n9agPeTnRxT2UDuDlyZC65DThCoFe85DdqhywH4hGeI3HCWR81d8NO2w_iS0MD8jjpnFXwHS33u8Qf8aDRnGtj00j3vyKic6Z7YrKvvcihVMnakzPzSWouBC6CzAUd0TEcWgERn-k3b0soX60vu_NcQLxOQYm5m49lH82QdcUjh0DyXqz28osufPt72G0Ev0FH0HNhsiOBGE7bGoyA0yB7MDKaqz3M_K2FUjZbFPwDiCABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliRr4u-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_ieY5aBLHFJGG2jXw2RxHcM8-dQ%26client%3Dca-pub-8143997951991795%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame 569A	2 KB 1 KB	41ms 37ms	Image image/svg+xml	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXPMzAAPIgQK4CpbAAIBW_zwtaHGs_skTi1mSA&u=%7C5IhOIMvx3cIR3XRr3l0pUWxzPgkj%2FbvG8ijCDaSUeOs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-tDF6f8mMoGcMzrlX8TrBHbGRnRkDtz4mhTkQoRcoay2Lz696RF5Ah2r28vhCb5oEUhPtBBpHQgHP91dVQaywFRhBYUJXI4KZ0uthLLGt9TVJTcEnPP5n97X-_-oRDLDY3xL9gkhvGnL6BvKBqkWkHi8WM0OWvvwrbePTDK3CpP2rUc6TCXxicUid2ZQZefDdpim8j7Ut6kbA8NwUGpbKfYN2Z-CiyUDb9Bu7JJKhmn0EoLJlDmZzf4f79iIKn2A8nm5tPCEmpPIj6G-xBsliviT3c2uCU0Fz4JiC5D6zN0_AK0plQG3zDmdg4eI1xZR5mbIW0D-qgwuZylDz5LsqtDIt6-udYVHF-ROic23olv-i5Xpjw806z5DSseTEBJuECtR_eWGUm4syPXemBgvHQHrvIpVlWjlfTjAmHajEmRLqlZtgm29lZMHCYl6ExEDAwiLcARTjvQTT_w8x2XLZAx-RamVqebYunxxl0gR75qzBGKfLKP6Bkm7Ln7prMflY-TG7DmOfBPoykdcl8bvIxmrAk5KPBWnpk4uK9r0fQP3yMSb36eXkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpstzMxzZYTEPNvUgAfbgojwCsme0rFczfHi3YgBwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTTAU_QvS4pEUYMfpF1cApNY0ZjXqtJxPWPGwdnq73WxlyJOJ-n9agPeTnRxT2UDuDlyZC65DThCoFe85DdqhywH4hGeI3HCWR81d8NO2w_iS0MD8jjpnFXwHS33u8Qf8aDRnGtj00j3vyKic6Z7YrKvvcihVMnakzPzSWouBC6CzAUd0TEcWgERn-k3b0soX60vu_NcQLxOQYm5m49lH82QdcUjh0DyXqz28osufPt72G0Ev0FH0HNhsiOBGE7bGoyA0yB7MDKaqz3M_K2FUjZbFPwDiCABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliRr4u-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_ieY5aBLHFJGG2jXw2RxHcM8-dQ%26client%3Dca-pub-8143997951991795%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 03 Dec 2024 02:11:26 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame 569A	2 KB 1 KB	42ms 38ms	Image image/svg+xml	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXPMzAAPIgQK4CpbAAIBW_zwtaHGs_skTi1mSA&u=%7C5IhOIMvx3cIR3XRr3l0pUWxzPgkj%2FbvG8ijCDaSUeOs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-tDF6f8mMoGcMzrlX8TrBHbGRnRkDtz4mhTkQoRcoay2Lz696RF5Ah2r28vhCb5oEUhPtBBpHQgHP91dVQaywFRhBYUJXI4KZ0uthLLGt9TVJTcEnPP5n97X-_-oRDLDY3xL9gkhvGnL6BvKBqkWkHi8WM0OWvvwrbePTDK3CpP2rUc6TCXxicUid2ZQZefDdpim8j7Ut6kbA8NwUGpbKfYN2Z-CiyUDb9Bu7JJKhmn0EoLJlDmZzf4f79iIKn2A8nm5tPCEmpPIj6G-xBsliviT3c2uCU0Fz4JiC5D6zN0_AK0plQG3zDmdg4eI1xZR5mbIW0D-qgwuZylDz5LsqtDIt6-udYVHF-ROic23olv-i5Xpjw806z5DSseTEBJuECtR_eWGUm4syPXemBgvHQHrvIpVlWjlfTjAmHajEmRLqlZtgm29lZMHCYl6ExEDAwiLcARTjvQTT_w8x2XLZAx-RamVqebYunxxl0gR75qzBGKfLKP6Bkm7Ln7prMflY-TG7DmOfBPoykdcl8bvIxmrAk5KPBWnpk4uK9r0fQP3yMSb36eXkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpstzMxzZYTEPNvUgAfbgojwCsme0rFczfHi3YgBwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTTAU_QvS4pEUYMfpF1cApNY0ZjXqtJxPWPGwdnq73WxlyJOJ-n9agPeTnRxT2UDuDlyZC65DThCoFe85DdqhywH4hGeI3HCWR81d8NO2w_iS0MD8jjpnFXwHS33u8Qf8aDRnGtj00j3vyKic6Z7YrKvvcihVMnakzPzSWouBC6CzAUd0TEcWgERn-k3b0soX60vu_NcQLxOQYm5m49lH82QdcUjh0DyXqz28osufPt72G0Ev0FH0HNhsiOBGE7bGoyA0yB7MDKaqz3M_K2FUjZbFPwDiCABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliRr4u-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_ieY5aBLHFJGG2jXw2RxHcM8-dQ%26client%3Dca-pub-8143997951991795%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 03 Dec 2024 02:11:26 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	60ms 60ms	Preflight text/html	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229352755905764983891%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216678706917203188081%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Sat, 09 Dec 2023 02:11:26 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	60ms 60ms	Preflight text/html	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22783498413115066715%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211362588163%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22386343309578812865%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Sat, 09 Dec 2023 02:11:26 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	5332fa4b1e5e04411f61e2c1e89fc168.js Show response s0.2mdn.net/sadbundle/11984882093727697085/ Frame 19BD	116 KB 33 KB	23ms 23ms	Script application/x-javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/5332fa4b1e5e04411f61e2c1e89fc168.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0631fa07c59ea2e70c195d2b6153cbccc740edd14ad2ef6c9e9b7a5767c78a35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:07:08 GMT content-encoding gzip x-content-type-options nosniff age 140658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33914 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 06 Dec 2024 11:07:08 GMT
GET H3	200	5332fa4b1e5e04411f61e2c1e89fc168.js Show response s0.2mdn.net/sadbundle/11984882093727697085/ Frame CCB3	116 KB 33 KB	32ms 32ms	Script application/x-javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/5332fa4b1e5e04411f61e2c1e89fc168.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0631fa07c59ea2e70c195d2b6153cbccc740edd14ad2ef6c9e9b7a5767c78a35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:07:08 GMT content-encoding gzip x-content-type-options nosniff age 140658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33914 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 06 Dec 2024 11:07:08 GMT
GET H3	200	5332fa4b1e5e04411f61e2c1e89fc168.js Show response s0.2mdn.net/sadbundle/11984882093727697085/ Frame E198	116 KB 33 KB	38ms 38ms	Script application/x-javascript	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/5332fa4b1e5e04411f61e2c1e89fc168.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0631fa07c59ea2e70c195d2b6153cbccc740edd14ad2ef6c9e9b7a5767c78a35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:07:08 GMT content-encoding gzip x-content-type-options nosniff age 140658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33914 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 06 Dec 2024 11:07:08 GMT
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame B148	39 KB 15 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:59 GMT content-encoding br x-content-type-options nosniff age 14967 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:01:59 GMT
GET H2	200	adchoices_default.png static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DA11	350 B 911 B	107ms 36ms	Image image/png	2606:4700:20::681a:71b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 679122 alt-svc h3=":443"; ma=86400 content-length 350 last-modified Mon, 20 Nov 2023 11:04:04 GMT server cloudflare etag "e7fc49b61cae983db8c3a1dccf923b93" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbuU0Wy8kfJmmoszEBRHB%2FZ0%2FJZPzqudFPPSs7KS06vB7Fg94fjNh6iFTeK62wuDNyWVCqYDFvWs%2B7IiHl%2BQUDC7QboHgwTap2VkHOr7yiqQiIhztihojUj0bG3GohLUrJfmp6YEtFsOMH4FG2%2BLRcXt"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 8329b7abaa0d65a2-FRA expires Sat, 30 Nov 2024 05:32:44 GMT
GET H3	200	cookie-frame.html Show response ad4m.at/ Frame 1118	2 KB 2 KB	36ms 36ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/cookie-frame.html Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 902939 alt-svc h3=":443"; ma=86400 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400 cf-cache-status HIT cf-ray 8329b7ab586e5d9a-FRA content-encoding br content-language en content-type text/html date Sat, 09 Dec 2023 02:11:26 GMT expires Tue, 28 Nov 2023 16:19:58 GMT last-modified Tue, 28 Nov 2023 11:49:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln3Vzizj3khyOjKQ8Usl0XQXSFknrAhvORaZsnP01GN5hPi%2FqAZVgrWWtCKVKeDKzFP5%2BDsZqtw8LIJSt8b%2BmDasELVWBLWp%2Bo4qK%2F8saVH%2FTsqVDo3chYFF5nDYk9sxz9b2MTE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame A082	39 KB 15 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:59 GMT content-encoding br x-content-type-options nosniff age 14967 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:01:59 GMT
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 95E5	39 KB 15 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 22:01:59 GMT content-encoding br x-content-type-options nosniff age 14967 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 07 Dec 2024 22:01:59 GMT
GET DATA	200 OK	truncated / Frame 3201	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ffd4ec011a9bdba029338435a26f00040e69636f6116c93b5c2fc2957dbc1e7f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	414b001155bbc966c87ace200f7012d4.jpg s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame 19BD	17 KB 17 KB	27ms 26ms	Image image/jpeg	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/414b001155bbc966c87ace200f7012d4.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2ae3597356dc48ad3e6ac0caf62db30f88463ed85956f22b4d79c44dd029dfa6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:07:08 GMT x-content-type-options nosniff age 140658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17675 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 06 Dec 2024 11:07:08 GMT
GET H3	200	7fcd2860f09686722c9411640389131c.jpg s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame 19BD	17 KB 17 KB	25ms 25ms	Image image/jpeg	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/7fcd2860f09686722c9411640389131c.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3fb4c55c2e47c9c8525cdd9930f5a2bc6649dfce9e5d40d858611ae3aff7bfb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 16:56:56 GMT x-content-type-options nosniff age 33270 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17642 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 07 Dec 2024 16:56:56 GMT
GET H3	200	717b9d53dcdbd84dd98e07adee70c5fa.png s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame 19BD	4 KB 4 KB	24ms 24ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/717b9d53dcdbd84dd98e07adee70c5fa.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c7c81995d19d12ed0be85d408e7e1af646c375896744b3f281d3c2947abbe9d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:07:08 GMT x-content-type-options nosniff age 140658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4363 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 06 Dec 2024 11:07:08 GMT
GET H3	200	8c77320e1e15a43fac13e75064d019b3.svg s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame 19BD	7 KB 2 KB	29ms 29ms	Image image/svg+xml	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/8c77320e1e15a43fac13e75064d019b3.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8a81fd8c4b029d910f20ace641cac3fea7e0fdb338010aee6c892609fe1f6291 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:07:09 GMT content-encoding gzip x-content-type-options nosniff age 29057 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1987 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 07 Dec 2024 18:07:09 GMT
GET H3	200	414b001155bbc966c87ace200f7012d4.jpg s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame CCB3	17 KB 17 KB	28ms 28ms	Image image/jpeg	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/414b001155bbc966c87ace200f7012d4.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/5332fa4b1e5e04411f61e2c1e89fc168.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2ae3597356dc48ad3e6ac0caf62db30f88463ed85956f22b4d79c44dd029dfa6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:07:08 GMT x-content-type-options nosniff age 140658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17675 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 06 Dec 2024 11:07:08 GMT
GET H3	200	7fcd2860f09686722c9411640389131c.jpg s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame CCB3	17 KB 17 KB	30ms 29ms	Image image/jpeg	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/7fcd2860f09686722c9411640389131c.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/5332fa4b1e5e04411f61e2c1e89fc168.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3fb4c55c2e47c9c8525cdd9930f5a2bc6649dfce9e5d40d858611ae3aff7bfb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 16:56:56 GMT x-content-type-options nosniff age 33270 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17642 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 07 Dec 2024 16:56:56 GMT
GET H3	200	717b9d53dcdbd84dd98e07adee70c5fa.png s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame CCB3	4 KB 4 KB	31ms 31ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/717b9d53dcdbd84dd98e07adee70c5fa.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/5332fa4b1e5e04411f61e2c1e89fc168.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c7c81995d19d12ed0be85d408e7e1af646c375896744b3f281d3c2947abbe9d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:07:08 GMT x-content-type-options nosniff age 140658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4363 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 06 Dec 2024 11:07:08 GMT
GET H3	200	8c77320e1e15a43fac13e75064d019b3.svg s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame CCB3	7 KB 2 KB	32ms 32ms	Image image/svg+xml	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/8c77320e1e15a43fac13e75064d019b3.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/5332fa4b1e5e04411f61e2c1e89fc168.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8a81fd8c4b029d910f20ace641cac3fea7e0fdb338010aee6c892609fe1f6291 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:07:09 GMT content-encoding gzip x-content-type-options nosniff age 29057 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1987 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 07 Dec 2024 18:07:09 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame D115	42 B 64 B	61ms 61ms	Fetch image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVQWVz5zEkNTr-_hvNucxylNcagPkZAfjtoZmrq9ghxL8KBb6_9Z1BR0F9KlCZvHX_5JY9EqswkdGFQJ9JuS33A7ynxjx30HMnpgXpc2_cHJyozRCZXl-C3HfNdsA8_BNtJMxJtl8XBygt&sai=AMfl-YRgl8lrYi_6O6PhrnrTkHB14I9dml3jxvg2H_tQOGIT5L_FdtUrIUBJ1CEL5YpZZtY6ZEir3obp31gm4ln-CPwQNHiGG0OMzBJLbkZt_26cV4H3jxm6GCyyScTgnf8uej-ipOnJc05b4HGVdSDckJgAVLJgkk4d3FjB&sig=Cg0ArKJSzJX0QH28JHdhEAE&cid=CAQSTwDICaaN-dvCzuAweomRUEfOjvleqbnGtLMuQ7F11L_YxTD94H2XLgqkVIlpBNKIfruPkqLCEu9JBFMAWFkj67HUCDDT2lu11ks0P5spA4QYAQ&id=lidar2&mcvt=1014&p=0,0,280,960&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1188771638&rs=2&la=1&cr=0&vs=4&r=v&rst=1702087884966&rpt=702&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 3201	0 19 B	70ms 69ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CDDc6zMxzZYTEPNvUgAfbgojwCsme0rFczfHi3YgBwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTQAU_QvS4pEUYMfpF1cApNY0ZjXqtJxPWPGwdnq73WxlyJOJ-n9agPeTnRxT2UDuDlyZC65DThCoFe85DdqhywH4hGeI3HCWR81d8NO2w_iS0MD8jjpnFXwHS33u8Qf8aDRnGtj00j3vyKic6Z7YrKvvcihVMnakzPzSWouBC6CzAUd0TEcWgERn-k3b0soX60vu_NcQLxOQYm5m49lH82QdcUjh0DyXqz28os-_HMfeEnwsCjz2YXCuhnoG8cZtw4LVQDWAj3zF5ILd6ujYJNTLqABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliRr4u-o4GDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MTQzOTk3OTUxOTkxNzk1GAA&sigh=ITDdAPlV_Xw&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNqNV0pxsXXTYP8Gy8mNmBGMt2C3n5uEvAk5Gj5JxToaa9XJNcfDeAO3UTUEzZSunYkyCvseF_xoJtqdr1fxqpXvmF4EhbOddESBgB&cbvp=2&vis=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	notify rtb.nl3.eu.criteo.com/google/auction/ Frame 3201	0 126 B	117ms 39ms	Image text/plain	2a02:2638:3::9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ko7EGMz6RMgB2ASdg2ICAgAAAJwqbdOfMook0-zKPhDNzHNlWxJpXN0KlCrrYAAAEgAACgpBUVVEQVFFUEFR&wp=ZXPMzAAPIgQK4CpbAAIBW_zwtaHGs_skTi1mSA&cbvp=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; server-processing-duration-in-ticks 181922 server Kestrel content-length 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 1821	0 19 B	68ms 68ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CEkx9zcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTVAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDR5MAtl99whYmmXKFq85VdWPOsooohU_jMQ6qaQgz8bdOADlrTVqIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MTQzOTk3OTUxOTkxNzk1GAA&sigh=zXsCUyiiWJ0&uach_m=%5BUACH%5D&cid=CAQSPADICaaNiz5LfpGRga8cz3PxklyO2WMoGaI4-Yt6zUYnIKoXCPzqNMbVlX3Fi1-eURsKw3ylAK1eePwmqxgB&cbvp=2&vis=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame 1821	0 103 B	99ms 33ms	Image image/gif	2600:1901:0:76b9:: GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://prod-rtb.ad4mat.net/winResponse?a=1k93kvxnr72fpw5p0dh947a3j1a30wfm3qzee4b1ejf04znxy4rszr5wzwkkd031n42s3vw22s4tjc9am866a5mdhmrg738apjrq7fjh6e061yjnm2485rr9bft930sqtsje18s00wq3215jer66g13hb6dtsxk336jsz6x1awg0z05z8h294weer3wafhs466ra61wwk3pjg52yw74ykhmne3h1knjnycv3k64r22jfnccvenz48a7trf2vh8bxph562nrhq201611kbcntaebvbpmcegktjtzebe8sw1fkegvbwjfqtm2kvj3x57vsj788krhv3mg4hnqjxk725515x1sm0k598pjzm6pddhk60cns5f3br9qb69gva4b9fe226vh0qcwprcg&b=ZXPMzQAMX1IK4GDDAAUzCC--VN1xElkfqLUzUA&cbvp=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8143997951991795&output=html&h=280&adk=2580870097&adf=2054639364&pi=t.aa~a.2408392280~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1702087885&rafmt=1&to=qs&pwprc=3297081025&format=340x280&url=http%3A%2F%2Fbiodoma.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702087885777&bpp=1&bdt=1623&idt=-M&shv=r20231206&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df7fce564a8882fb5%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaFXstDUK6-RcVVAuYIbs3Db2iJiQ&gpic=UID%3D00000d0fca16d554%3AT%3D1702087884%3ART%3D1702087884%3AS%3DALNI_MaJa5vZqhNiPkF47ll-5-41UN0Z1A&prev_fmts=0x0%2C960x280%2C580x280&nras=4&correlator=420253416730&frm=20&pv=1&ga_vid=1539072901.1702087885&ga_sid=1702087885&ga_hid=171867851&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=930&ady=1393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532523%2C31080064%2C95320870%2C95320885&oid=2&psts=AOrYGsledNQfGYIj74PmNOriVhEmfN6lcfvblDQs7hTQjmyrn8uxquYvLN_uzMK6lkKCLx0oYdGa7_nI0-thoncGwcfplQ&pvsid=809912790101252&tmod=1777520641&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-origin * date Sat, 09 Dec 2023 02:11:26 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame A4DF	0 11 B	24ms 24ms	Image text/plain	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?gMr15Q Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	414b001155bbc966c87ace200f7012d4.jpg s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame E198	17 KB 17 KB	23ms 23ms	Image image/jpeg	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/414b001155bbc966c87ace200f7012d4.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/5332fa4b1e5e04411f61e2c1e89fc168.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2ae3597356dc48ad3e6ac0caf62db30f88463ed85956f22b4d79c44dd029dfa6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:07:08 GMT x-content-type-options nosniff age 140658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17675 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 06 Dec 2024 11:07:08 GMT
GET H3	200	7fcd2860f09686722c9411640389131c.jpg s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame E198	17 KB 17 KB	25ms 25ms	Image image/jpeg	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/7fcd2860f09686722c9411640389131c.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/5332fa4b1e5e04411f61e2c1e89fc168.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3fb4c55c2e47c9c8525cdd9930f5a2bc6649dfce9e5d40d858611ae3aff7bfb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 16:56:56 GMT x-content-type-options nosniff age 33270 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17642 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 07 Dec 2024 16:56:56 GMT
GET H3	200	717b9d53dcdbd84dd98e07adee70c5fa.png s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame E198	4 KB 4 KB	30ms 30ms	Image image/png	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/717b9d53dcdbd84dd98e07adee70c5fa.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/5332fa4b1e5e04411f61e2c1e89fc168.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c7c81995d19d12ed0be85d408e7e1af646c375896744b3f281d3c2947abbe9d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:07:08 GMT x-content-type-options nosniff age 140658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4363 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 06 Dec 2024 11:07:08 GMT
GET H3	200	8c77320e1e15a43fac13e75064d019b3.svg s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame E198	7 KB 2 KB	32ms 32ms	Image image/svg+xml	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/8c77320e1e15a43fac13e75064d019b3.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/5332fa4b1e5e04411f61e2c1e89fc168.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8a81fd8c4b029d910f20ace641cac3fea7e0fdb338010aee6c892609fe1f6291 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 18:07:09 GMT content-encoding gzip x-content-type-options nosniff age 29057 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1987 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 07 Dec 2024 18:07:09 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	25 KB 25 KB	164ms 86ms	Image image/png	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?h=276&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=396&rid=4&s=85uwGOnOTLaX9OEBd-NNWFvK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 5b45b15ad23f0a8229998fd0fcd1b36835c99cc71367e32dadb50458bf3bf648 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/png cache-control public, max-age=31104000 timing-allow-origin * content-length 25342 expires Sun, 03 Nov 2024 06:07:50 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	22 KB 22 KB	118ms 40ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=800&rid=4&s=roh5iC6wcuNgIZlqL0AhDz-j&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 22540 expires Thu, 04 Jan 2024 04:28:09 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	20 KB 21 KB	190ms 112ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=QvWAiJw45SA2Nxl5GvGoazQu&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 20960 expires Wed, 03 Jan 2024 13:03:07 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	8 KB 9 KB	149ms 71ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F10289_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=8FTw8xYojgkpP_qJ47L5XP6V&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 8586 expires Wed, 03 Jan 2024 12:47:19 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	21 KB 21 KB	217ms 139ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F7531_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=qjhbkznTlPBNKJNj116xXNvu&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 504a4e1f88b4e0516fe561352b7a5583edd6537e59e03fa2664b62561735aafb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 21778 expires Fri, 05 Jan 2024 13:18:16 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	15 KB 16 KB	217ms 139ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F9747_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=isLH-aZOaI_JYFgESiQHfOTG&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 09f7dc31b1a1d2f0dcf49f8e4b1779b5cfc564cfb2805d51ff1f2f2ed2a5b3d3 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 15804 expires Thu, 04 Jan 2024 00:00:42 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	16 KB 16 KB	81ms 81ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F2901_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=WNs1WYv3JAmOIC0njCZqqz_G&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash f4ef623852d80503a8bfb2cbe0418bfc68f8b8364882065ea3ea3a8ce3b70667 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 16242 expires Wed, 03 Jan 2024 13:51:31 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	5 KB 5 KB	99ms 98ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F8%2F7538_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=SPmLzqcSovRLTINU0BLog-sa&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 2353cf45fea830c6ce9f62852c66c4e5ad0f552129dad355e8669d0c808ef2f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 4850 expires Thu, 04 Jan 2024 04:33:14 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	15 KB 15 KB	87ms 86ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F11464_102.jpg%3F1637921167_2&v=3&w=800&rid=4&s=4yKrM2PvRShla8N1XnTYldyc&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash b085e3451c5c297d21e6911304fbfc045ec67a38adb9fbf05140c2065d4e8a06 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 15440 expires Thu, 04 Jan 2024 08:33:31 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	16 KB 16 KB	94ms 94ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F2%2F7592_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=frQVsAVTfAJI1Muy2wKtMun1&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 43716c457b41ff7af790641d846ee62abf12521f2267a58e7b3f3058f9d43315 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 16636 expires Thu, 04 Jan 2024 06:21:02 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	13 KB 13 KB	104ms 104ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11243_102.jpg%3F1636726245_2&v=3&w=800&rid=4&s=qWj9cjV26ahAFgWh3PQ3QKcO&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 3565060f9054a1a362beab15801eea6e0a238756fb474bef8a544cfe7d553d62 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 13572 expires Wed, 03 Jan 2024 14:28:54 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	15 KB 16 KB	106ms 105ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F2%2F7532_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=w1Y61lX6coKD2DxA1vTdxhIC&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash d61b518d32464e73bfd9e462ab523b83257de10cf0567b4d8a35ea7ade4a677d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:25 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 15822 expires Sun, 07 Jan 2024 20:07:32 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	16 KB 16 KB	116ms 115ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F8%2F9748_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=uXhKoc2yUSXKqgOSR6Lp41A5&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash cf39a7e21bc9bd19e1e6d8d46994579a8614abe1635a5038736196bb80d722da Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 16406 expires Thu, 04 Jan 2024 06:50:59 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	20 KB 20 KB	99ms 99ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F2%2F2902_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=brhKD9B-kYbeo4_yA6Xo9Uh9&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4c01c4376481c8a18aff778a28c8c04b52dad61ba80b3103fd4b2b0ab6d57803 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 19970 expires Thu, 04 Jan 2024 06:51:20 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	11 KB 11 KB	109ms 108ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7539_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=uRaFjwEQlPtX7DhxP6qnQ8TV&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 9b1029bf60fd1c717558403c5df6496670546af5042243e684a15295d22f1a8e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 11066 expires Thu, 04 Jan 2024 15:32:05 GMT
GET H3	200	280abad2166c3c9ac823f4b00138e2ac.svg s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame 19BD	2 KB 1 KB	23ms 22ms	Image image/svg+xml	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/280abad2166c3c9ac823f4b00138e2ac.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 185136a8c8654de1895e4f89d096b72af62bc226271c1b2b6943d297a0875365 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:07:08 GMT content-encoding gzip x-content-type-options nosniff age 140658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1051 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 06 Dec 2024 11:07:08 GMT
GET H3	200	280abad2166c3c9ac823f4b00138e2ac.svg s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame CCB3	2 KB 1 KB	22ms 22ms	Image image/svg+xml	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/280abad2166c3c9ac823f4b00138e2ac.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 185136a8c8654de1895e4f89d096b72af62bc226271c1b2b6943d297a0875365 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:07:08 GMT content-encoding gzip x-content-type-options nosniff age 140658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1051 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 06 Dec 2024 11:07:08 GMT
GET H3	200	280abad2166c3c9ac823f4b00138e2ac.svg s0.2mdn.net/sadbundle/11984882093727697085/media/ Frame E198	2 KB 1 KB	23ms 22ms	Image image/svg+xml	2a00:1450:4001:82a::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11984882093727697085/media/280abad2166c3c9ac823f4b00138e2ac.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 185136a8c8654de1895e4f89d096b72af62bc226271c1b2b6943d297a0875365 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11984882093727697085/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:07:08 GMT content-encoding gzip x-content-type-options nosniff age 140658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1051 x-xss-protection 0 last-modified Wed, 06 Dec 2023 15:53:01 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 06 Dec 2024 11:07:08 GMT
GET H2	200	view ad.doubleclick.net/pcs/ Frame 06EF	0 0	61ms 61ms	Fetch image/gif	142.250.185.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjssUgRz9_Lp2i_CY4SITFPxZOUNy94DkSvwhzSt_E65dqX3ZGwLncXCB8dSHHd1o8U5ppOegIA1xKp8oWv9rbu017eteGThnDpWKXhJ1AvGURcRLM09cRlaHiLumKqC6CwS60TvdEEEfhEnm9e_O1s9eE1JZV1_0jvr9fq_H2FHjjLz3tuznY4d4Zf-2AScaFeMN5A_jf9yqlVZH0zSoGZ9cBlV8TpHHFw8hNChRzbQPfuXNHi8lU3DxO0XBVVdWLC4piF8HG2UCUZ7P91lpqpwkptrMCWik_E8C_Zc2mPScger22rzBovUaJw3rLf8qEIEBr46JaFVi8N1gWXv0nik7-NDaDDHRU_3hJZnzwWZ8grRHgUD7B_Ase6ow5FynqFZBgRkgL9AzscuN_L5dblOZOjICTDgfLeonrf-ajv26GrCLOfy_FKahIN-S1MUwjGpopoU-_QAmbd-AunYw0k9-zU_D5Z395BSx_fR-pQQs5xlglVPaqbUiApQmOj3mt2Pes0IVyZa9hj7spkY4TnyvaoL69rpkdUOq72ZlmrgzW33_L393G35senY3cg5G2TRPQ7AfvDQEa8X1L0ee4I-E1G5uU_j12bbIy_lXNQPFrMlwmI-wbT399-UfMaYxzuJJ_ZE29CSTMoS0xJ56fc-HoGrRKHcrMkRIWp9W8tMPeLL_gR_YRPs4cxsnOceCad0jHNL87Hmnq9qkP1X6bIpt1IfU2_ILV_RzoBfE6WCgxIpundr35Q7Qd358O4DJe8SOM22rgj5gdv097sQZHRdYsULDFSApb0qrE3IfeEG1JYpOn1PRdWFFkgze0cRX64JWMtDwxIdmHBLk9bGIcEGnkIvaJAmcC3EInFn09_GHM6zSXZj5LWpSG7CG5VNd4TKJuE837d-yCYAiD-15-mtrSttX4QPS2HOJQP1s3vvXbenKQSweogqxNeelhjmjiNZ9_-35m83_-Z-A9zPP5S9pxk1Qn1Ls5BF0ZABakYo84Wv2uCvQqPL3mpbqThZ5HV5mIt6BMfF2qoufou_80swbIqsuCLukhrgxJmS2K-O0Zlo_6aDi-RNqUx4hnUHY0DBiCX2DH93TPj9U--1gX74ikAPTaa2BWvzl0T5zqpE8qQNLZMuX8a76bhhlMTtIZDeHlD8R1OVzRTBkhS4pXv0g0YZaC03cavwAXe4XcSF9ozxPxrEYc98gnSFwK5sE3gmOrZMoX2AxMkmh4bQApa0xSQkho0oyju_cToUJgFmVeHcrBbn_i4tkST73LMzjEyJbCTfe5jfANLXVmYUio6uuzCoiqp1sN31E9iphQC5upLgr6RUHJr8bTfLLH-Fo1rprLxKlmkav_xWIuh7Foevgba7EiQBQ9p24LuGyaqnkKAMMdRdgKmwuvR1O_Dz-I7M_zfYW9Uq_SWI873DcL5Dxiw&sai=AMfl-YRpBBIF_aZGsx7G63uMP_h43RYVDwJPfDdifaeGO03Wkximq7i70XimceMePgqZOAs8QwhLc7g-tqbpd-XCJFBibVwG0buNDlBjq8Wn67lRBQYq5mMM6dyhBso6iDYjolIuEwFo76U6-JSu-5RY4-obsn-DMiwV4oBCSubVrJ_AJDRV3gpZDrvWwMxPl5QInWQ9yyS4KmTWgNVUxhLiaRyM0e-naZ9IQf4rw4CedPzaxQSoBygX0I5MsKFObJLRfQIGHz2yATbutkgef9SlQJsipVGIO8De26nfv5I0GIkFQTJTm7aWxxUryLbqczckNt4CmiPFs4roC3IxKNyGfMc8r6OwfG5X6pQOvWamTTjoTHEG3d2FhfHsdxgKmEFXLSQfDaFG-cizDNpSgGE4Dr7ryLOLun6ntJG0z1Gx2SoK&sig=Cg0ArKJSzAkwdEhIJNhCEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9uaW5qYWtpdGNoZW4uZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=583&vt=11&dtpt=377&dett=3&cstd=205&cisv=r20231206.52736&arae=0&ftch=1&adurl= Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	view ad.doubleclick.net/pcs/ Frame 7DFE	0 0	62ms 62ms	Fetch image/gif	142.250.185.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjsuZ7U_lb5F2Rp6tXdtid3erZ4T5R1WL53nE1k2pN1oodEcS2bsLh66xNT-p7rEpd64Hw4hGf5evNwsj6_ADukHi06fByywDmCddWGfxLvjNjlMIY-ET_mIZ5kbE7OgjR3FTHG_an7MvQOeDK5OF__Ik9exA2-gSNVXUlSSiaeK5KLQhNqM8SJKM9bWvAmpn3Alcc4JcKdo0fYdLAq5ZcNjzaUTkJGBugxYV4Sd3_5spIpJsHtEsPeT3ClakCFbbAf9vhWz7FDVWptT3Qa-WcEei0sTQ0GdeG44aYSuQqfOHnu_E0xmscAk78JnmVFDMNtlrxys2mNrRG_Pe9n1EcoF-VRNlP9BkZSB9pM_ZY_YMBzbPRqi_hlFkenl3nKOB5wfnAseQU7GPq6Kwp91RVysK4qGy0nvEpD_7UkGTMzi4FxLf9tJwoQ67V-Cpx5cvCEhvm-bQjrxw8hGPaUIb90rgJEQ9nq9ipBMPMI05CcLGo8Dz_541NifJF6QMQaITn_m5DHnLgq0BLHhibdDg6W8_bYW-cW1Vit7y1NiCGPiqd-BQL-Mx3o9Ue2Zj2lCMchu4--EI9puoGIQOk2QmIfBK_eQ7XgiXOK84sKOrFR5tgfcUPGT84C9LNQqyi3IiGPqJOTiK5m4Zkny6g-hRM-oRZLc6vNsW0boo-qJJNmZN5fU0oXKpyU6VIO1GDHNJvI71gIeqKg8HmtslJlR9MjOGT2BmBdw-pD2FIBVqrLtg9ukdcFO-SlF96gggkvOuiDyf4SW0IMxWQMv8yzFyYUfaRqBInqQrWWu6ZoY--4tWcwoObDWGC08pESU_kyLsyivqMbjAqooCPKP2hbnlIWK-Egkcmp_P9GagZOtscsUYg1A3-yJTo5mAYcOaYjMHPFIXIb64_wBO0ykX4toaJRNyMjbUSKkv4-ZJ7kFC8_YtM9tYSCs3_DYAqzrCqI8unF46MT8l_gfvHIVTv_TXPzhH0sVP4XZpiOgOzRKEihbbXz124ds86zwrLtPYY7k4QS_RAop9uhZcEt0edCJi0UK8skBNEc58syAgdb8S0ncCLkYOk3nyocmtdZ-U_cZc6-xHPxW7wmwJCxWn33SFJapQlmC1218ydlxqeCiEbLvEmHhgtdLmDJZl3cTn3miSepA1fTdsJuhDMmtl8rSvEvvmwF3rbhvsJDe58ZQOmG8wV2tMAyxSpHSCceVpstKPRtTQr3tcbl7Fq7YXhjmbPyEimbqoTqo2gYQSXq_rf0R-leXkqqNPDn0a47hqrA5sDJv73V1RpnYxmj0KR5qEDywSbCaeWs5kGW4TaavsYjVNH8Sk5xtk4_pHWbDtX3acYTLkrypFoKURxwFtqEsR34eZSXvZC3yTldZZN0Iv39_fs7Za9akUo5J4AhWgKnV5_EaYnshpvLxseqdTUnNITDTK&sai=AMfl-YS4ETnDDFK_QBrDvIpuWl9a0IarT80fQyX_SC048xG_cCf_b5_FlW6ZiDgSpxl9YdJBXwK9xE87mEbtlyOGG1f0NuHPFvr4C9cCIbLe5A3kssKS7pbCHSzfpfxH6XYFdSZ1l2WCz1NtM-xrGO2VTUVImOq_P1uwBBI-2V-9eIVEaZZhQbGn5VerrOXI5K1lKWiQzCq7A0dqjXCpI6bQ9-ZjOqQ5Z7yzcYNAAQMzKrsMNSaDEgH261CDYFI43qeBngtNOb2qqibHsLlNTkumWWHK0ZNAWEEoUV_6IeslRq7d1_WbhJzTZUINdgw7VFQPZM2uX-7rP0pW6An35IgNMXrq7HGbGhX2mDL8edEsUD216kx_9eev6P3ZNdjBMx8kOJqPeihK3_FCSzaisy8QbwkEU_bzEicEfJD8iIO-Cpu8&sig=Cg0ArKJSzCpA42OyKCITEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9uaW5qYWtpdGNoZW4uZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=527&vt=11&dtpt=355&dett=3&cstd=171&cisv=r20231206.94792&arae=0&ftch=1&adurl= Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	view ad.doubleclick.net/pcs/ Frame 57B0	0 0	60ms 59ms	Fetch image/gif	142.250.185.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjsvXadw6LBt0FJ-nsQ5MfD2yzwdlyKjr1m7Szjlt8ewcPzbkq1aGZz2YoBYIldI7pA51QU-2kmAg_hnXy4Lbx3Db_CJorVDD8EqXmpFENpn8qESKMc3jjoqQXd_MsbGq5u6qEl12jtyGpgDN_V5fiTPZeJO_t34lbUO9JxsNY9sqj72-oPaqiwykyGRnCHzcZSOiRs2xc-RGzYqx9_Po9v1QElYIKtowIY3Ov--I1mEA7sgNoGww0fjGeT0qKWDjK6y5508oHxZ5oIW9N5xA4qKRls3vywqYyIyXfG2X56NGkNmCzymG1iHUaufYW037qnPbJUBI69fqBVLQmIbSqzTyWekivjdhZSIlvKK1kSaGoOh5PuAmgfrzDptIK6OaWmWDtPNrbyNSg6RUPkr2A0e6rrQxcqDmw_hfInwOctjw5iqgrnSMhrv2T7hYbuuDGF8JWAh7qiHHpiQXfnp3WSUO_opNZHP8X8CLQNKjct_eT2pB5DLUylUYeP3vjPGnNcDiBSJZ5FmjoWJ6eIXKcbpJ-sVv8XE8mN_a7LGmai-PNuqLPLY0o6TWY139QUWRuSO-4kIU312tvN-nVXOltpcLASx00VgUQxdiMPkMTDOFxb9KfX6lYq3ojiyv2t9K1z62h6Rq5LTDjh6jTLL_ELy4Wic5A7pfSWHZBTDbWmjh6dsT6Dx_-HnUq3fNbAY8ZXdFThSilcaqJEqXKC96Bn6XPy6DK6KGO3VbKDHQlJC_QVXQ_z-IWnpna2nU-pFftK7JpJlU7jRb3k2ECeFVeJNFC3pMtgjGZzXxt85awU9DU3AnRc6euOr2v3gyooKG2Z5OD59AX5QZuFfSajej5mC_AitTjmCtz0PSuK6oowDn-Fx2Pe_qqwBJFclAUK8IY7LpkSmWiPowFT4hcBNTvaZANwwq_m0g3K4QLQni8-ghy_LKMUqKIRZtpFuMqFIdHvonQq6nQa9RhOzIhyEEznmOGgT4muJwXr5iYPyrvSx8aibAPgRIKa3io98lDvoYIfFPxvBlMVZYKB9-xuOHMjHFT9X8P9ispf7tHDf0vpAKBXkAF2tIhqzCnSDTdKOX8_Kj04gkmC9VxxJLillgCOB4BFs7jThUD1TIcmcord_4akJxWvBfZLQbvE352ItVg05cRz-OolEEkgKyxeM8RujS36Fe7hMUsceRwu4DrVb5eSZGqycS6fcWgFRllSWV5XXahu3HApGkyHlaEekJrSKdluw2kgSWCjBVWAe6aRPQ7p3tKEv45xsgqEZS0Z_f6u7TI2D476ZJCW-NmLN5S6f09CGYUktZ256_t9ufxhUviLnC9t3HPjh_D9-jehuYC4bDMJfT1aFGzu4Dky8AYoL8INr3ePQQ4_7hvQYt9pr4_Mo-q4UPnmivpIc8oHHnpx3kqWhXVT9iQnbNMklIwn-y&sai=AMfl-YQvJ121q0eHa8E0M9PaYg9woO_3ld10UOqokcaWtYG3xXOIzggVNd_6iZ9n-z_UN2pjGKDHOA1KnTgWdWTlB1WGpyRprZC31BdzsQWEM3wraPV_Lsb9hQKTErosRJhjzXOd3sQhNEfc5Nnd59N0nBBj-a1KXWugW4ttWMiT5aW-dzVwUBTMZcXu5fKfEHGFmIJh62qU3RiPDhyp-bcD2E3WD5weC5HVPsy9-iTNOm4lbNrAQkeyh9-aaLwcZeaiEDWH8VEmRXwDvGGVZkHOfa3gQtUCPt3zsBYovpRdmtRR879E17xo4wYKtUQJRSjONaOQJzbFjBeP3HrOn7zFuN13m8vdgm9nK5M4humdaJhSpoO_huoZ7jSelgOs7CjDGyzsbLPLSrszxDSgAxaAGFzRPCMXdEATktd15NiPJHGc&sig=Cg0ArKJSzIgYMVgOgNaVEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9uaW5qYWtpdGNoZW4uZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=530&vt=11&dtpt=341&dett=3&cstd=188&cisv=r20231206.64927&arae=0&ftch=1&adurl= Requested by Host: biodoma.ru URL: http://biodoma.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
OPTIONS H3	200	rs ad4m.at/ Frame	0 0	68ms 42ms	Preflight text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-origin https://as.ad4m.at access-control-max-age 1800 allow HEAD,POST,GET,OPTIONS alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8329b7acfa859be0-FRA content-length 24 content-type text/plain date Sat, 09 Dec 2023 02:11:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGvDC1wmoxripy6gd%2BWXXOCp4NFEKXPa0agY9D%2Fqsi6ZbrQv90YqrC4zlba9OR4ifoUcuvQjjQ20fUzHfN1B%2F6JyO7dKuC%2Bo9PkweAE8NU1lzmsB0KHL14Xw3ylH5cxx9c6ZGBw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google x-backend-server aa-reachservice-group-europe-west1-ksss
POST H3	200	rs Show response ad4m.at/ Frame DA11	2 KB 2 KB	44ms 44ms	XHR text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95530203bc9e38207ad50e599fd9940e39d9417de92591e7f4202400deee8c0d Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type application/json Response headers date Sat, 09 Dec 2023 02:11:26 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ow53%2F6QE%2BqZRsvsYMAadF5b24Su5W1C%2BdsTDqOeX%2BTdU6n%2Fe3rFNGkIbBJRqX03Zj1860rFXdQj8Wd%2FUUJuEuCsR3vhecLQQiX6%2FUCncQcYbvyhIpZxR5NDxwql3P9w1OuxLMo8%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true cf-ray 8329b7ad3a9f9be0-FRA x-backend-server aa-reachservice-group-europe-west1-ksss alt-svc h3=":443"; ma=86400
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B148	0 20 B	59ms 58ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BmBMgzcxzZdTFMdmR1PIPobqc8AQAAAAAOAHgBAI&bg=!3t2l3ZLNAAY3kmNgF5I7ADQBe5WfOPSug8Lkrz_1KsSc5611Wa7KTJalk2cQfJLKobDfgLgawv9Xu44J_ylrOwRLgN4XAgAAAKxSAAAAAWgBB5kDIgI2U9NHiFGfiAsfH_pyByPldTB5w3XaApdZ-skHypeOjYIg6HeGzxSH2Sma0K6ed0F5prchuZzTuNeNE2fMbQEGJnl1gHUzKxyMaoWieCx7Ys2RvAQ6or6LgpQsLdbuprgM6ikqYvxYA2ZEIf7Uqz36vA63BPVl2Eyol1-aWJdVwdP2pZdp8LOZLJRN36pQaEzsuur5a_J3ke-3Lf8sJYNSCcqFB82csdKXzjP0nTne-yv6BHrOGwqJMWi3mkjVKBkc8r8Qz9TKHQaFJlswUL5uTgsD8-kBuP-ps6RWRDZxi2bLARqR3xPCD5SHrgKMiPFpjRQwxauSMCCaj8x5yozAqC9uJOLlJEj-0gWzgcJO2kdgcRVSCse-6-Y5YNFPxNEdQQBPE5p2e1QDzbxnIbUe2z-LnStB40TotMhrTLn74NTaocxEi0F8qAZ5Km665peOjubn8eQbl_MXqCJfQXcDzlfK4oQxP26q8YFLmFYh79O1O-yHaiUp0t2TZ6W8oe2T61MuKqeJutEpR5eVD1MwMQEsUyk54iyZUzjBOZ9xqvRihqJziYNQp1GwlcqfYEXokyL7yHRQQXE81k2sC9scC9shZLmDPCKFekvOEZCXtj4ifNnJ1ff0A5BdqdmtMPGjgWfZg2l9e9SWcTcQrCiRUer08cDeK0vrwxeGDiVmHE0AT7GyvL-B1umEdjFfVAVRywrSuu3KG5GVMOLkd97-8bpEWovZ6yN7sTa_8iB6rFxzj-gxyW4KJDCXhvqPGE-_kFdkQ20SZVaMmz079s5wj28ncnH6SGgoEpcqigX0H5E0RzZgIuzTjDPL65XMB-qkAIqi8f-XVTgwIaBH9WLvLGm0oySlXtVgFkuaBbMuJCG-li25TLzd0JYjT99gE-dZKbdsYd3IXIxuQ23XuqlOb5rUCTkXQeLTvXqrB_aZCc6Iw19cP22DT5xOeDWyLRUoaQRo2s3wWNbBgoXEFvYlbh8ioRYF0HizHjTeuP4lv4XAz7UmwumEDLBjgOj_lRPKAWEIxUY5JH9kN52aCcryLI4f90QD0tl2nqpAshpCLOQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame A082	0 20 B	58ms 58ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BSngfzcxzZdbDMc-9x_APiKO-yAIAAAAAOAHgBAI&bg=!nZ6lntHNAAY3kmNgF5I7ADQBe5WfOHk-uNLnOyuwml2lVF-zhFL0vunKoN6rg1WjMW5ky8XoWd4TeuENw4wgij0Wsw5NAgAAAJdSAAAAAmgBB5kDASPd3vf-LJcPyhT8jFVEeMpwvGEcw76tzYOjLqARso-Azp6i0MGOXQ6zSd1K9f4bJIeggceQd0ENR726hbojkSPvjgXyUOitEDhdRo9rVrOWifore9jPEowtcEn5H5zqXaG-vqdp4X-8wzZoOctReEik3G5kmC23ff06vQt9OP22QFhde8YoVxzYFAydlrOtdsoLMhRcqRG5itYbHCn3RdI6SoQnno_xK7Q3FWfAgmX1XWmv-qZlF25QfXEq3ntem1a5xabU7SlSydZObORORYWlIkpflLR8RqKPyBdTy-TXWj0nYCtvWXofOmnmDKAIlxgODspD6SQHukw5eBSNW2BRVZtNRhkKBS5f9r3OQYgo185VbMYuygKaKWKGowP73FbNooltswYIE-DFUeumdCJuSBNdBDMNkYk45dtpbFVtiGd1kbhI236_cf9bqu5KvbzAaV5MrWvvyrpb9awtItHCRHvQBorDIUZB3eLRVvCbs5-C-Lyv4Ma0n0GZglUI7oYoX2INhUncTx5tlj1_mbO5pps3gzz33R35nGlmGr9qeqZqbfykrAwS2nJoGFuvtCZ5Zh-X3zpT0nQi1ICi9AGgRjaFVYJIlgD7-c5aixI8UzDHN6S0YWoLl24FwZcKt0FmGDzif2X4JYwDtvx6--6AaFiXRyuKF0LjKyoW-LDXoQQAHfRme3qlB3WOP7IaJOh5GsA3pdiYDyyJJylWO4d5JOyNuY4vqFcj9-blLBDW53PA_ejy-eRppcPLZNZo4qKMqHR5yog0GaAQaLfegw--CzvuFlUTvjWQ49Ox8WdCB2HQN00RTxPI8X-MDpE-B9Jq2YjYz40PmZe9d5EggjaYcx2v8FUY5rm6wPqPHU0IIyH7HCqTfhpYhThetxFQcY_BbbN9GQCsgfUE71vnmVYUgSQH38UMJGhRX_HdaI-fvshFEFEXXRfr2BWT5SU0aRH5LJwMtbOnlHlJNMS3Uxxkem92A2KhlgPalgpiNAbjPl0DdjSZ5Zq8qkWFdtLdQmQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 95E5	0 20 B	59ms 58ms	Image image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5aD4zcxzZZu6MYXQgAfIiYugBQAAAAA4AeAEAg&bg=!Xl2lXRLNAAY3kmNgF5I7ADQBe5WfOGTwhP8oaqziJSIy3trb3PG43WzkNFMAnPNAzO0jqM3JTlOSMFhHO3QSYEnyKMwWAgAAAJBSAAAAAmgBB5kDMTyKrKGtxRA-gvWVgG1vvdXzAHYiRA_RAaAcMyapn1VBLnmQpCr5mutSs30pRrz-LoaAJ42DAwFht6O5zq2suRjJcc6aCC9L_JbkOlbdSW_t_Vhp8LiySiUDuQn8Omv0MTfmzTeaZ03rRzsIwl8Gfe2NLETb4YLTiMBl0LcWMt5z2N3CyLXvSORsIRD_u45hwzxcg707Xazlm1MZ2Yj0BNAiBzvpUtcRaQ-9tA7E9woz68yT0M8e72SBpAbKCDCcb9BnjhlUdUQeCn_eiDrj4mOkLKJ03K-3E4PvltbO-_yG8v18R2hcRTwWUPbjK85T7qTLWytuPBvk2DQnIOhWeq0cHgeBzxZ3-2o1nevK98TOUdKMTVeduRmfTgLgj0vEF76XOUfMqZHWEhjqGgm_l6BcsOOtO6b0XTJ6yoB3vbi9Am6up3Cipj9PxCNibI4a-KaiRlCntBMHlKja3r-GEKK8bk0QNDigQWovmtQelfiIPAuLKDXqp3qV1b-5ZE3UOfMld3ZpiEMKWez9E7iOeBq9X1W6z--PQdyjP1ljl1kKs_4-Po6CTL2VYqSourAHt5_LgclPnQEKa3p6gzf6bEooU1HLq61ZOdnv3gE_7y7tkG2scikGX7OZ1_xb9hUIA2XcMZyt8GNkvYvBZZTpqZIENzr3TZhJ-YWikrfYN4qkNqPnAURgrRwozqmGdvrLUWuZVQtbaMhBE6keUz9RbK5cuJpP-c9IBp79mgQ2dBrpqUOoIamgl_8s0UGsoH8CqiH5bWnq1g2J4pDRSZI8K4T1kgrKLN95Coat7Kqt8XWUeIYHT4-iBvOJOkjtVhimHHBJu-wWWa72lEBDaY-_HhDWGecOREM6KCPm8flWIRB9w8n613Y1ohkhpx_stqnnquUMjcnHgZpeRxqghpvYoqMT0UO2IB64n1eVrKwCdqPe0uoV3z5WAQ4DZ4WLA388vfhMgqz7Un4h4HbpngKshMK7hTBJvbWIRid2C97IVYJXS2NAaMlLTPZfap5NQPxLGwQGoA_8VC7rb7AU5Gjfb7ta6uy5G391ZMmTLx73x_U57foB9h233_EaZ6xnY_WKJxw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	8 KB 9 KB	113ms 112ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F10289_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=8FTw8xYojgkpP_qJ47L5XP6V&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 8586 expires Wed, 03 Jan 2024 12:47:19 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	20 KB 21 KB	76ms 76ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7589_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=QvWAiJw45SA2Nxl5GvGoazQu&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 631ef40533993f8b4aad96351b89da51af46cb360957a7495ccf2616918f64ac Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 20960 expires Wed, 03 Jan 2024 13:03:07 GMT
GET H3	200	rar Show response as.ad4m.at/ad/ Frame BAE3	9 KB 4 KB	51ms 51ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=9adda78f37541fbfa2e478dda490d481%2F1205487708704759441&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702087886902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g16hdmm3nbzyxdt2e5pkcakp41x2993j6jezn3zxv2yqjp8pz5s97f9htk9sabrar65kb0mzmbh2e9fsv1kbd3vvmc38gn1v04bt3xg6ywznn3pncbzrm4y9qwx3rff8e0cwt076mddh739y4j8mr8akyrfx76z87h61gs4342jxxhghhjn2px3mfvafhfh15n8bm6nk5afk65wf92d0tehmft00dy5w48m05f5f3jze7cqm1panene3jbe9zxbshavgeysgsyt9gt878tsgyht%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%2526client%253Dca-pub-8143997951991795%2526adurl%253D&y=1&s=&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2071c69419a7167f9d2951e4b46ed04a173e10f8b0b577c9205479c1de7bed0f Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1gkpw0hmm0smbnatgph9ek4ha5dk79zx4yrprfxa5kp67x19ey3v5kah1frfj4d399dheh8dyr3t5gjm9sgc64xmq3jdjfsznfjr379we1c72gqmzx8reg27skvpax4zh4yp8n1n26cekxq6j3atsbzqrkd3xjrp4xg4bps0n1zsswt1a1rd2qwpqqgxhpc97pnd47rveqj62qmxvwwr7t2yqy58985bn44jyxcn17jbzbfmt52mt37sgzgmz713ht0zhdwcmvd4qhe6475vmb49rm1zwvj8rzaav83d1178qq633080eta5xny3s0bwekxgfprym566nsb6k05aw7ststr72b8vpxsw29sn0f003z5pby1306vf92jfbeamrqwsjqm20e057w5sa60ye5skjjwdde169bhq5qjx2gmx0246zr4r2xhnjec057k58wc0b10p84&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%26client%3Dca-pub-8143997951991795%26adurl%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 8329b7ad89415d9a-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Sat, 09 Dec 2023 02:11:26 GMT expires 0 nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} permissions-policy accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=() pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	22 KB 22 KB	69ms 69ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=800&rid=4&s=roh5iC6wcuNgIZlqL0AhDz-j&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 22540 expires Thu, 04 Jan 2024 04:28:09 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	25 KB 25 KB	73ms 73ms	Image image/png	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?h=276&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=396&rid=4&s=85uwGOnOTLaX9OEBd-NNWFvK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 5b45b15ad23f0a8229998fd0fcd1b36835c99cc71367e32dadb50458bf3bf648 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/png cache-control public, max-age=31104000 timing-allow-origin * content-length 25342 expires Sun, 03 Nov 2024 06:07:50 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	15 KB 16 KB	57ms 57ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F9747_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=isLH-aZOaI_JYFgESiQHfOTG&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 09f7dc31b1a1d2f0dcf49f8e4b1779b5cfc564cfb2805d51ff1f2f2ed2a5b3d3 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 15804 expires Thu, 04 Jan 2024 00:00:42 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	21 KB 21 KB	57ms 57ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F7531_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=qjhbkznTlPBNKJNj116xXNvu&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 504a4e1f88b4e0516fe561352b7a5583edd6537e59e03fa2664b62561735aafb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 21778 expires Fri, 05 Jan 2024 13:18:16 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	16 KB 16 KB	55ms 55ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F2901_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=WNs1WYv3JAmOIC0njCZqqz_G&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash f4ef623852d80503a8bfb2cbe0418bfc68f8b8364882065ea3ea3a8ce3b70667 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 16242 expires Wed, 03 Jan 2024 13:51:31 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 569A	5 KB 5 KB	40ms 40ms	Image image/webp	2a02:2638:3::10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F8%2F7538_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=SPmLzqcSovRLTINU0BLog-sa&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 2353cf45fea830c6ce9f62852c66c4e5ad0f552129dad355e8669d0c808ef2f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:26 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=2592000 timing-allow-origin * content-length 4850 expires Thu, 04 Jan 2024 04:33:14 GMT
GET H3	200	default.css as.ad4m.at/ad/style/0.1.50/one-ad/ Frame BAE3	115 KB 14 KB	36ms 36ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=9adda78f37541fbfa2e478dda490d481%2F1205487708704759441&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702087886902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g16hdmm3nbzyxdt2e5pkcakp41x2993j6jezn3zxv2yqjp8pz5s97f9htk9sabrar65kb0mzmbh2e9fsv1kbd3vvmc38gn1v04bt3xg6ywznn3pncbzrm4y9qwx3rff8e0cwt076mddh739y4j8mr8akyrfx76z87h61gs4342jxxhghhjn2px3mfvafhfh15n8bm6nk5afk65wf92d0tehmft00dy5w48m05f5f3jze7cqm1panene3jbe9zxbshavgeysgsyt9gt878tsgyht%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%2526client%253Dca-pub-8143997951991795%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=9adda78f37541fbfa2e478dda490d481%2F1205487708704759441&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702087886902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g16hdmm3nbzyxdt2e5pkcakp41x2993j6jezn3zxv2yqjp8pz5s97f9htk9sabrar65kb0mzmbh2e9fsv1kbd3vvmc38gn1v04bt3xg6ywznn3pncbzrm4y9qwx3rff8e0cwt076mddh739y4j8mr8akyrfx76z87h61gs4342jxxhghhjn2px3mfvafhfh15n8bm6nk5afk65wf92d0tehmft00dy5w48m05f5f3jze7cqm1panene3jbe9zxbshavgeysgsyt9gt878tsgyht%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%2526client%253Dca-pub-8143997951991795%2526adurl%253D&y=1&s=&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:27 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 852488 cf-polished origSize=118430 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Thu, 02 Nov 2023 10:26:17 GMT server cloudflare etag W/"486507ccce9ac587d11c0ef3f32a109a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uikn0IOTuMm1CCQ6QcvgbO2CrZsrOjHBhjMTrvRDTfeZnsTIoGG7gchr3eOvtR11tbrAh74P1SkO45lqdFzo3QO8VrWOMe5GQATZIaadzSqLypBSrlvHy7nrw%2BPTVPxSKbC%2FopvErnU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=86400 cf-ray 8329b7add9685d9a-FRA expires Sun, 10 Dec 2023 02:11:27 GMT
GET H2	200	E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E assets.ad4m.at/logo/ Frame BAE3	9 KB 9 KB	68ms 51ms	Image image/jpeg	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=9adda78f37541fbfa2e478dda490d481%2F1205487708704759441&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702087886902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g16hdmm3nbzyxdt2e5pkcakp41x2993j6jezn3zxv2yqjp8pz5s97f9htk9sabrar65kb0mzmbh2e9fsv1kbd3vvmc38gn1v04bt3xg6ywznn3pncbzrm4y9qwx3rff8e0cwt076mddh739y4j8mr8akyrfx76z87h61gs4342jxxhghhjn2px3mfvafhfh15n8bm6nk5afk65wf92d0tehmft00dy5w48m05f5f3jze7cqm1panene3jbe9zxbshavgeysgsyt9gt878tsgyht%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%2526client%253Dca-pub-8143997951991795%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:27 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 944459 cf-polished status=not_needed alt-svc h3=":443"; ma=86400 content-length 8772 cf-bgj imgq:85,h2pri last-modified Thu, 09 Nov 2023 08:13:38 GMT server cloudflare etag "15b1f39d668aa86c2ba2ba17d94cc733" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9%2ByZy8Jqafs79cqttMwRvLRrONmdTCjUHT0JidQlvSVh8wocA4adfKpKhiGuDeIARR5PlD8LNXGCH0TsFc7cgWoqzKpZBbI59g3%2BoB%2FEuf1TWyeMx6MEcbvvGaHok3iftuRFcCFTCwdbfH4"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 8329b7adfd4d3831-FRA
GET H2	200	279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B assets.ad4m.at/ Frame BAE3	22 KB 22 KB	50ms 33ms	Image image/jpeg	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=9adda78f37541fbfa2e478dda490d481%2F1205487708704759441&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702087886902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g16hdmm3nbzyxdt2e5pkcakp41x2993j6jezn3zxv2yqjp8pz5s97f9htk9sabrar65kb0mzmbh2e9fsv1kbd3vvmc38gn1v04bt3xg6ywznn3pncbzrm4y9qwx3rff8e0cwt076mddh739y4j8mr8akyrfx76z87h61gs4342jxxhghhjn2px3mfvafhfh15n8bm6nk5afk65wf92d0tehmft00dy5w48m05f5f3jze7cqm1panene3jbe9zxbshavgeysgsyt9gt878tsgyht%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%2526client%253Dca-pub-8143997951991795%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45941cddb32c44e5eff43b00a2f5ead40b9d0e6323ae161a40c426bc8c500f71 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:27 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 950166 cf-polished status=not_needed alt-svc h3=":443"; ma=86400 content-length 22596 cf-bgj imgq:85,h2pri last-modified Thu, 09 Nov 2023 08:08:47 GMT server cloudflare etag "80c578a48f16f48e135bcb3d2ea2c9e4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBOe4isZNW3bXVXekNo6evrjaPQo%2BXLBUkPjYfSPQ73uUX1GpCbDgOnF8S%2FgSgiIacSq8nhdas%2FzfjhKop9glRKtioyUycbvWka9aFU7MzUrPJwwlwr7kfaoCJwHQiZwF1weqKTXvu2dgFSC"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 8329b7adfd523831-FRA
GET H2	200	2aed39855b5f46b777481d90b61d111f pv.medialead.de/trck/epv/ Frame BAE3	0 327 B	99ms 30ms	Image application/javascript	91.121.248.44 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://pv.medialead.de/trck/epv/2aed39855b5f46b777481d90b61d111f?t=htlp&subid=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=9adda78f37541fbfa2e478dda490d481%2F1205487708704759441&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702087886902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g16hdmm3nbzyxdt2e5pkcakp41x2993j6jezn3zxv2yqjp8pz5s97f9htk9sabrar65kb0mzmbh2e9fsv1kbd3vvmc38gn1v04bt3xg6ywznn3pncbzrm4y9qwx3rff8e0cwt076mddh739y4j8mr8akyrfx76z87h61gs4342jxxhghhjn2px3mfvafhfh15n8bm6nk5afk65wf92d0tehmft00dy5w48m05f5f3jze7cqm1panene3jbe9zxbshavgeysgsyt9gt878tsgyht%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%2526client%253Dca-pub-8143997951991795%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.121.248.44 , France, ASN16276 (OVH, FR), Reverse DNS ip44.ip-91-121-248.eu Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:27 GMT attribution-reporting-register-source {"source_event_id":"17200573720105030","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}} server nginx host pv.medialead.de vary Origin content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-Request-ID access-control-allow-credentials true content-length 0 proxy-host pv.medialead.de
GET H2	200	90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826 assets.ad4m.at/logo/ Frame BAE3	4 KB 5 KB	47ms 30ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=9adda78f37541fbfa2e478dda490d481%2F1205487708704759441&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702087886902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g16hdmm3nbzyxdt2e5pkcakp41x2993j6jezn3zxv2yqjp8pz5s97f9htk9sabrar65kb0mzmbh2e9fsv1kbd3vvmc38gn1v04bt3xg6ywznn3pncbzrm4y9qwx3rff8e0cwt076mddh739y4j8mr8akyrfx76z87h61gs4342jxxhghhjn2px3mfvafhfh15n8bm6nk5afk65wf92d0tehmft00dy5w48m05f5f3jze7cqm1panene3jbe9zxbshavgeysgsyt9gt878tsgyht%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%2526client%253Dca-pub-8143997951991795%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:27 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 21069 cf-polished qual=85, origFmt=jpeg, origSize=7258 alt-svc h3=":443"; ma=86400 content-length 4294 cf-bgj imgq:85,h2pri last-modified Wed, 01 Nov 2023 09:56:16 GMT server cloudflare etag "679602b08629bcaaabfcfad4e68fe53a" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9kcd2JG7g01xOs7lBS7wQOGI568fQQyAjN%2FxUWRUjmJGvXKr5p2fbFVyi%2FcoEkjVcLLOwnK2lCJXijjv2Rlg0QlvXxCQrp3XwsdAv9CgC65PHFfr0z1OxhauYg4MG%2FyjTJreMr00smbCzij"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 8329b7adfd503831-FRA
GET H2	200	287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1 assets.ad4m.at/ Frame BAE3	15 KB 16 KB	49ms 33ms	Image image/jpeg	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=9adda78f37541fbfa2e478dda490d481%2F1205487708704759441&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702087886902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g16hdmm3nbzyxdt2e5pkcakp41x2993j6jezn3zxv2yqjp8pz5s97f9htk9sabrar65kb0mzmbh2e9fsv1kbd3vvmc38gn1v04bt3xg6ywznn3pncbzrm4y9qwx3rff8e0cwt076mddh739y4j8mr8akyrfx76z87h61gs4342jxxhghhjn2px3mfvafhfh15n8bm6nk5afk65wf92d0tehmft00dy5w48m05f5f3jze7cqm1panene3jbe9zxbshavgeysgsyt9gt878tsgyht%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%2526client%253Dca-pub-8143997951991795%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:27 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2491683 cf-polished status=not_needed alt-svc h3=":443"; ma=86400 content-length 15521 cf-bgj imgq:85,h2pri last-modified Thu, 09 Nov 2023 08:09:52 GMT server cloudflare etag "269bd58060bc660c3aec98b388bae571" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bv3rus6lBj0LtLb7xbq0%2Bd0JOJEcS2tCGHrPpVdlGRJnddHeuUkq495BSqjftKtgWie8xY5tzxFfHkEY%2FjohjRFIBtBpd9%2FuyD4VLwKjdpcFJs9nhdoKhCQbY4NVEamBDr11SDF4BAKukxqA"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 8329b7adfd513831-FRA
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame BAE3	43 B 702 B	203ms 98ms	Image image/gif	104.64.118.247 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=9adda78f37541fbfa2e478dda490d481%2F1205487708704759441&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702087886902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g16hdmm3nbzyxdt2e5pkcakp41x2993j6jezn3zxv2yqjp8pz5s97f9htk9sabrar65kb0mzmbh2e9fsv1kbd3vvmc38gn1v04bt3xg6ywznn3pncbzrm4y9qwx3rff8e0cwt076mddh739y4j8mr8akyrfx76z87h61gs4342jxxhghhjn2px3mfvafhfh15n8bm6nk5afk65wf92d0tehmft00dy5w48m05f5f3jze7cqm1panene3jbe9zxbshavgeysgsyt9gt878tsgyht%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%2526client%253Dca-pub-8143997951991795%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-64-118-247.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Pragma no-cache Date Sat, 09 Dec 2023 02:11:27 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET H2	200	A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266 assets.ad4m.at/logo/ Frame BAE3	2 KB 2 KB	47ms 31ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=9adda78f37541fbfa2e478dda490d481%2F1205487708704759441&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702087886902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g16hdmm3nbzyxdt2e5pkcakp41x2993j6jezn3zxv2yqjp8pz5s97f9htk9sabrar65kb0mzmbh2e9fsv1kbd3vvmc38gn1v04bt3xg6ywznn3pncbzrm4y9qwx3rff8e0cwt076mddh739y4j8mr8akyrfx76z87h61gs4342jxxhghhjn2px3mfvafhfh15n8bm6nk5afk65wf92d0tehmft00dy5w48m05f5f3jze7cqm1panene3jbe9zxbshavgeysgsyt9gt878tsgyht%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%2526client%253Dca-pub-8143997951991795%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:27 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 26580 cf-polished origFmt=png, origSize=2170 alt-svc h3=":443"; ma=86400 content-length 1662 cf-bgj imgq:85,h2pri last-modified Mon, 13 Nov 2023 08:38:25 GMT server cloudflare etag "4721aa7c2d5fa652c8092463f9a485bd" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rko7UYlsSYGvaXN6iln6Clew%2FCzlEGeu8PTp%2FT%2F%2BmiYQ%2BgY3Uh7XIA2WM0x5obe%2BNW3WwI15vWzaF3OfnX0Y7Wg5COwEOoPaEMemp5ss0zyCNF8Ll5C0DK5MpS2k%2Fu6mIK933nWVlceCER3U"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 8329b7adfd4f3831-FRA
GET H2	200	B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1 assets.ad4m.at/ Frame BAE3	23 KB 23 KB	48ms 32ms	Image image/jpeg	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=9adda78f37541fbfa2e478dda490d481%2F1205487708704759441&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702087886902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g16hdmm3nbzyxdt2e5pkcakp41x2993j6jezn3zxv2yqjp8pz5s97f9htk9sabrar65kb0mzmbh2e9fsv1kbd3vvmc38gn1v04bt3xg6ywznn3pncbzrm4y9qwx3rff8e0cwt076mddh739y4j8mr8akyrfx76z87h61gs4342jxxhghhjn2px3mfvafhfh15n8bm6nk5afk65wf92d0tehmft00dy5w48m05f5f3jze7cqm1panene3jbe9zxbshavgeysgsyt9gt878tsgyht%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%2526client%253Dca-pub-8143997951991795%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Sat, 09 Dec 2023 02:11:27 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2144942 cf-polished status=not_needed alt-svc h3=":443"; ma=86400 content-length 23392 cf-bgj imgq:85,h2pri last-modified Thu, 09 Nov 2023 08:08:23 GMT server cloudflare etag "faa9f958d13ef03f911b71f117846705" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8YLmHl7Dh4kJVfc7iXjodpW5E6giuCPuqFNdKpYQV4GvNLGJeLFGNcRGe%2B0bHJ43yHkDr3DD%2FBi2gT9xfZAUOWgBzIeHzJiNfjoHkp43fFqlE3VBhYR2yYWbvUCeko4sXia9qpFgzvKsyq%2F"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 8329b7adfd533831-FRA
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame BAE3	43 B 702 B	197ms 92ms	Image image/gif	104.64.118.247 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=9adda78f37541fbfa2e478dda490d481%2F1205487708704759441&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702087886902&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g16hdmm3nbzyxdt2e5pkcakp41x2993j6jezn3zxv2yqjp8pz5s97f9htk9sabrar65kb0mzmbh2e9fsv1kbd3vvmc38gn1v04bt3xg6ywznn3pncbzrm4y9qwx3rff8e0cwt076mddh739y4j8mr8akyrfx76z87h61gs4342jxxhghhjn2px3mfvafhfh15n8bm6nk5afk65wf92d0tehmft00dy5w48m05f5f3jze7cqm1panene3jbe9zxbshavgeysgsyt9gt878tsgyht%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC8PbwzcxzZdK-McPBgQeI5pSYA5DhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTYAU_QQ9FAEMMyYcUb0t8caGPtLmAov6sOBRVFpiK_qbMMy01tSU7uWz9nh6iu0UMhH1fA6iGcWCZUXMoeBWLIJ5wN9-Mec-H7rgs4760OYBKA0gXqiQ1u8khUqpEVWuVghuMiV7zYQIDsbKawEDQCfN1VVfd9_8nOVSgvmAgNdytMYFu2aC1VGf9E8MP6uax9KhmJ2fnayPglyXcJJ-XpM0XnVkIcx08I0aF2za9oEDQ7Mir3ICWmIqEQYMxmrMWkBf8iD4J65u6QKO8Ce6sFWPjWSiuVYDtUWIAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljTvb2-o4GDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2KzEw46rYg0PAT0mp1E4VCn8_cyQ%2526client%253Dca-pub-8143997951991795%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-64-118-247.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Pragma no-cache Date Sat, 09 Dec 2023 02:11:27 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	59ms 59ms	Image text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=809912790101252&bg=!nJ-ln9DNAAY3kmNgF5I7ADQBe5WfODOVJ0Qygv9K4Xc0OfRJvUrMRRC16FCg3RnlCCvAnwvV4_hWy-VkjqjRMVwR7NmhAgAAAMhSAAAAAmgBB5kC6Vttf-uIhm9jIS2pENrdHo5iCtfGwipBFrwNTESWj5xf64q1qcA8p_ZT2D3vw6R0wfz0FKlinV5PhKiSZCsrGSm4Og8jo5y0QGlYyfageBkbMdvXLqUIGn594HDs-GCHfVt_WB0XHpCXZXlSsWulpvaxK455h46Ln-RkrVsQ7wS38642juuuybJ058ypzobbUMBeJH4bWa8sh2R0FYhE0lGKeHZu19chgv5ZFPYFB6Q4n-y66IRRG9IsKAa_WcXiA_H8qpzQbx8U_KkPSiHRZgdk8DqOl4jkjjilzMAr-9gleV7uFyb-iWpb64cJWcFwogiUuW3luqTG4atJgpQdy64auvq_m86dJmezAatQkl-NLxQnvex96mbEQfGzw5FbtMDiE7SHB9uI245nYw2Wc2FCuxqtA7QM5yEpDXM_Y55AUR6HZsr4RptvCiyIYMhZtmG2ABwMWTuVHIehJWnKmBWswLE7gEkDqnTng3hkiukroy9GTNaWEkof975wqGHAc8vBlcIRE5AhC8YBTNG5ype4jpPh45csC00dQLShiVyNKOi_DmBim6JhULXyytYrPXgO9vaEEdyWYW6bRxl_89bsp1Ilk7gGY2DBzPZ1XkdJvCXRfrz3QTbB7ojJ1qHGRCpTDcjkUhpVs5rysXDA-Ee4inAcx-cUula7JbZifdn0aOOluYDhTGfiiAflqVX074tVziRHOX8fhkVZ57O3WDq6Y3fJwYLLaiO7SXCGEaqOgkfBR9Qu3MkTU8YluGRh0ZmnBOYK-lWoyObUooeLv84sPxu95Eo1Gq15A89KVO6xp3Jj_f7xSriTjrEcTvJO_eUY187pBGfpAnVeeaZa0FPir389icbmF131QlCJP7Jm5TGr35dFdai_0P8XFgM2aHayHh9L7HYNIk-_gZb5hL5WMMT4rGz5R-W_-r3o4kQn1DLZD5iEU1uJPXMeU3ZUsJDCRF9YiPgn76T_zuoWbx9ogGEKqEFuhtY Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://biodoma.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 4AEB	42 B 64 B	59ms 59ms	Fetch image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxOT6LkZMhpIt5CCayrAJ9QTZPM_VzM92M3C98VQyFBI81UxVS7rVV-vQjElskWDMpXz-s3QfwPC3l3Z3SjWdlk0CUO1mrOP9JCcRnVj_s54WfdfpluG4qXt4-e3KHg5f961EJGP5sRVjvpOD9CiIAhR5QpPUSwmGckn73V2D2kNEKQlYAQKmwMak5CqQKtjSk-gsNolgtIqjz3neM4vqS6vz9yMI5RkITH5jn2X0Lo-sAaOSSnnft_rwdv0PdqsMtFCdgkxThP2E6iMtfuncpF_xnaeBeUNw6FgozXWjwPJZA_xTsRYHHnplr56JcCbNZFIaHTDItGkuc9wD5hcVbfjbAScOGNeruLHTxeryAycsOdGUpkQX_z_BEg9-V63ea9tq5UcHF5U7x-PJ9BiMAyrY-pCJrf_qY9JxUApSz8FYSQhTiVb10B99TSTijAIxkKBt0B9f-GjFjoqnCrBSttreBpw6fpRQOUYVAHO_B3ZdFYVZcHi-qkVVhntc8Gu_H1vmSAD24BB6oYn3aPi9WF3bDvDWWoyFO2BGADTBNziD_cFe21-s-_fHLY7k3dcXga_LeM6n1MNajngyEVZABaY09LSIA2iMRf9N-WcY9c7tsJAUl8YW9DnQX_s_tU5JFiwWjtK0kyN8Jli2D-M4DLod-m-J9C2HhO1Mrvh9W9C4mJqVn0sa6ucIUtlDXcTPG6_R6hsOvHZepngIhYS4E9trnNZFonAr8k6L2ZqnUYyGk-LtZHiB3iA6NHjiAn-mAvlEiiug59oTeQGUQlXGQxDjRUytxBgdqwUmg0smvZtXXDMTYy2UqMB9FXGWnMI83L0Wp53URR5Ay8A_mUpr0itfl09e7CnqMigyWqqlFhufygB3-HRY1hV6RyOmqL1xyclhk11M6_5BHz58Jg_FH_-grIhfno0BJKXvZPkj71ghd-R-60g5kP4rAsQsIRemUUdsH9KoDgQ_4rkxuzy9fQmRBPWGnO7zn-ZhCV1qQrcRd2BWshULItAPG8b_wWygtLmDCWIswu-TejzahUKkf8n_B8gxFjiMcEtaO-f-XkIVF7WtUt9g_ZaDJKPZCn-jFZS9QlI44kN9RB3TLk-dxVO3lpTp51Te6LiHMWuR9heiw0kUfyJp--JJw9nmgwT47OZHtt8vsJ6gmw6k7gkru6tyjuajIUO113owH7onGSqw&sai=AMfl-YSrIiC3rzI-EhJRlM7HOyeEvIxiBRgyUmGZot-9PZGkKK-qgwwKyR93SwViGhuRjze4Ntvy7u-LmqPOk27j8PGo_6kQsrjR_9gPRGgKnEneWRl8o5iW0rpiN2dvVfRLoCWPZ_pDVwgGAizCEKDEdPY-g3WXWvqG4Bm9vwc6HdbG8b_nNTc8&sig=Cg0ArKJSzLIAEj2eolh2EAE&cid=CAQSTgDICaaNqNV0pxsXXTYP8Gy8mNmBGMt2C3n5uEvAk5Gj5JxToaa9XJNcfDeAO3UTUEzZSunYkyCvseF_xoJtqdr1fxqpXvmF4EhbOddESBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=231,832,1000,1000,1000&tos=231,601,168,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1702087885867&rpt=529&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:27 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame EFC2	42 B 64 B	91ms 91ms	Fetch image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkFVj171sS482IRqK5ORupfU8Y0eaxU5xrSkVF3ktJobkzB5XX5THy9lXGT1ffoSvJ22fEnPGC66KuHJpobTd8cu-7Blq57WjMYNOAju2klFiG2fuWTb-aTxLGlw7fKteBd-cDQ7it4ebf&sai=AMfl-YRn3af8pAG3vcRt18JkUMuSLww56ij7Ebr7LN_AdStkAFD-oJ0rSl3TTEXUkfCKqBBp2flI7QhPkGRUsvS6Oenj293st5eXPPvem0hXNVRTPq-Hn1Jk8ghkojf4_VAnCU3MkVtJJWWrtfv_b3Z3tVBo-Y7eyrIqf-Q&sig=Cg0ArKJSzG3g6S8bbCNkEAE&cid=CAQSTgDICaaNqNV0pxsXXTYP8Gy8mNmBGMt2C3n5uEvAk5Gj5JxToaa9XJNcfDeAO3UTUEzZSunYkyCvseF_xoJtqdr1fxqpXvmF4EhbOddESBgB&id=lidar2&mcvt=1003&p=0,0,600,200&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1702087885866&rpt=467&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:27 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 3201	42 B 64 B	59ms 59ms	Fetch image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszfQnKRpsLMa31Yt8LurWuyYp6YxY_I93AjAXVF2A_bMCZotZFR2XSRyysVcO1oK0_xrs31flxCt4rc2cy25mf6CLjTFgD_Sut6f5lh5rjDbjlhwZibQ&sig=Cg0ArKJSzCQ4folu_hisEAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1702087885864&rpt=366&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers pragma no-cache date Sat, 09 Dec 2023 02:11:27 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	all csm.eu.criteo.net/ Frame 569A	0 127 B	38ms 37ms	Ping text/plain	2a02:2638:3::1a ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=lsq2-ji5Xv7oah-bN3tsstgAIP_2bNsDWYp9VXLm_wmn57tomteCF5KSUUHPkICOdX8x44TLdPoZRwjzhn34usjJq3a7_WvQGNqMSREnJBI3d5EHN7qdq_dVQeNen8tTV3QGF49U1ZJBwyhm57bb5PfQ0Tl_ZlNjAtj0KynghnFvNfrLwjrYY0ybqmylplEHCmjSGtzY3QO9n-C_BhPMhxXVS1IyDk-N-wMTmmChH04GD6--cOgy7ms_UF8dl4xj_Hta1Q&sds=2&rev=89682&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXPMzAAPIgQK4CpbAAIBW_zwtaHGs_skTi1mSA&u=%7C5IhOIMvx3cIR3XRr3l0pUWxzPgkj%2FbvG8ijCDaSUeOs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-tDF6f8mMoGcMzrlX8TrBHbGRnRkDtz4mhTkQoRcoay2Lz696RF5Ah2r28vhCb5oEUhPtBBpHQgHP91dVQaywFRhBYUJXI4KZ0uthLLGt9TVJTcEnPP5n97X-_-oRDLDY3xL9gkhvGnL6BvKBqkWkHi8WM0OWvvwrbePTDK3CpP2rUc6TCXxicUid2ZQZefDdpim8j7Ut6kbA8NwUGpbKfYN2Z-CiyUDb9Bu7JJKhmn0EoLJlDmZzf4f79iIKn2A8nm5tPCEmpPIj6G-xBsliviT3c2uCU0Fz4JiC5D6zN0_AK0plQG3zDmdg4eI1xZR5mbIW0D-qgwuZylDz5LsqtDIt6-udYVHF-ROic23olv-i5Xpjw806z5DSseTEBJuECtR_eWGUm4syPXemBgvHQHrvIpVlWjlfTjAmHajEmRLqlZtgm29lZMHCYl6ExEDAwiLcARTjvQTT_w8x2XLZAx-RamVqebYunxxl0gR75qzBGKfLKP6Bkm7Ln7prMflY-TG7DmOfBPoykdcl8bvIxmrAk5KPBWnpk4uK9r0fQP3yMSb36eXkQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpstzMxzZYTEPNvUgAfbgojwCsme0rFczfHi3YgBwI23ARABIABglYKAgLAHggEXY2EtcHViLTgxNDM5OTc5NTE5OTE3OTXIAQmpAmItiH_3DrI-qAMByAMCqgTTAU_QvS4pEUYMfpF1cApNY0ZjXqtJxPWPGwdnq73WxlyJOJ-n9agPeTnRxT2UDuDlyZC65DThCoFe85DdqhywH4hGeI3HCWR81d8NO2w_iS0MD8jjpnFXwHS33u8Qf8aDRnGtj00j3vyKic6Z7YrKvvcihVMnakzPzSWouBC6CzAUd0TEcWgERn-k3b0soX60vu_NcQLxOQYm5m49lH82QdcUjh0DyXqz28osufPt72G0Ev0FH0HNhsiOBGE7bGoyA0yB7MDKaqz3M_K2FUjZbFPwDiCABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliRr4u-o4GDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_ieY5aBLHFJGG2jXw2RxHcM8-dQ%26client%3Dca-pub-8143997951991795%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sat, 09 Dec 2023 02:11:27 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0