tsuvod.com Open in urlscan Pro
2a06:98c1:58::60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tsuvod.com/
Effective URL:
https://tsuvod.com/
Submission: On October 19 via api (October 19th 2023, 9:38:38 pm UTC) from US — Scanned from DE

Summary HTTP 78 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 14 domains to perform 78 HTTP transactions. The main IP is 2a06:98c1:58::60, located in United States and belongs to CLOUDFLARENET, US. The main domain is tsuvod.com.
TLS certificate: Issued by E1 on September 26th 2023. Valid for: 3 months.

This is the only time tsuvod.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:7::60 2606:4700:7::60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a06:98c1:58::60 2a06:98c1:58::60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
6	2600:9000:214... 2600:9000:214f:a200:19:f28c:cd92:c761	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3 4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 4	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
78	20

1 2606:4700:7::60 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tsuvod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:58::60 (United States)

ASN13335 (CLOUDFLARENET, US)

tsuvod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:a200:19:f28c:cd92:c761 (United States)

ASN16509 (AMAZON-02, US)

static-cdn.jtvnw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.26.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.52 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	383 KB
14	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443	104 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	392 KB
8	tsuvod.com 1 redirects tsuvod.com	299 KB
6	jtvnw.net static-cdn.jtvnw.net — Cisco Umbrella Rank: 7902	603 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	3 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250 www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	2 KB
3	gstatic.com www.gstatic.com	16 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	153 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	601 B
78	14

	Domain	Requested by
14	pagead2.googlesyndication.com	tsuvod.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net tsuvod.com tpc.googlesyndication.com pagead2.googlesyndication.com
9	s0.2mdn.net	tsuvod.com s0.2mdn.net
8	tsuvod.com	1 redirects tsuvod.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	static-cdn.jtvnw.net	tsuvod.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	tsuvod.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	tsuvod.com www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
78	19

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
tsuvod.com E1	`2023-09-26` - `2023-12-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
static-cdn.jtvnw.net Amazon RSA 2048 M01	`2023-03-13` - `2024-04-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://tsuvod.com/
Frame ID: 8B9C5A9C62A09F8E0FFC5CFF1463D8ED
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 268FC399A817281F971A77BA21028736
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7884035953837893&output=html&adk=1812271804&adf=3025194257&lmt=315529201&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftsuvod.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697751511959&bpp=100&bdt=235&idt=262&shv=r20231011&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1678846615703&frm=20&pv=2&ga_vid=712900142.1697751512&ga_sid=1697751512&ga_hid=1558726458&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42531706%2C42532335%2C44795922%2C44805112%2C44805534%2C44805681%2C44805920%2C31078297%2C31078917%2C44806139&oid=2&pvsid=915655917996392&tmod=195026759&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279
Frame ID: 176B1A5078C164F45A2AEC623F52815E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 38A6D42DD65FA90562CB8670EF311D74
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7E4E42BCD8E974AD6B092CC739E6D925
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENrtytQCGOCrtvcBMAE&v=APEucNVJcxkD6L5rRGRg6kMpfJilACSzunPICRuXDL95eoslajzovZZ273OeKhb7yKmLk02n7X8YWmQILZOpW8wcWDmsYOs79JK5NG4CimgtQwMdjT61NtQWZ-QefRHwsKF4xHxJx4ol4I5VOHwcpMG1SwZBPs4saiIGVZwdvkt_zjQ-lX7tewc
Frame ID: F4A3745FEE63C3C7A0AEE4D26FFE7A31
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7029B0B272C60E67861085CD00AA6DB7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 23B546EEDBE192DC78B4C2DFD3B715CE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1905BC2891BE68CA952A1F74DA43D984
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250
Frame ID: 9EAF505B72F221B57012C1B3910D8BE9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Frame ID: 5DE18FF4B432461947079B718EB9732D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F25B3AEF2545E91A03C63CC2037543D6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 33D7AE293F74EBC6802CA67F6F94A30E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

트수VOD

Page URL History Show full URLs

http://tsuvod.com/ HTTP 301
https://tsuvod.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

78
Requests

95 %
HTTPS

80 %
IPv6

14
Domains

19
Subdomains

20
IPs

4
Countries

2094 kB
Transfer

4803 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/tsu_vod
Title: 트위터

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tsuvod.com/ HTTP 301
https://tsuvod.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELV56I4uUqDPY8HdnjNdSMw&google_cver=1

Request Chain 42

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTGh2U9.BWEzHFWEa6t08QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELV56I4uUqDPY8HdnjNdSMw&google_cver=1&google_hm=2

Request Chain 43

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFDQpwUa7j6uB8CAGyyFqgU&google_cver=1

Request Chain 44

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYzNDYzNTM5MDQxOTkzNjAzNA%3D%3D

Request Chain 56

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

78 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tsuvod.com/
Redirect Chain

http://tsuvod.com/
https://tsuvod.com/

3 KB
2 KB

427ms
329ms

Document
text/html

2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsuvod.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6f4a8043600c55651ade0994c60480071a17d00879a622bb8af018eaed73e64d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
cf-cache-status: MISS
cf-ray: 818c2b2249a79131-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 19 Oct 2023 21:38:31 GMT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
vary: Accept-Encoding
x-do-app-origin: 5652280b-e6b3-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
x-powered-by: Express

Redirect headers

CF-RAY: 818c2b216df9049b-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 19 Oct 2023 21:38:31 GMT
Expires: Thu, 19 Oct 2023 22:38:31 GMT
Location: https://tsuvod.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
89 KB 154ms
61ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XNGQ8JGJQG

Requested by

Host: tsuvod.com
URL: https://tsuvod.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d84c837d265de33eca62f66088b2cfc3a90fe0c43654f9c7babc1b8588b6b6e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 21:38:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 158ms
66ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tsuvod.com
URL: https://tsuvod.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

795e4f3561fba5717cedc8e2da98e8a041e6b13ba88036af9eb2fae4f8e5c0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51299
x-xss-protection: 0
server: cafe
etag: 5223934750237284017
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 21:38:31 GMT

GET
H2 200 utep_ad.js Show response
tsuvod.com/data/ 23 B
100 B 330ms
328ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsuvod.com/data/utep_ad.js
Requested by: Host: tsuvod.com
URL: https://tsuvod.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 60fd40a24072d26141650cccf34c71ca2756e9d55fd5509550853829c60701a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:32 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 5652280b-e6b3-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
x-powered-by: Express
etag: W/"17-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 818c2b246c1a9131-FRA
content-length: 23

GET
H2 200 yzfdmoan.js Show response
tsuvod.com/data/ 22 B
155 B 322ms
320ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsuvod.com/data/yzfdmoan.js
Requested by: Host: tsuvod.com
URL: https://tsuvod.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b818906927e5c304e330d70558c1a565aa7ede1e440b3ed6acf8ebb2387d1a31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:32 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 5652280b-e6b3-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
x-powered-by: Express
etag: W/"16-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 818c2b246c1e9131-FRA
content-length: 22

GET
H2 200 main.1359096b.chunk.css
tsuvod.com/static/css/ 310 B
305 B 346ms
344ms Stylesheet
text/css 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsuvod.com/static/css/main.1359096b.chunk.css
Requested by: Host: tsuvod.com
URL: https://tsuvod.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8edc5ebc4bdace33d87a8462820bfff012348481b5c0161461d059abcfc28ca0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 5652280b-e6b3-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
x-powered-by: Express
etag: W/"136-49773873e8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 818c2b246c199131-FRA

GET
H2 200 2.f20ccc2d.chunk.js Show response
tsuvod.com/static/js/ 1003 KB
283 KB 789ms
788ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsuvod.com/static/js/2.f20ccc2d.chunk.js
Requested by: Host: tsuvod.com
URL: https://tsuvod.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 659a3aaf601fcc45f2faabcd398243ad9a68dcb24305c453ba3dde8b7c51bbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 5652280b-e6b3-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
x-powered-by: Express
etag: W/"fabb0-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 818c2b246c1f9131-FRA

GET
H2 200 main.9f759878.chunk.js Show response
tsuvod.com/static/js/ 24 KB
8 KB 431ms
430ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsuvod.com/static/js/main.9f759878.chunk.js
Requested by: Host: tsuvod.com
URL: https://tsuvod.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6f36f1d9a3f924695d7c58d033a9cdab8fca54f847cbc99273d4096a6c9bebc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: 5652280b-e6b3-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
x-powered-by: Express
etag: W/"60cf-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 818c2b246c209131-FRA

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/ 394 KB
134 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7884035953837893&plah=tsuvod.com&bust=31078917

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a4da9ca1a989cdab1e75a203d6b629de5d4e023f32b84f92f7f1c52335324e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136828
x-xss-protection: 0
server: cafe
etag: 15161418048713507418
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 21:38:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 268F 10 KB
5 KB 128ms
38ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuvod.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 12:56:15 GMT
etag: 2603938475786422795
expires: Thu, 02 Nov 2023 12:56:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-147842154-3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XNGQ8JGJQG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78ca3c70412c05c4b4f4c5bf4697c4fe0427fe37044bcb45e78a88f2e6a7afb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65223
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Oct 2023 21:38:32 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 135ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XNGQ8JGJQG&gtm=45je3ai0&_p=1558726458&cid=712900142.1697751512&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697751512&sct=1&seg=0&dl=https%3A%2F%2Ftsuvod.com%2F&dt=%ED%8A%B8%EC%88%98VOD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XNGQ8JGJQG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tsuvod.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-147842154-3&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Oct 2023 19:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6530
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 19 Oct 2023 21:49:42 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 135ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tsuvod.com&callback=_gfp_s_&client=ca-pub-7884035953837893

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7884035953837893&plah=tsuvod.com&bust=31078917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04a4c5769659af4f8fafabcff4950e2b721ef7a4e9232bc8bd19704de13534ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 176B 309 KB
89 KB 1257ms
1256ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7884035953837893&output=html&adk=1812271804&adf=3025194257&lmt=315529201&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftsuvod.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697751511959&bpp=100&bdt=235&idt=262&shv=r20231011&mjsv=m202310170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1678846615703&frm=20&pv=2&ga_vid=712900142.1697751512&ga_sid=1697751512&ga_hid=1558726458&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42531706%2C42532335%2C44795922%2C44805112%2C44805534%2C44805681%2C44805920%2C31078297%2C31078917%2C44806139&oid=2&pvsid=915655917996392&tmod=195026759&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8976d366405ea7bd3432bf5d521e47f2fc38adcae4b8c10488599edafc65760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuvod.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 90675
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 21:38:33 GMT
expires: Thu, 19 Oct 2023 21:38:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 46ms
46ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1558726458&t=pageview&_s=1&dl=https%3A%2F%2Ftsuvod.com%2F&ul=en-us&de=UTF-8&dt=%ED%8A%B8%EC%88%98VOD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2003347753&gjid=436529934&cid=712900142.1697751512&tid=UA-147842154-3&_gid=1633968748.1697751512&_r=1&gtm=457e3ai0&jsscut=1&z=857297351

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tsuvod.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tsuvod.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
342 B 164ms
54ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-147842154-3&cid=712900142.1697751512&jid=2003347753&gjid=436529934&_gid=1633968748.1697751512&_u=YADAAUAAAAAAACAAI~&z=939735466

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tsuvod.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 19 Oct 2023 21:38:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tsuvod.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00ce52e32d6924c5175a494ff03bb772dd02708dfa17634085fd689167a702eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cachedChannel Show response
tsuvod.com/api/ 14 KB
4 KB 441ms
441ms XHR
application/json 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tsuvod.com/api/cachedChannel
Requested by: Host: tsuvod.com
URL: https://tsuvod.com/static/js/2.f20ccc2d.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2c7f84c55975ad44f4a87a9e2710935653201b18205b9d494514eb73b92c1f0e

Request headers

Accept: application/json, text/plain, */*
Referer: https://tsuvod.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:33 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
x-do-app-origin: 5652280b-e6b3-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
x-powered-by: Express
etag: W/"373c-NFE4+PaMLKFOCWIJrzeZKBVl7Gk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private
cf-ray: 818c2b2aab219131-FRA

GET
H2 200 a5e2940b-1076-4f02-8f50-e1d52ad723ef-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 124 KB
124 KB 262ms
128ms Image
image/png 2600:9000:214f:a200:19:f28c:cd92:c761
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/a5e2940b-1076-4f02-8f50-e1d52ad723ef-profile_image-300x300.png
Requested by: Host: tsuvod.com
URL: https://tsuvod.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a200:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3111806974fc70573a1c72d3088b25623b31fa3b519d2565c50cfe4665a34689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 20:27:05 GMT
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 5136
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 126757
last-modified: Tue, 24 Jan 2023 10:17:42 GMT
server: nginx
etag: "77ffcb0321123ae64ae023f93a1dbf79"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: HMuF7YG4m4CxPegv8haRmvgj4iLZ3wLnbmy9oRX-G97CsR3JY0pv4w==
expires: Fri, 20 Oct 2023 00:12:57 GMT

GET
H2 200 1c21c613-1c7c-44d4-8e28-46fa0df3c372-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 115 KB
115 KB 297ms
163ms Image
image/png 2600:9000:214f:a200:19:f28c:cd92:c761
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/1c21c613-1c7c-44d4-8e28-46fa0df3c372-profile_image-300x300.png
Requested by: Host: tsuvod.com
URL: https://tsuvod.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a200:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b2608ba29aae3440e1ee08e892b1a2191189f03f7ea144b3a717b34c9b625c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:33 GMT
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 23
x-cache: Hit from cloudfront
content-length: 117629
last-modified: Fri, 04 Nov 2022 15:45:16 GMT
server: nginx
etag: "378f25c8e23d0831021bf5a988fb51f8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: NopT1j3o_n8qbjQhooBfAyqtllX6GynKk2mYeJI9kNaITi2HFBWzJA==
expires: Fri, 20 Oct 2023 01:38:10 GMT

GET
H2 200 f2357d19-50cf-4b35-9e11-792d638c75c8-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 121 KB
122 KB 293ms
160ms Image
image/png 2600:9000:214f:a200:19:f28c:cd92:c761
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/f2357d19-50cf-4b35-9e11-792d638c75c8-profile_image-300x300.png
Requested by: Host: tsuvod.com
URL: https://tsuvod.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a200:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 627f2717fe78d7c04c7a73ffccf68eaaf1a1a0c347fb7bf7d0159d4ebe085f69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:51:45 GMT
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 10179
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 124299
last-modified: Thu, 30 Mar 2023 15:06:13 GMT
server: nginx
etag: "4633250efedc7dabcc63577bc18fa9d5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: jhOmfaL7mEjKCRxEhpgy79kTtBZgcfExym6N68_OY19pG_OcJ1uxAA==
expires: Thu, 19 Oct 2023 22:48:54 GMT

GET
H2 200 8e9fc265-15f1-4f39-80f4-83f8a0832b06-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 81 KB
81 KB 315ms
182ms Image
image/png 2600:9000:214f:a200:19:f28c:cd92:c761
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/8e9fc265-15f1-4f39-80f4-83f8a0832b06-profile_image-300x300.png
Requested by: Host: tsuvod.com
URL: https://tsuvod.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a200:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a303d5b5a4e89307f3aacc3a082632f4b00e49da64b7301eb2ceba8c85a4e4d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:33 GMT
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 134
x-cache: Hit from cloudfront
content-length: 82696
last-modified: Wed, 30 Mar 2022 18:03:33 GMT
server: nginx
etag: "c65a4d53f787c73b94573423ddaa382e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: xPl8REUa2K9UmcYoY9ufvfg-8SyKSPrgwr4k6gNAorOmKLPifXEgZw==
expires: Fri, 20 Oct 2023 01:36:19 GMT

GET
H2 200 0294fec8-8572-4517-9b60-12e0705a8893-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 110 KB
111 KB 183ms
51ms Image
image/png 2600:9000:214f:a200:19:f28c:cd92:c761
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/0294fec8-8572-4517-9b60-12e0705a8893-profile_image-300x300.png
Requested by: Host: tsuvod.com
URL: https://tsuvod.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a200:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d1e727a84240426f8d2b2c53c4bd8043e93ef401ebbb2d258f21cfdcb728c960

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 19:10:21 GMT
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 8896
x-cache: Hit from cloudfront
content-length: 112703
last-modified: Fri, 13 Nov 2020 10:49:50 GMT
server: nginx
etag: "158534b109340b0bb357e99d2b96e17b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: 1j_sZyxed81cd5EA-Pm-WZmhWBRZk8N1AglAbxVgN6S2F92w8dUEtQ==
expires: Thu, 19 Oct 2023 23:10:17 GMT

GET
H2 200 ba6c0172-998a-4093-bc44-dd690d5f3922-profile_image-300x300.png
static-cdn.jtvnw.net/jtv_user_pictures/ 49 KB
50 KB 315ms
182ms Image
image/png 2600:9000:214f:a200:19:f28c:cd92:c761
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/jtv_user_pictures/ba6c0172-998a-4093-bc44-dd690d5f3922-profile_image-300x300.png
Requested by: Host: tsuvod.com
URL: https://tsuvod.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a200:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d3821e5d0021bb686b73274cedadb4ea02d22cc4913de55e951dc5ac79fdc0f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 20:09:02 GMT
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 5801
x-cache: Hit from cloudfront
content-length: 50241
last-modified: Mon, 17 Jan 2022 22:53:30 GMT
server: nginx
etag: "5db31f12bc64552a1787e59ff7956946"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: kBX6_GxKNZ9ryGEoqA1bepwz-XXnk5FGZKnE1ouPQAdRUri5ocxiEQ==
expires: Fri, 20 Oct 2023 00:01:52 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/ 159 KB
54 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310170101/reactive_library_fy2021.js?bust=31078917

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50b4a14b786d732120ec82522e5f612bdfb0a4d673b706ce052b8efc8bcc8a3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55345
x-xss-protection: 0
server: cafe
etag: 5919051168319600199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 21:38:33 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 38A6 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuvod.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 10:26:49 GMT
etag: 2603938475786422795
expires: Thu, 02 Nov 2023 10:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 7E4E 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuvod.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 10:26:49 GMT
etag: 2603938475786422795
expires: Thu, 02 Nov 2023 10:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 38A6 4 KB
1 KB 143ms
50ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Oct 2023 21:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 20:40:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Oct 2023 21:38:33 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 38A6 205 B
650 B 132ms
42ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 01:08:26 GMT
x-content-type-options: nosniff
age: 73807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 18 Oct 2024 01:08:26 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 38A6 604 B
695 B 133ms
43ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 21:48:20 GMT
x-content-type-options: nosniff
age: 85813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 17 Oct 2024 21:48:20 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 38A6 15 KB
7 KB 174ms
84ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98fefe7f547279bd255dc14dc672ff50e5b5d330f6ae9d2fc3b0784be4b40de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:32:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6582
x-xss-protection: 0
server: cafe
etag: 15902073051392820161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 23:32:31 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 38A6 20 KB
9 KB 131ms
41ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 18:06:42 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F4A3 624 B
246 B 55ms
54ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENrtytQCGOCrtvcBMAE&v=APEucNVJcxkD6L5rRGRg6kMpfJilACSzunPICRuXDL95eoslajzovZZ273OeKhb7yKmLk02n7X8YWmQILZOpW8wcWDmsYOs79JK5NG4CimgtQwMdjT61NtQWZ-QefRHwsKF4xHxJx4ol4I5VOHwcpMG1SwZBPs4saiIGVZwdvkt_zjQ-lX7tewc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 21:38:33 GMT
expires: Thu, 19 Oct 2023 21:38:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7E4E 111 KB
39 KB 175ms
46ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: tsuvod.com
URL: https://tsuvod.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 20:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 20:02:15 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 7E4E 7 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: tsuvod.com
URL: https://tsuvod.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:49:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 18:49:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 7E4E 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: tsuvod.com
URL: https://tsuvod.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 18:06:26 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7E4E 41 KB
14 KB 119ms
54ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tsuvod.com
URL: https://tsuvod.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 16:21:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 7E4E 3 KB
1 KB 117ms
52ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13023
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 18:01:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 7E4E 20 KB
8 KB 112ms
47ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 18:01:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E4E 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5_5kPIPDfEUpufKE2zHv4I2CrE6U9edqzN0iMyaZNWX7_WpxASb7qlm4j87Q51-yYnzIujWTaexOv2evxF-JXm2TyXBlok-WZQw0EqZ4KGaEcEr4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E4E 187 KB
59 KB 207ms
97ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 21:38:33 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F4A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELV56I4uUqDPY8HdnjNdSMw&google_cver=1

43 B
334 B

58ms
57ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELV56I4uUqDPY8HdnjNdSMw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENrtytQCGOCrtvcBMAE&v=APEucNVJcxkD6L5rRGRg6kMpfJilACSzunPICRuXDL95eoslajzovZZ273OeKhb7yKmLk02n7X8YWmQILZOpW8wcWDmsYOs79JK5NG4CimgtQwMdjT61NtQWZ-QefRHwsKF4xHxJx4ol4I5VOHwcpMG1SwZBPs4saiIGVZwdvkt_zjQ-lX7tewc
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mC2pjv6vepPKprxovqWXMOuSBAUEYuxiWNG0EyJ9wKQMtblqzUHw374pRJHybBLNcAmODTm4ns1U7qBhZ1WDCddKjCFHZloeRljNRoi0aHdVuCjIqgFYsm718wjL1aeET4IPSSs%2FQezEWw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 818c2b32ae2591ea-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELV56I4uUqDPY8HdnjNdSMw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F4A3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTGh2U9.BWEzHFWEa6t08QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELV56I4uUqDPY8HdnjNdSMw&google_cver=1&google_hm=2

43 B
770 B

58ms
58ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELV56I4uUqDPY8HdnjNdSMw&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENrtytQCGOCrtvcBMAE&v=APEucNVJcxkD6L5rRGRg6kMpfJilACSzunPICRuXDL95eoslajzovZZ273OeKhb7yKmLk02n7X8YWmQILZOpW8wcWDmsYOs79JK5NG4CimgtQwMdjT61NtQWZ-QefRHwsKF4xHxJx4ol4I5VOHwcpMG1SwZBPs4saiIGVZwdvkt_zjQ-lX7tewc
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqyOt%2FVoRfNEXl5aKsp50F90aRnHWO6gUq%2BpXcLJTFQiECPrSBYZuUHdZ6Ek2Pm9ZGuVr9lB5Gu9l2NOljgEWoLAzUsnxDoyJJf8R0bZjdhandOvPf%2BpdIXrsVzo8wtQZ%2BVUD4hXCen34w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 818c2b336afcbb7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELV56I4uUqDPY8HdnjNdSMw&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F4A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFDQpwUa7j6uB8CAGyyFqgU&google_cver=1

43 B
841 B

49ms
47ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFDQpwUa7j6uB8CAGyyFqgU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXNsaQCENrtytQCGOCrtvcBMAE&v=APEucNVJcxkD6L5rRGRg6kMpfJilACSzunPICRuXDL95eoslajzovZZ273OeKhb7yKmLk02n7X8YWmQILZOpW8wcWDmsYOs79JK5NG4CimgtQwMdjT61NtQWZ-QefRHwsKF4xHxJx4ol4I5VOHwcpMG1SwZBPs4saiIGVZwdvkt_zjQ-lX7tewc

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:34 GMT
an-x-request-uuid: 568eb4c6-104b-41e5-8f29-2694998f477d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFDQpwUa7j6uB8CAGyyFqgU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F4A3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYzNDYzNTM5MDQxOTkzNjAzNA%3D%3D

170 B
243 B

50ms
50ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYzNDYzNTM5MDQxOTkzNjAzNA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:33 GMT
an-x-request-uuid: 246befdc-5ae9-43e6-90f5-8c94d1cf566a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYzNDYzNTM5MDQxOTkzNjAzNA%3D%3D
x-proxy-origin: 80.255.7.101; 80.255.7.101; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7029 14 KB
1 KB 49ms
48ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Oct 2023 21:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 20:37:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Oct 2023 21:38:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 7029 2 KB
879 B 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13023
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 18:01:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 7029 23 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13023
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 18:01:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 23B5 143 B
166 B 42ms
41ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 21:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 7029 3 KB
1 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13023
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 18:01:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 7029 20 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 18:01:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7029 187 KB
59 KB 123ms
122ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 21:38:33 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 7029 35 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:14 GMT

GET
DATA 200
OK truncated
/ Frame 7E4E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90fd60f745e51ae0ad16d8c763a67fc7de2d2a48b6f7daaabca7131a4f8c3812

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1905 22 KB
8 KB 41ms
38ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 105395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 16:21:58 GMT
expires: Thu, 17 Oct 2024 16:21:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 52ms
51ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XNGQ8JGJQG&gtm=45je3ai0&_p=1558726458&cid=712900142.1697751512&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1697751512&sct=1&seg=0&dl=https%3A%2F%2Ftsuvod.com%2F&dt=%ED%8A%B8%EC%88%98VOD&en=scroll&epn.percent_scrolled=90&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XNGQ8JGJQG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tsuvod.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 23B5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
47ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 21:38:34 GMT
expires: Thu, 19 Oct 2023 21:38:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 21:38:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1905 37 KB
14 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 22:00:03 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10618363914229878105/ Frame 9EAF 253 KB
31 KB 121ms
40ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5553ccfe39c6b30c67e38d1399802a98e3ac15c1444660a38007a50369efaaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 471065
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 31709
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 10:47:29 GMT
expires: Sun, 13 Oct 2024 10:47:29 GMT
last-modified: Thu, 14 Sep 2023 13:19:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7E4E 0
0 204ms
85ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTYdytr4WmrWHLyldjGCFkY5leQEzu4vJB8JR5Da6vK77662emFxYXI6fWcq-DCkQIhiVY-txfU-V6LpelPe-2HNsxiCdWocij9jtGn5RWngg9cqKd3xb0qX12wlwsrHbJjjHRRwXJMNr78AD6k1_3LljltyYni15osDOlQzuh09Vw9hOD-uZHKYgiuabO8jjdh4izrzXZo_5NHCVs_W7XfjRT0-9zWxKBrA9HDcqUcC8OBFlKSlBDJ3R4TW-2LqQCU8u9fNz-YNS0zBte8g-IBMTT-GBpPdIrBw4soWhV5XplsoCXpHcXNvYlEghUqoC-4VCP2-EYcKMrctqGpjxwk_iJJzHe841lZAc001WM-KU1daI95I64tp8pRgI5EXk6nfQHv3bHQJdJekl9jlgXXTPZXYDfa6ZbrJT7PcOR6y5kw2tUFv2tzWAWbgMK1pix40eyTg48y0XMVrFTvtFuVdyBEmR0uE3QqAprch4YDDJTMePW1C_h4xFiy3cAdrcISgDKIPaL7oGcpKw6izNyuAKrptaOaycN3iUrIvKkB4lR1XiKuegqnWEIqWUDkEz6favkGiICRFZoqtiFktKTO20l-LTdkY4vAjY14iD2bvHrfMpFh9SqHvkY_WUfGCgtn65FADip_wRE9dLcYOlj7ZiisrxPLlF3RJwxIr-bhQCLH6TKqyjVRM8TtGfEbWjjRDvdqGF_XD8JCRo_zxdYTviguIWYv5M-imZNXNI38j3olQ8Zeuz_4PVbbWIcvLa9VO5wImTn84L9DnL6XZfM4yzXvLZj12DaH_y-X9QAuaursrPPgxs47Xkdur5Xq7jf2p4MMzRw4J1iNqTcuZPHFDxLefVR9XKh4kGa2Ds_eCbVFQ21hCbvvshksG4BbQTFJimkgthG7Q4WpRep64TgVPS0gFUFfRutk7YjQ7WiCyExz1bn0iomR206CJ199sXdcxhPiZGZG9wUleEiCgrmjesvWKtKYN0zNF9GB2aXPyN4IKp3j_fvZep7_AwY_d68nVDcOUlevB5EjpeUXkAceWaiviqheXBmEfM3OwGiBuv-BCsBRq1G26o3I2Gb1fYLCdfJvUTyuNLN457vxGTZF6EgV06Fai5lVPfIGTp6R9UarklhOqiyfkYOCrHmt86E5fxmMG42cjJErNMA53YdMUSmtuLmfRKMMME0QoN8pKpaYKm8vmAxvw7jAg&sai=AMfl-YQQ2eUPIrYggzerNJr-oFC0e1MUU4YEuluiASWuGfLIbpSpW_yIVbh9T4i9vbD7mjCDWqL_eJ_VMv-S6B8iPuWDVS9rT460mKA7BQ9iwJu2xUwftctLR_kSCwNw5_RH1c5-4r2a3wi4rRlJw1ofWwC3O2rAhQLz8xqRDCCvS0_5C4tgJ3lWjUcZ6_Aagjnf_-r4h2rWcHrzIKer-kTe9ev72Fdl8YMXpstICkkzx_cBzCfgge__Dg66PJuTBpQi_PbG0MdzMd5jwdGYHIoW-9Pa-CZrN1UL3fIhQeKeWDdX04M0jbWhrVnzjFiKdGuXSwddEfptbW94yuTJkHaayvTbl9NCylFuUO1A3V27LAiiWEANU6898NzkNCoXZ8njhSjdf0QO7BOjVyFJbuzU65utG_7rOFhJ5Xdy1cicHHEFR3J8P2kHJ3EQLRE_uCrpZtCjvf3dkGjpxaY_EQSPWcSg1p46u5WVcw&sig=Cg0ArKJSzH-7U3qdEwJjEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=239&cbvp=1&cstd=237&cisv=r20231017.94838&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: tsuvod.com
URL: https://tsuvod.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Oct 2023 21:38:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 9EAF 32 KB
11 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 07:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 07:13:22 GMT

GET
H3 200 QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DE1 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js

Requested by

Host: tsuvod.com
URL: https://tsuvod.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 22:00:03 GMT

GET
H3 404 null
s0.2mdn.net/sadbundle/10618363914229878105/ Frame 9EAF 43 B
64 B 158ms
157ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10618363914229878105/null

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:34 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Thu, 19 Oct 2023 21:38:34 GMT

GET
H3 200 EON_BrixSans-Regular.ttf
s0.2mdn.net/sadbundle/10618363914229878105/ Frame 9EAF 115 KB
55 KB 40ms
40ms Font
font/ttf 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10618363914229878105/EON_BrixSans-Regular.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e41a908094eefdd2897b4044ac0fad81e74941710adea959ef31ace9b15aa06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29807
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56187
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:19:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 13:21:47 GMT

GET
H3 200 EON_BrixSans-Bold.ttf
s0.2mdn.net/sadbundle/10618363914229878105/ Frame 9EAF 142 KB
64 KB 53ms
53ms Font
font/ttf 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10618363914229878105/EON_BrixSans-Bold.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517f5fe8fe1a2f1b4c45326787ebf50fd136ce146698959601b0078a84347af0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65853
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:19:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 18:20:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1905 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_MhL2KExZf7wEKiFjuwPnLuJsAUAAAAAOAHgBAI&bg=!YmGlYS7NAAZy-tsgUvo7ADQBe5WfOPknZ9dhaJhlGCc56gsc0qiyeI__kn4U8gRLNsf383Q7-M0zv60A4j_va9JSLUSkAgAAAMVSAAAAB2gBBwoAaep7EFT-h2TlU4fLIKYQFnviXe3erNrHhuxbLyG9HvR3PeBkArSKJ6sqCYbWoirTfPKZ6lfZX4FO2JkwPTC6hl6GY-2HylzGpo5-b-KgTf7hYxOW3Ghb7p-KG62RsdRXD5icpsrY6pYELpkDHEx_uOfw7YBHnYh70N2RrK6SzhvM0WOXm5Bz4BRe1eZR7VLBJXqF9WXYicxh0e24jaLPCp_o7xKmpBdp9oMkqu9qw2SR5xz-k8esLgaBjPQcv5Niieu3yMlQgoweCazBTQ4oD_JxEebgUuA8TP80sLkaRBZ6AV7K709TOPqGKSpJdlI2KJ7gHZLCFbq5MWGh3I4EO7Rnbyt5XEu3IgUKFvMvr2kUeB_AfRYkIOqX94edVF7t5zTOgg88Uf74zZIVsYci-oKeg73nO4wz3IA9kWsI1hK289VQtZyqhVerMnTk94k-LVbqBJgLKjfWQEbWMWQYmN-Qi6eMh0SLd9wThUmTqecBu0QBokCc5Yjo-3-xc8YBEu0E6Sp18wueY-9HaScLGrcm-O5Y0bGyFLb_DhLo5un-HkUhkTRNYXZuWU-ZKWDBdw25yclWTdATpkFM_9cGBQ0uqPS_Fl2ao0yvQCMuvbjMzLNGg4DIcgLVyO_CYLeEyHBQrYxdJRDt4pvODJXgibVKI_rYPVRsRNr0CCsLlQ2e7s-yvx79v5U3S2mQnLIjon720Ne3A7rZkCx9IJDMEkKlyII2D3LsF9z1kli03n-J5XtWylwnxHBY2EEccAaffFXh49Yv6AYnKUY5A2Vwh29peEV0jvUnWozyB9p5L_xc7w3d4j0v9zKZz1F7RoE9r-b3eUMku0i02pWI9wMJJIkBQXge3DQhWQYOk9nzJgsm0ads7a03yT3vFWlNx4SnJUW6_8fGa_zvQDKuWkvkn0IBBmy7ByxVowg61P7F_pUuu01VVOw9NLUtjDvrmtYDRzzG6mICMn3-QTWv6Ij1hUBLZyyHWIJDTmc_8Q6G6MZGiIK2nMQmlMijE9vaVPy_H0TcQahvli-s2QicgFnC3-6xnkYvOJd_s_eYmz7eeFPOoKAQTwYocHzx1n7zc5f7Wd-Ay6UFQ2rFfSVJThFJbywCX0Nkb13E1pwY911HzEvGwgl0KOjsBm6qiR1oGI9oJK68Z660sksJYunCi-CjSohlCvoKG9kKMd8zHEykTAW8cjlSFPwdMfA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 arrow_down.svg
s0.2mdn.net/sadbundle/10618363914229878105/ Frame 9EAF 323 B
266 B 47ms
46ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10618363914229878105/arrow_down.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a684cd27db606afb776c8295be819e4a33ab6c25d89f4e67db29cc533fb2a04f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 06:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54982
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:19:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 06:22:12 GMT

GET
H3 200 E.ON_RGB_White.png
s0.2mdn.net/sadbundle/10618363914229878105/ Frame 9EAF 24 KB
24 KB 56ms
55ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10618363914229878105/E.ON_RGB_White.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ede987abf2dc14fa367e0a7c694ca7b6f29bc2b9920870e333838fa8f734552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 08:45:31 GMT
x-content-type-options: nosniff
age: 46383
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24906
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:19:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 08:45:31 GMT

GET
H3 200 GettyImages-838875818.jpg
s0.2mdn.net/sadbundle/10618363914229878105/ Frame 9EAF 166 KB
166 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10618363914229878105/GettyImages-838875818.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c54a2ffe767cd686f241410801324b88e7d9eedf5fa9ef6bc64da117608920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10618363914229878105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:21:46 GMT
x-content-type-options: nosniff
age: 29808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 169901
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 13:19:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 13:21:46 GMT

GET
DATA 200
OK truncated
/ Frame 9EAF 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7E4E 0
0 78ms
76ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTYdytr4WmrWHLyldjGCFkY5leQEzu4vJB8JR5Da6vK77662emFxYXI6fWcq-DCkQIhiVY-txfU-V6LpelPe-2HNsxiCdWocij9jtGn5RWngg9cqKd3xb0qX12wlwsrHbJjjHRRwXJMNr78AD6k1_3LljltyYni15osDOlQzuh09Vw9hOD-uZHKYgiuabO8jjdh4izrzXZo_5NHCVs_W7XfjRT0-9zWxKBrA9HDcqUcC8OBFlKSlBDJ3R4TW-2LqQCU8u9fNz-YNS0zBte8g-IBMTT-GBpPdIrBw4soWhV5XplsoCXpHcXNvYlEghUqoC-4VCP2-EYcKMrctqGpjxwk_iJJzHe841lZAc001WM-KU1daI95I64tp8pRgI5EXk6nfQHv3bHQJdJekl9jlgXXTPZXYDfa6ZbrJT7PcOR6y5kw2tUFv2tzWAWbgMK1pix40eyTg48y0XMVrFTvtFuVdyBEmR0uE3QqAprch4YDDJTMePW1C_h4xFiy3cAdrcISgDKIPaL7oGcpKw6izNyuAKrptaOaycN3iUrIvKkB4lR1XiKuegqnWEIqWUDkEz6favkGiICRFZoqtiFktKTO20l-LTdkY4vAjY14iD2bvHrfMpFh9SqHvkY_WUfGCgtn65FADip_wRE9dLcYOlj7ZiisrxPLlF3RJwxIr-bhQCLH6TKqyjVRM8TtGfEbWjjRDvdqGF_XD8JCRo_zxdYTviguIWYv5M-imZNXNI38j3olQ8Zeuz_4PVbbWIcvLa9VO5wImTn84L9DnL6XZfM4yzXvLZj12DaH_y-X9QAuaursrPPgxs47Xkdur5Xq7jf2p4MMzRw4J1iNqTcuZPHFDxLefVR9XKh4kGa2Ds_eCbVFQ21hCbvvshksG4BbQTFJimkgthG7Q4WpRep64TgVPS0gFUFfRutk7YjQ7WiCyExz1bn0iomR206CJ199sXdcxhPiZGZG9wUleEiCgrmjesvWKtKYN0zNF9GB2aXPyN4IKp3j_fvZep7_AwY_d68nVDcOUlevB5EjpeUXkAceWaiviqheXBmEfM3OwGiBuv-BCsBRq1G26o3I2Gb1fYLCdfJvUTyuNLN457vxGTZF6EgV06Fai5lVPfIGTp6R9UarklhOqiyfkYOCrHmt86E5fxmMG42cjJErNMA53YdMUSmtuLmfRKMMME0QoN8pKpaYKm8vmAxvw7jAg&sai=AMfl-YQQ2eUPIrYggzerNJr-oFC0e1MUU4YEuluiASWuGfLIbpSpW_yIVbh9T4i9vbD7mjCDWqL_eJ_VMv-S6B8iPuWDVS9rT460mKA7BQ9iwJu2xUwftctLR_kSCwNw5_RH1c5-4r2a3wi4rRlJw1ofWwC3O2rAhQLz8xqRDCCvS0_5C4tgJ3lWjUcZ6_Aagjnf_-r4h2rWcHrzIKer-kTe9ev72Fdl8YMXpstICkkzx_cBzCfgge__Dg66PJuTBpQi_PbG0MdzMd5jwdGYHIoW-9Pa-CZrN1UL3fIhQeKeWDdX04M0jbWhrVnzjFiKdGuXSwddEfptbW94yuTJkHaayvTbl9NCylFuUO1A3V27LAiiWEANU6898NzkNCoXZ8njhSjdf0QO7BOjVyFJbuzU65utG_7rOFhJ5Xdy1cicHHEFR3J8P2kHJ3EQLRE_uCrpZtCjvf3dkGjpxaY_EQSPWcSg1p46u5WVcw&sig=Cg0ArKJSzH-7U3qdEwJjEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=641&vt=11&dtpt=402&dett=3&cstd=237&cisv=r20231017.94838&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: tsuvod.com
URL: https://tsuvod.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 172ms
91ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8fc3a2c0344f3d94710d0c33a7c5eea990eee8cf472d014231fb1c52aa6afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12246
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 21:38:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F25B 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tsuvod.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 12:15:36 GMT
expires: Fri, 18 Oct 2024 12:15:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 33D7 829 B
997 B 52ms
51ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d3c4d79ecff1880bc6a09ab82f1a9957925dd5beaf88449935153d1e39c38f47

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-98hOImb6_oekQvFm9ngOuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tsuvod.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-98hOImb6_oekQvFm9ngOuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 21:38:34 GMT
expires: Thu, 19 Oct 2023 21:38:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame F25B 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 20:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Oct 2024 20:04:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 33D7 0
0 75ms
75ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=915655917996392&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F25B 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0ieKLA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:38:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E4E 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCO4zDSZ9zwzit2_63dlBDo3-BQP_V9mOS3iJqF98ejM2eGoeWd4YK0-Dw8ZwjcneXgRsh2D2JKUR3NcI1vhyb4OyueztJuog3uAcllD1gN9rGf1YRLc69MEhSYNww2MddPfxNh76GPfzf&sai=AMfl-YSfgPk57ecHK6klNzNLKw2iyDVoz0wxTI8qDod8GwnyQgJ-Bu384DDPQvVYjrbEzak33UTX1wtPFsxcGt5wtiIQ896-GAK8g4WaDi7TYnS2KTk03o03PXIvXPST51zVcj9bdfn9doch8BkpbA&sig=Cg0ArKJSzHI9fF2dK-0nEAE&cid=CAQSTADICaaNSYo0qvjXf1BF9-8iigzVtn9QsaKhRuKDGEvbMtXLUTmCYlGJ0WjTLoa9bC4hG_m0ur85fLPv33zEupS5uht1XqpJMEvcUzIYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=511,996,1000,1000,1000&tos=511,485,4,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697751513710&rpt=488&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 21:38:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=915655917996392&bg=!ZmWlZSrNAAbFpEfJ5aQ7ADQBe5WfOBQ0CEHjld6BWHqSCgstB7Y-PG54qVupeZBzPHRL9tcam9eFvfXoi4A3tY5U-lOnAgAAAE1SAAAAB2gBB5kC8cjq2q8PzKGaFk0tvCwcXIl8xQnMWdTov3oZUDgstS_I3qvmQrsAsGoGYze_CvgOMNvi36qX9S6acICemxCZTfhsKySbGasW1haMCKKEO8YXNl7CZhXaoXbEWmeZNUxlEs_HIjFOWbtLqpZv-9aTZ_WFjwKKy81_vBR27wIHG0IIK-5KfHc8FmANF5Nn-q_hwETlV9nAdLRYOkdS0fThb86N-wrZfFZvK69EWd26HqyMJ_8-YuK6KeEUmSZrQDMxixILt3vCh0buVhZ7EOTCG4AMvSsq2X3H9D0UYkqZnZIoUZdF3aeHkZnv3tdeIvp6pj5vgXiSjDSTU4pCeCXEuE7xnVQIdHxahEOG4kWg3GhplyPfdvQ860wsRYsGkqvkwB49FpqkaVyRn8rZjqnbteOKwEBop8LHxrhHwVN0AOPBktzTwmpqOUF9mwk8u7D38ZrMzbOlqUiGVq6OhEtdF0PiLyijne69Q2rUiRI2jG3iecaCdjUVrEI0GfIrAEGtIlVMDEkWn-di5dyWxDTsKh-7l0_bcq42gIFWYLcmx4Opx62EwjeVXNWLsqgFnO10hvQlYp1Es6Xje5hKh1z6_RI_Vt1RrqiuGIyE_kfo6pPELKzGUVdOF9yiI8gviimcrKcKAaYJvISWYNhOyO4Pwy7D8CkyiLv__NLh2sbJ2jLOMny7xbRzWMOAKPo8M9GqSCbtREgvtZh5XJ2SrLAONcbWcqf2dQ7p85nOsbDIuDXfw2hTOF5yGR0guVrAfzHDYpOW0TBJqX7KAe2KBNIAi1zk3sBtKRmcVZsDkXBMx-lDG8-m6lrxegnTAy8Jyu0JnRauFXnMWj8a-jVYst5TRbciXHXt2rhzCR-V6uRYhj-Ybcpi72Pcj135Ii-SFMxGf8IA4WtOq2aCO-dF-I_WbQ63YwSL4yGTchAC4CcCrQ6Zyzb_qNFiumD2Z3AB0zzO-ad3Rkr-BWYVrak5YgldwD84HtLN01OqjMngAK5iQ7RUQw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tsuvod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tsuvod.com/	1970-01-20 15:35:53	Name: __cf_bm Value: 5hEp3bSwPv_eo8g2jey7wUnhrOSBaQ5zHi.Sbj0Vzdk-1697751511-0-AbLDRQNJyE0lfkwFw1Yf2c+NmMWc1grH41Zc3zJ7dwD7miZhgaOxxb//X+Y4661EzKWBzyUKKtEMc495Tzcnh44=
.tsuvod.com/	1970-01-21 01:11:51	Name: _ga Value: GA1.2.712900142.1697751512
.tsuvod.com/	1970-01-20 15:37:17	Name: _gid Value: GA1.2.1633968748.1697751512
.tsuvod.com/	1970-01-20 15:35:51	Name: _gat_gtag_UA_147842154_3 Value: 1
.doubleclick.net/	1970-01-21 00:57:27	Name: IDE Value: AHWqTUnK1SXR7m4CceVTVHzXOVCVGACzMvWNruFNQ4PI_5cOjhpZ6OEYZImxU2er
.tsuvod.com/	1970-01-21 00:57:27	Name: __gads Value: ID=cb918458b2155c6f:T=1697751512:RT=1697751512:S=ALNI_MZZAMGP92fWIrk2xMKAKR1-hrR1ag
.tsuvod.com/	1970-01-21 00:57:27	Name: __gpi Value: UID=00000c9cb741b656:T=1697751512:RT=1697751512:S=ALNI_MYomJFWqX0CUbHpiYtws8FpdkxDSw
.adnxs.com/	1970-01-20 17:45:27	Name: uuid2 Value: 5634635390419936034
.tsuvod.com/	1970-01-21 01:11:51	Name: _ga_XNGQ8JGJQG Value: GS1.1.1697751512.1.0.1697751513.0.0.0
.casalemedia.com/	1970-01-21 00:21:27	Name: CMID Value: ZTGh2U9.BWEzHFWEa6t08QAA
.casalemedia.com/	1970-01-20 17:45:27	Name: CMPS Value: 5157
.casalemedia.com/	1970-01-20 17:45:27	Name: CMPRO Value: 5157
.adnxs.com/	1970-01-20 17:45:27	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUbc']>G!1yIE`fS1ueD1W-044)d+]UgS(r1xSVZ<>@uJ8Wr0'g^pzS2r1[JdG_)F/@%nugO%v4VB%nm3#!_i_
.doubleclick.net/	1970-01-20 15:35:55	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s0.2mdn.net/sadbundle/10618363914229878105/null Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s0.2mdn.net
static-cdn.jtvnw.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tsuvod.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.26.193
172.217.18.2
2001:4860:4802:32::36
216.58.212.130
2600:9000:214f:a200:19:f28c:cd92:c761
2606:4700:7::60
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:400c:c06::9d
2a06:98c1:58::60
37.252.171.52
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
00ce52e32d6924c5175a494ff03bb772dd02708dfa17634085fd689167a702eb
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04a4c5769659af4f8fafabcff4950e2b721ef7a4e9232bc8bd19704de13534ba
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ede987abf2dc14fa367e0a7c694ca7b6f29bc2b9920870e333838fa8f734552
2c7f84c55975ad44f4a87a9e2710935653201b18205b9d494514eb73b92c1f0e
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3111806974fc70573a1c72d3088b25623b31fa3b519d2565c50cfe4665a34689
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
4a4da9ca1a989cdab1e75a203d6b629de5d4e023f32b84f92f7f1c52335324e4
4b2608ba29aae3440e1ee08e892b1a2191189f03f7ea144b3a717b34c9b625c4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b4a14b786d732120ec82522e5f612bdfb0a4d673b706ce052b8efc8bcc8a3b
517f5fe8fe1a2f1b4c45326787ebf50fd136ce146698959601b0078a84347af0
5553ccfe39c6b30c67e38d1399802a98e3ac15c1444660a38007a50369efaaf7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60fd40a24072d26141650cccf34c71ca2756e9d55fd5509550853829c60701a0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627f2717fe78d7c04c7a73ffccf68eaaf1a1a0c347fb7bf7d0159d4ebe085f69
659a3aaf601fcc45f2faabcd398243ad9a68dcb24305c453ba3dde8b7c51bbcc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f36f1d9a3f924695d7c58d033a9cdab8fca54f847cbc99273d4096a6c9bebc7
6f4a8043600c55651ade0994c60480071a17d00879a622bb8af018eaed73e64d
78ca3c70412c05c4b4f4c5bf4697c4fe0427fe37044bcb45e78a88f2e6a7afb2
795e4f3561fba5717cedc8e2da98e8a041e6b13ba88036af9eb2fae4f8e5c0bb
8e41a908094eefdd2897b4044ac0fad81e74941710adea959ef31ace9b15aa06
8edc5ebc4bdace33d87a8462820bfff012348481b5c0161461d059abcfc28ca0
90fd60f745e51ae0ad16d8c763a67fc7de2d2a48b6f7daaabca7131a4f8c3812
98fefe7f547279bd255dc14dc672ff50e5b5d330f6ae9d2fc3b0784be4b40de4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a303d5b5a4e89307f3aacc3a082632f4b00e49da64b7301eb2ceba8c85a4e4d6
a4c54a2ffe767cd686f241410801324b88e7d9eedf5fa9ef6bc64da117608920
a684cd27db606afb776c8295be819e4a33ab6c25d89f4e67db29cc533fb2a04f
a8fc3a2c0344f3d94710d0c33a7c5eea990eee8cf472d014231fb1c52aa6afc6
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b818906927e5c304e330d70558c1a565aa7ede1e440b3ed6acf8ebb2387d1a31
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1e727a84240426f8d2b2c53c4bd8043e93ef401ebbb2d258f21cfdcb728c960
d3821e5d0021bb686b73274cedadb4ea02d22cc4913de55e951dc5ac79fdc0f8
d3c4d79ecff1880bc6a09ab82f1a9957925dd5beaf88449935153d1e39c38f47
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d84c837d265de33eca62f66088b2cfc3a90fe0c43654f9c7babc1b8588b6b6e9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8976d366405ea7bd3432bf5d521e47f2fc38adcae4b8c10488599edafc65760
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

tsuvod.com Open in urlscan Pro 2a06:98c1:58::60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

95 %HTTPS

80 %IPv6

14 Domains

19 Subdomains

20 IPs

4 Countries

2094 kBTransfer

4803 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tsuvod.com Open in urlscan Pro
2a06:98c1:58::60 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

95 %
HTTPS

80 %
IPv6

14
Domains

19
Subdomains

20
IPs

4
Countries

2094 kB
Transfer

4803 kB
Size

14
Cookies

78 HTTP transactions
3 data transactions