dideva.alle.bg Open in urlscan Pro
52.209.140.2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dideva.alle.bg/%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B...
Submission Tags: falconsandbox
Submission: On May 22 via api (May 22nd 2022, 2:23:24 pm UTC) from US — Scanned from DE

Summary HTTP 97 Redirects Links 97 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 11 domains to perform 97 HTTP transactions. The main IP is 52.209.140.2, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is dideva.alle.bg.
TLS certificate: Issued by R3 on March 1st 2022. Valid for: 3 months.

This is the only time dideva.alle.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.209.140.2 52.209.140.2	16509 (AMAZON-02) (AMAZON-02)
3	18.156.188.218 18.156.188.218	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
97	19

2 52.209.140.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-140-2.eu-west-1.compute.amazonaws.com

dideva.alle.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.188.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-188-218.eu-central-1.compute.amazonaws.com

cdn4.amcn.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	319 KB
18	gstatic.com www.gstatic.com ssl.gstatic.com fonts.gstatic.com	849 KB
18	google.com 3 redirects drive.google.com — Cisco Umbrella Rank: 318 adservice.google.com — Cisco Umbrella Rank: 74 apis.google.com — Cisco Umbrella Rank: 100 www.google.com — Cisco Umbrella Rank: 7	2 MB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	85 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 content.googleapis.com — Cisco Umbrella Rank: 1808	6 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	125 KB
3	amcn.in cdn4.amcn.in	65 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7678	914 B
2	alle.bg dideva.alle.bg	52 KB
1	googleusercontent.com lh5.googleusercontent.com — Cisco Umbrella Rank: 145	399 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	640 B
97	11

	Domain	Requested by
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	www.gstatic.com	drive.google.com googleads.g.doubleclick.net www.gstatic.com
10	pagead2.googlesyndication.com	dideva.alle.bg pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
8	drive.google.com	dideva.alle.bg www.gstatic.com
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	drive.google.com googleads.g.doubleclick.net
4	www.google.com	3 redirects tpc.googlesyndication.com
4	apis.google.com	www.gstatic.com content.googleapis.com apis.google.com
3	content.googleapis.com	apis.google.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	cdn4.amcn.in	dideva.alle.bg
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	dideva.alle.bg	dideva.alle.bg
1	lh5.googleusercontent.com	www.gstatic.com
1	ssl.gstatic.com	www.gstatic.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
97	18

This site contains links to these domains. Also see Links.

Domain
www.mon.bg
smg.bg
www.pmg-blg.com
pmgbs.com
mgberon.com
oupe-vt.com
pmg-vd.org
pmg-vratsa.org
www.pmg-gabrovo.bg
pmg-dobrich.com
www.pmgkn.com
pmg-lovech.com
www.pmgmontana.com
mgpz.org
drive.google.com
www.pleven-mg.com
omg-bg.com
www.pmgrz.net
www.mg-babatonka.bg
pmg-silistra.com
pmg-sliven.com
pmg-smolyan.org
www.pmgsz.org
pmg-haskovo.org
pmg.icon.bg
mgyambol.com
ruo-sofia-grad.com
rio-blg.com
ppmg-botevgrad.bg
docs.google.com
ruo-varna.bg
riovt.org
www.pmgdimitrovgrad.net
forms.gle
pmgkk.com
pmg-pernik.com
forms.office.com
www.omg-bg.com
abv.bg
www.pmg-haskovo.org
www.ruobg.com
alle.bg

Subject Issuer	Validity	Valid
*.alle.bg R3	`2022-03-01` - `2022-05-30`	3 months	crt.sh
cdn4.amcn.in R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://dideva.alle.bg/%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BD%D0%BC%D1%81-%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0-%D0%B7%D0%B0-%D0%B2%D1%81%D0%B5%D0%BA%D0%B8/%D0%BC%D0%B2%D1%81-2021/
Frame ID: DE5DE428A408EA6C09D6DF286E5D542B
Requests: 20 HTTP requests in this frame

Frame: https://drive.google.com/file/d/19nO-qDE0VzVa3Hx26uFSfWEicpjBsbRA/preview?usp=sharing
Frame ID: 720596984D3BED0BE6CF41C21D1BEE4E
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: 8390A34E34C715358FB5BF48377F647D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&adk=1812271804&adf=3025194257&lmt=1653229399&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdideva.alle.bg%2F%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D1%2587%25D0%25B5%25D1%2581%25D0%25BA%25D0%25B8-%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BD%25D0%25BC%25D1%2581-%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25BA%25D0%25B0-%25D0%25B7%25D0%25B0-%25D0%25B2%25D1%2581%25D0%25B5%25D0%25BA%25D0%25B8%2F%25D0%25BC%25D0%25B2%25D1%2581-2021%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653229399490&bpp=2&bdt=154&idt=69&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1118969634799&frm=20&pv=2&ga_vid=741736441.1653229400&ga_sid=1653229400&ga_hid=1999809175&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531557%2C44761043%2C31064018&oid=2&pvsid=1020458733677912&pem=712&tmod=232761319&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=84
Frame ID: 203B71E2195DCD9241FB06F5F0D45489
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&h=600&slotname=1952520136&adk=1531912847&adf=1950255931&pi=t.ma~as.1952520136&w=160&fwrn=4&fwrnh=100&lmt=1653229399&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fdideva.alle.bg%2F%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D1%2587%25D0%25B5%25D1%2581%25D0%25BA%25D0%25B8-%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BD%25D0%25BC%25D1%2581-%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25BA%25D0%25B0-%25D0%25B7%25D0%25B0-%25D0%25B2%25D1%2581%25D0%25B5%25D0%25BA%25D0%25B8%2F%25D0%25BC%25D0%25B2%25D1%2581-2021%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653229399492&bpp=2&bdt=156&idt=89&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1118969634799&frm=20&pv=1&ga_vid=741736441.1653229400&ga_sid=1653229400&ga_hid=1999809175&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1420&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531557%2C44761043%2C31064018&oid=2&pvsid=1020458733677912&pem=712&tmod=232761319&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GVxPcYvihv&p=https%3A//dideva.alle.bg&dtd=93
Frame ID: 82D9996A3ECC232708E480C20CC45F74
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3B4F55BFE07070DB3AB737D0EC8C035F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 235872DBD13987AF74CAE202C8038B11
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C04B1CCF7DE2224909800001D5FFE346
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 81F727E806AF484D5828D3C5CD481094
Requests: 7 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.BYmJjssVfqI.O%2Fd%3D1%2Frs%3DAHpOoo80_DzWbqWOZXEixUAk9-Z2HYlC7A%2Fm%3D__features__
Frame ID: E634BDF23ADF8F0C9FAA0841C56DEB71
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4C8EBF6516B2125058F07943B69B3AD5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D65365A6B3268A07A69686AD8D53CD40
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F79B305E4C7A90E04D80EE204628F3B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AA7C970614FAFE1161724138FF21FB90
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Национално математическо състезание " Математика за всеки" ( МВС) - 2021

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

97
Requests

96 %
HTTPS

83 %
IPv6

11
Domains

18
Subdomains

19
IPs

3
Countries

4059 kB
Transfer

10555 kB
Size

4
Cookies

97 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mon.bg/upload/25961/Sast_Matematika_za_Vseki.pdf
Title: Регламент на националното състезание „Математика за всеки“

Search URL Search Domain Scan URL

URL: https://smg.bg/wp-content/uploads/2021/05/30-MatZaVs-2021-web.pdf
Title: Резултати СОФИЯ-ГРАД

Search URL Search Domain Scan URL

URL: https://www.pmg-blg.com/images/MO/Matematika/2020_2021/result_matematika%20za%20vseki.pdf
Title: БЛАГОЕВГРАД

Search URL Search Domain Scan URL

URL: https://pmgbs.com/wp-content/uploads/2021/05/10-%D1%80%D0%B5%D0%B7%D1%83%D0%BB%D1%82%D0%B0%D1%82%D0%B8-%D0%9C%D0%B7%D0%92-%D1%81%D0%B0%D0%B9%D1%82.pdf
Title: БУРГАС

Search URL Search Domain Scan URL

URL: https://mgberon.com/content/uploads/2021/05/rez_Mat_za_vseki_2021MGVn.pdf
Title: ВАРНА

Search URL Search Domain Scan URL

URL: http://oupe-vt.com/wp-content/uploads/2021/05/%D0%9C%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0-%D0%B7%D0%B0-%D0%B2%D1%81%D0%B5%D0%BA%D0%B8.pdf
Title: ВЕЛИКО ТЪРНОВО

Search URL Search Domain Scan URL

URL: https://pmg-vd.org/wp-content/uploads/2021/05/ProtokolrezultatiMV.pdf
Title: ВИДИН

Search URL Search Domain Scan URL

URL: http://pmg-vratsa.org/files/PMG20-21/Priem/5Klass/rezultati.pdf
Title: ВРАЦА

Search URL Search Domain Scan URL

URL: https://www.pmg-gabrovo.bg/images/pdf/2020/prot_rez_mb.pdf
Title: ГАБРОВО

Search URL Search Domain Scan URL

URL: http://pmg-dobrich.com/wp-content/uploads/2021/05/MatematikaAll.jpg
Title: ДОБРИЧ

Search URL Search Domain Scan URL

URL: http://www.pmgkn.com/index.php/%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%B8-%D0%B7%D0%B0-%D0%B8%D0%B7%D1%82%D0%B5%D0%B3%D0%BB%D1%8F%D0%BD%D0%B5/category/6-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F-%D0%B8-%D0%BE%D0%BB%D0%B8%D0%BC%D0%BF%D0%B8%D0%B0%D0%B4%D0%B8?download=652:%D1%80%D0%B5%D0%B7%D1%83%D0%BB%D1%82%D0%B0%D1%82%D0%B8-%D0%BE%D1%82-%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D0%BD%D0%BE-%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D0%B5-%E2%80%9E%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0-%D0%B7%D0%B0-%D0%B2%D1%81%D0%B5%D0%BA%D0%B8%E2%80%9C-%E2%80%93-2021
Title: КЮСТЕНДИЛ

Search URL Search Domain Scan URL

URL: https://pmg-lovech.com/documents/Klasirane_IV.pdf
Title: ЛОВЕЧ

Search URL Search Domain Scan URL

URL: http://www.pmgmontana.com/pmgnewsite/index.php/olimpiadi-i-sastezaniya/722-rezultati-ot-matematichesko-sastezanie-matematika-za-vseki-za-uchenitzi-ot-iv-klas-uchebna-2020-2021-godina
Title: МОНТАНА

Search URL Search Domain Scan URL

URL: https://mgpz.org/wp-content/uploads/2021/05/Rezultati2.pdf
Title: ПАЗАРДЖИК

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1eTY6y5W73qrgcyAhtgsVS-Ln6RSjOm_H/view
Title: ПЕРНИК

Search URL Search Domain Scan URL

URL: http://www.pleven-mg.com/images/templates/dd_speedtruck_109/images/files/pdf/Priem/rezultati26052021.pdf
Title: ПЛЕВЕН

Search URL Search Domain Scan URL

URL: http://omg-bg.com/files/2020_21/dokumenti/mat_vseki_rezult_sajt_2021.pdf
Title: ПЛОВДИВ

Search URL Search Domain Scan URL

URL: https://www.pmgrz.net/images/za_ychenitcite/sustezaniq/matematika_za_vseki_1_Page_1.jpg
Title: РАЗГРАД

Search URL Search Domain Scan URL

URL: http://www.mg-babatonka.bg/e107_files/downloads/Protokol_MZV.pdf
Title: РУСЕ

Search URL Search Domain Scan URL

URL: http://pmg-silistra.com/uploads/menus/Rezyltati-ot-Matematika-za-vseki/%D0%9F%D1%80%D0%BE%D1%82%D0%BE%D0%BA%D0%BE%D0%BB_%D0%9C%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0_%D0%B7%D0%B0_%D0%B2%D1%81%D0%B5%D0%BA%D0%B8_%D1%80%D0%B5%D0%B7%D1%83%D0%BB%D1%82%D0%B0%D1%82%D0%B8.pdf
Title: СИЛИСТРА

Search URL Search Domain Scan URL

URL: http://pmg-sliven.com/bg/matematika/ProtokolMatVseki21.pdf
Title: СЛИВЕН

Search URL Search Domain Scan URL

URL: http://pmg-smolyan.org/work/2021/5/protokol_matematika_za_vseki.pdf
Title: СМОЛЯН

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1TFlm67yPX_6ufbhbR8evox_QkpPjj71F/view
Title: СОФИЯ-ОБЛАСТ

Search URL Search Domain Scan URL

URL: http://www.pmgsz.org/adm/doc/MathForAll2021Res.pdf
Title: СТАРА ЗАГОРА

Search URL Search Domain Scan URL

URL: http://pmg-haskovo.org/article_images/source/2020%20-%202021/Protokol%20Sastezanie%20Matematika%20za%20vseki.pdf
Title: ХАСКОВО

Search URL Search Domain Scan URL

URL: http://pmg.icon.bg/new/MatZaVseki2021.pdf
Title: ШУМЕН

Search URL Search Domain Scan URL

URL: https://mgyambol.com/docs/%D0%9C%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B7%D0%B0%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8-%D0%BF%D1%80%D0%BE%D1%82%D0%BE%D0%BA%D0%BE%D0%BB.pdf
Title: ЯМБОЛ

Search URL Search Domain Scan URL

URL: https://pmgbs.com/wp-content/uploads/2021/05/2-%D0%98%D0%9D%D0%A1%D0%A2%D0%A0%D0%A3%D0%9A%D0%A2%D0%90%D0%96-%D0%B7%D0%B0-%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D0%BA%D0%B0-1.pdf?fbclid=IwAR0UAggiQLbYWM5jqdsEjUjeGlnUNSW0ImcyoltS_WOKxoo6Ps2S3824Cio
Title: Инструктаж за ученика

Search URL Search Domain Scan URL

URL: https://smg.bg/priem-sled-4-klas-novini/2021/05/13/5011/%d0%bc%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d1%82%d0%b8%d0%ba%d0%b0-%d0%b7%d0%b0-%d0%b2%d1%81%d0%b5%d0%ba%d0%b8-2021-%d1%80%d0%b0%d0%b7%d0%bf%d1%80%d0%b5%d0%b4%d0%b5%d0%bb%d0%b5%d0%bd%d0%b8/
Title: Разпределение по училища и стаи - София

Search URL Search Domain Scan URL

URL: http://www.pmg-blg.com/images/MO/Matematika/2020_2021/matematika%20za%20vseki%202021.pdf
Title: Разпределение по стаи - Благоевград

Search URL Search Domain Scan URL

URL: https://pmgbs.com/wp-content/uploads/2021/05/1-%D0%A0%D0%B0%D0%B7%D0%BF%D1%80%D0%B5%D0%B4%D0%B5%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5-%D0%BF%D0%BE-%D1%81%D1%82%D0%B0%D0%B8-%D0%9C%D0%B7%D0%92-15.05.2021.pdf
Title: Разпределение по стаи - Бургас

Search URL Search Domain Scan URL

URL: https://mgberon.com/content/uploads/2021/05/MS_MatZaVseki_2021MGVn__.pdf
Title: Разпределение по стаи - Варна

Search URL Search Domain Scan URL

URL: http://omg-bg.com/files/2020_21/dokumenti/math_vseki_zali_sayt.pdf
Title: Разпределение по стаи - Пловдив

Search URL Search Domain Scan URL

URL: https://mgyambol.com/docs/%D0%9C%D0%92_2021_%D0%B7%D0%B0%D1%8F%D0%B2%D0%BA%D0%B8_%D0%B7%D0%B0%D0%BB%D0%B8.pdf
Title: Разпределение по стаи - Ямбол

Search URL Search Domain Scan URL

URL: http://ruo-sofia-grad.com/%d1%81%d1%8a%d1%81%d1%82%d0%b5%d0%b7%d0%b0%d0%bd%d0%b8%d0%b5-%d0%bc%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d1%82%d0%b8%d0%ba%d0%b0-%d0%b7%d0%b0-%d0%b2%d1%81%d0%b5%d0%ba%d0%b8-%d0%b7%d0%b0/
Title: СОФИЯ-ГРАД - СМГ " Паисий Хилендарски"

Search URL Search Domain Scan URL

URL: https://smg.bg/priem-sled-4-klas-novini/2021/04/20/4894/%d0%bc%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d1%82%d0%b8%d0%ba%d0%b0-%d0%b7%d0%b0-%d0%b2%d1%81%d0%b5%d0%ba%d0%b8-%d0%b7%d0%b0-%d1%83%d1%87%d0%b5%d0%bd%d0%b8%d1%86%d0%b8-%d0%be%d1%82-iv-%d0%ba%d0%bb%d0%b0/
Title: Информация от сайта на СМГ " Паисий Хилендарски"

Search URL Search Domain Scan URL

URL: https://smg.bg/novini/
Title: https://smg.bg/novini/

Search URL Search Domain Scan URL

URL: https://rio-blg.com/%d1%81%d1%8a%d1%81%d1%82%d0%b5%d0%b7%d0%b0%d0%bd%d0%b8%d1%8f/
Title: БЛАГОЕВГРАД

Search URL Search Domain Scan URL

URL: https://ppmg-botevgrad.bg/%d0%bf%d1%80%d0%b8%d0%b5%d0%bc-5-%d0%ba%d0%bb%d0%b0%d1%81/
Title: БОТЕВГРАД -ППМГ "Акад. проф. д-р Асен Златаров“

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1RIRs9Us_ILrYjqFKO8HYyteZAGLSn82y/view?usp=sharing

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1yWsJSYfbxdFTBf7CYUL_Y_-ivnKTEd2s/view?usp=sharing
Title: декларация за информирано съгласие

Search URL Search Domain Scan URL

URL: https://pmgbs.com/?p=10676
Title: БУРГАС - ППМГ„Акад. Никола Обрешков"

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSdNP5Zyx4ftk2TQSCCeRocIhqBv1baJNP_GQmyKGqL41vjkkg/viewform?usp=sf_link
Title: https://docs.google.com/forms/d/e/1FAIpQLSdNP5Zyx4ftk2TQSCCeRocIhqBv1baJNP_GQmyKGqL41vjkkg/viewform?usp=sf_link

Search URL Search Domain Scan URL

URL: http://ruo-varna.bg/index.php?option=com_content&view=article&id=118&Itemid=106
Title: ВАРНА - МГ „ Д-р Петър Берон“

Search URL Search Domain Scan URL

URL: https://riovt.org/%d0%be%d0%bb%d0%b8%d0%bc%d0%bf%d0%b8%d0%b0%d0%b4%d0%b8-%d0%b8-%d1%81%d1%8a%d1%81%d1%82%d0%b5%d0%b7%d0%b0%d0%bd%d0%b8%d1%8f/
Title: ВЕЛИКО ТЪРНОВО - ОУ „Св. Патриарх Евтимий

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/13mWaOZl2tqlzOQbqOxrqZHCyYM7w8iZE/view?usp=sharing
Title: информация

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1COpVPst_v07TN1BpmkThLzaqGn-RZo--/view?usp=sharing
Title: заявление

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1pLaT4Xi5NXg8auFkHRogshjjW9hRgWUz/view?usp=sharing
Title: декларация

Search URL Search Domain Scan URL

URL: http://pmg-vratsa.org/index.php/2014-04-08-19-03-51/iv/1050-2021-04-16-17-45-11
Title: ВРАЦА - ППМГ „Акад. Ив. Ценов“

Search URL Search Domain Scan URL

URL: https://www.pmg-gabrovo.bg/%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/%D0%B0%D0%BA%D1%82%D1%83%D0%B0%D0%BB%D0%BD%D0%B8-%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/404-%D0%B7%D0%B0-%D0%B2%D0%B0%D1%81-%D1%87%D0%B5%D1%82%D0%B2%D1%8A%D1%80%D1%82%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D0%BD%D0%B8%D1%86%D0%B8-%D0%B2%D0%B0%D0%B6%D0%BD%D0%BE.html
Title: ГАБРОВО – ПМГ "Академик Иван Гюзелев"

Search URL Search Domain Scan URL

URL: https://www.pmg-gabrovo.bg/images/mat_za_vseki_deklaracia.pdf
Title: Заявление за участие в състезанието

Search URL Search Domain Scan URL

URL: https://www.pmgdimitrovgrad.net/novini/%d0%b7%d0%b0-%d1%83%d1%87%d0%b5%d0%bd%d0%b8%d1%86%d0%b8%d1%82%d0%b5-%d0%be%d1%82-%d1%96v-%d0%ba%d0%bb%d0%b0%d1%81/
Title: ДИМИТРОВГРАД - ПМГ „Иван Вазов“

Search URL Search Domain Scan URL

URL: http://pmg-dobrich.com/apply-after-4th-grade/
Title: ДОБРИЧ - ПМГ „Иван Вазов“

Search URL Search Domain Scan URL

URL: https://forms.gle/rQbQ9rAAW6o22fjj7
Title: https://forms.gle/rQbQ9rAAW6o22fjj7

Search URL Search Domain Scan URL

URL: https://pmgkk.com/page_1/news_and_mesage.html
Title: КАЗАНЛЪК - ППМГ„ Никола Обрешков"

Search URL Search Domain Scan URL

URL: https://pmgkk.com/page_1/documents/priem_4_klas/2021/%D0%97%D0%B0%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%9C%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B7%D0%B0%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8.pdf
Title: Заявление

Search URL Search Domain Scan URL

URL: https://pmgkk.com/page_1/documents/priem_4_klas/2021/%D0%94%D0%B5%D0%BA%D0%BB%D0%B0%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20%D0%9C%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B7%D0%B0%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8.pdf
Title: Декларация

Search URL Search Domain Scan URL

URL: http://www.pmgkn.com/index.php/%D0%B0%D0%BA%D1%82%D1%83%D0%B0%D0%BB%D0%BD%D0%B0-%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D1%8F/%D1%81%D1%8A%D0%BE%D0%B1%D1%89%D0%B5%D0%BD%D0%B8%D1%8F/717-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D1%86%D0%B8-%D0%BE%D1%82-%D1%96v-%D0%BA%D0%BB%D0%B0%D1%81
Title: КЮСТЕНДИЛ – ПМГ „ Проф. Емануил Иванов“

Search URL Search Domain Scan URL

URL: http://www.pmgkn.com/index.php/%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%B8-%D0%B7%D0%B0-%D0%B8%D0%B7%D1%82%D0%B5%D0%B3%D0%BB%D1%8F%D0%BD%D0%B5/category/49-%D1%84%D0%BE%D1%80%D0%BC%D1%83%D0%BB%D1%8F%D1%80%D0%B8?download=608:%D0%B7-%D0%B0-%D1%8F-%D0%B2-%D0%BB-%D0%B5-%D0%BD-%D0%B8-%D0%B5-%D0%B7%D0%B0-%D1%83%D1%87%D0%B0%D1%81%D1%82%D0%B8%D0%B5-%D0%B2-%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F-%D0%B7%D0%B0-%D1%83%D1%87%D0%B5%D0%BD%D0%B8%D1%86%D0%B8-%D0%BE%D1%82-%D1%96v-%D0%BA%D0%BB%D0%B0%D1%81-%D0%BF%D1%80%D0%B5%D0%B7-%D1%83%D1%87%D0%B5%D0%B1%D0%BD%D0%B0%D1%82%D0%B0-2020-2021-%D0%B3%D0%BE%D0%B4%D0%B8%D0%BD%D0%B0
Title: Заявление и декларация

Search URL Search Domain Scan URL

URL: http://www.pmgmontana.com/pmgnewsite/index.php/novini/716-proletno-sastezanie-za-uchenitzi-ot-iv-klas
Title: МОНТАНА - ПМПГ „Св. Климент Охридски”

Search URL Search Domain Scan URL

URL: http://www.pmgmontana.com/pmgnewsite/files/deklaracia_zaiavka_PMS4.docx
Title: Декларация и заявка за участие може да свалите оттук.

Search URL Search Domain Scan URL

URL: https://mgpz.org/%d1%81%d1%8a%d1%81%d1%82%d0%b5%d0%b7%d0%b0%d0%bd%d0%b8%d1%8f-%d0%bf%d0%be-%d0%bc%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d1%82%d0%b8%d0%ba%d0%b0-%d0%b7%d0%b0-%d1%83%d1%87%d0%b5%d0%bd%d0%b8%d1%86%d0%b8%d1%82/
Title: ПАЗАРДЖИК – ПМГ „ Константин Величков“

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1CBauRCsEBilMtdSMiRnhVPOjtKbdOXDT/view?usp=sharing
Title: Декларация за информирано съгласие

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1wh9qI9zM0VdQKpqUrljbuRuN-9cgSWt1/view?usp=sharing
Title: Заявление за участие

Search URL Search Domain Scan URL

URL: https://pmg-pernik.com/%d0%bc%d0%b0%d1%82%d0%b5%d0%bc%d0%b0%d1%82%d0%b8%d1%87%d0%b5%d1%81%d0%ba%d0%be-%d1%81%d1%8a%d1%81%d1%82%d0%b5%d0%b7%d0%b0%d0%bd%d0%b8%d0%b5-%d0%b7%d0%b0-%d1%83%d1%87%d0%b5%d0%bd%d0%b8%d1%86%d0%b8/
Title: ПЕРНИК – ПМГ „ Христо Смирненски“

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1Us5eZc_YJaupWb0FZHhdhA6QgHaCg3te/view?usp=sharing
Title: тук

Search URL Search Domain Scan URL

URL: http://www.pleven-mg.com/index.php/novini.html
Title: ПЛЕВЕН - МГ " Гео Милев"

Search URL Search Domain Scan URL

URL: https://forms.office.com/Pages/ResponsePage.aspx?id=5a7Vp_9obkeeTrIB_95RbrkpcsTzI5tNmR2uCgOJYHxUOVJEU1JFNFFYMVNOMzVXNUpQU0NWM0tTOS4u
Title: тук

Search URL Search Domain Scan URL

URL: http://www.pleven-mg.com/images/templates/dd_speedtruck_109/images/files/pdf/deklaraciqMZV.docx
Title: декларация за информираност и съгласие за публикуване на резултатите

Search URL Search Domain Scan URL

URL: http://www.omg-bg.com/
Title: ПЛОВДИВ – МГ „ Академик Кирил Попов“

Search URL Search Domain Scan URL

URL: http://omg-bg.com/files/2020_21/zaiavlenie_uchastie__2021_4kl.pdf
Title: - тук

Search URL Search Domain Scan URL

URL: http://omg-bg.com/files/2020_21/deklaraciq_roditel__2021.pdf
Title: - тук

Search URL Search Domain Scan URL

URL: https://www.pmgrz.net/
Title: РАЗГРАД - ППМГ„Акад. Никола Обрешков"

Search URL Search Domain Scan URL

URL: http://www.mg-babatonka.bg/news.php?extend.770.2
Title: РУСЕ – МГ „ Баба Тонка“

Search URL Search Domain Scan URL

URL: http://www.mg-babatonka.bg/e107_plugins/content/downloads/Zaqvlenie_MZV_4klas.pdf
Title: Заявление

Search URL Search Domain Scan URL

URL: http://www.mg-babatonka.bg/e107_plugins/content/downloads/Deklaraciq_MZV.pdf
Title: Декларация

Search URL Search Domain Scan URL

URL: http://www.mg-babatonka.bg/e107_plugins/content/downloads/regl-MZV_2020-2021g.pdf
Title: тук

Search URL Search Domain Scan URL

URL: http://pmg-silistra.com/pmg/home
Title: СИЛИСТРА – ПМГ „ Климент Охридски“

Search URL Search Domain Scan URL

URL: http://pmg-silistra.com/pmg/subpage/Dokymenti-10-04-2018-q
Title: http://pmg-silistra.com/pmg/subpage/Dokymenti-10-04-2018-q

Search URL Search Domain Scan URL

URL: https://forms.office.com/Pages/ResponsePage.aspx?id=4PySF1mAhUSIXZdKs0KBUC9JyJxYuLlMuohgFB8ZW8pURUFZQjYySklIQldWNk5WWkdLODZMMEtDUi4u
Title: Формуляр за записване на ученици от 4.клас за участие в МС "Математика за всеки"

Search URL Search Domain Scan URL

URL: http://pmg-sliven.com/bg/
Title: СЛИВЕН - ППМГ “Добри П. Чинтулов”

Search URL Search Domain Scan URL

URL: https://forms.gle/o9r2H8hb1XwBmen56
Title: https://forms.gle/o9r2H8hb1XwBmen56

Search URL Search Domain Scan URL

URL: http://pmg-smolyan.org/priem-footer/30-5-klas.html
Title: СМОЛЯН – ППМГ „ Васил Левски“

Search URL Search Domain Scan URL

URL: http://pmg-smolyan.org/work/menu/5klas/matem_za_vseki/zayavlenie_mat_za_vseki.docx
Title: Заявление за участие

Search URL Search Domain Scan URL

URL: http://www.pmgsz.org/Messages/MathAll_2021.pdf
Title: СТАРА ЗАГОРА – ППМГ „ Гео Милев“

Search URL Search Domain Scan URL

URL: http://www.pmgsz.org/Messages/ZayavMathAll2021.pdf
Title: Заявления за участие

Search URL Search Domain Scan URL

URL: http://abv.bg/
Title: pmgsz-data@abv.bg

Search URL Search Domain Scan URL

URL: https://www.pmg-haskovo.org/news/read/id/458
Title: ХАСКОВО – ПМГ „ Акад. Боян Петканчин“

Search URL Search Domain Scan URL

URL: https://www.pmg-haskovo.org/article_images/source/zaiavl-za-MZV-IV-2021.docx
Title: ЗАЯВЛЕНИЕ

Search URL Search Domain Scan URL

URL: https://www.pmg-haskovo.org/article_images/source/dekl_saglasie-MZV-2021.doc
Title: ДЕКЛАРАЦИЯ

Search URL Search Domain Scan URL

URL: http://pmg.icon.bg/index.php
Title: ШУМЕН - ППМГ "Нанчо Попович"

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSd4MSwueWT9-m7sDV2iVhHQ-bszKvjXd4i2FsZJRMQCBdWcfA/viewform?usp=sf_link
Title: ТУК

Search URL Search Domain Scan URL

URL: http://pmg.icon.bg/new/ZaqvlenieMV4klas.docx
Title: заявление

Search URL Search Domain Scan URL

URL: http://pmg.icon.bg/new/DeklaraciqMV4klas.pdf
Title: декларация

Search URL Search Domain Scan URL

URL: https://mgyambol.com/%D0%BA%D0%B0%D0%BD%D0%B4%D0%B8%D0%B4%D0%B0%D1%82%D1%81%D1%82%D0%B2%D0%B0%D0%BD%D0%B5/v-%D0%BA%D0%BB%D0%B0%D1%81/articledisplay/%D1%81%D1%8A%D0%BE%D0%B1%D1%89%D0%B5%D0%BD%D0%B8%D0%B5-%D0%B7%D0%B0-%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D0%B6%D0%B4%D0%B0%D0%BD%D0%B5-%D0%BD%D0%B0-%E2%80%9E%D0%BF%D1%80%D0%BE%D0%BB%D0%B5%D1%82%D0%BD%D0%B8-%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F%E2%80%9C-%D0%B8-%E2%80%9E%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0-%D0%B7%D0%B0-%D0%B2%D1%81%D0%B5%D0%BA%D0%B8%E2%80%9C
Title: ЯМБОЛ – ПМГ „ Атанас Радев“

Search URL Search Domain Scan URL

URL: https://www.ruobg.com/messages/images_28/source/%D0%BF%D0%B0%D0%BF%D0%BA%D0%B0/%D0%97%D0%B0%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B7%D0%B0%20%D1%83%D1%87%D0%B0%D1%81%D1%82%D0%B8%D0%B5.docx
Title: Заявление за участие

Search URL Search Domain Scan URL

URL: https://alle.bg/?-vssource=internal:sitefooter
Title: Уебсайт в Alle.bg

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

97 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dideva.alle.bg/%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0... 335 KB
51 KB 717ms
544ms Document
text/html 52.209.140.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dideva.alle.bg/%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BD%D0%BC%D1%81-%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0-%D0%B7%D0%B0-%D0%B2%D1%81%D0%B5%D0%BA%D0%B8/%D0%BC%D0%B2%D1%81-2021/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.209.140.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-140-2.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9acc3f7efe40ecb575c3608315b98bde8e7c63dd6f3f09cf078989ecf4d47814

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 14:23:19 GMT
link: <https://cdn4.amcn.in/>; rel=preconnect
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H2 200 Open%2BSans.css
cdn4.amcn.in/c/assets/fa0fc04342cf-c5184000-v3125b8a703/ 7 KB
1 KB 50ms
7ms Stylesheet
text/css 18.156.188.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.amcn.in/c/assets/fa0fc04342cf-c5184000-v3125b8a703/Open%2BSans.css
Requested by: Host: dideva.alle.bg
URL: https://dideva.alle.bg/%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BD%D0%BC%D1%81-%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0-%D0%B7%D0%B0-%D0%B2%D1%81%D0%B5%D0%BA%D0%B8/%D0%BC%D0%B2%D1%81-2021/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.188.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-188-218.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c11a9907cb3cf8221604c45e879d60fcd28811011c6b14557d212a6f3d6df156

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:19 GMT
cache-control: public, max-age=5184000
server: nginx
content-encoding: gzip
content-type: text/css;charset=UTF-8

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd0a89078267d32b84d5692634c6b72043ed17846d144d4bb99931e83f4a583d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 6ozewztm82nwpga1kp502ty.png
cdn4.amcn.in/a/dideva.alle.bg/assets/e56777d77490-c999999999/ 37 KB
37 KB 135ms
114ms Image
image/png 18.156.188.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.amcn.in/a/dideva.alle.bg/assets/e56777d77490-c999999999/6ozewztm82nwpga1kp502ty.png
Requested by: Host: dideva.alle.bg
URL: https://dideva.alle.bg/%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BD%D0%BC%D1%81-%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0-%D0%B7%D0%B0-%D0%B2%D1%81%D0%B5%D0%BA%D0%B8/%D0%BC%D0%B2%D1%81-2021/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.188.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-188-218.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9096c9618f2ea5e87abe982a94c7d2811bb17bb11e35a129ee79823fb4ccb908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:19 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 37476
content-type: image/png

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 109 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba46e4241ae942f247b9a7f85b6f4f8100ede038730080380ec82f2a58c729c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
56 KB 52ms
30ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dideva.alle.bg
URL: https://dideva.alle.bg/%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BD%D0%BC%D1%81-%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0-%D0%B7%D0%B0-%D0%B2%D1%81%D0%B5%D0%BA%D0%B8/%D0%BC%D0%B2%D1%81-2021/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67e1aca6cb5b9e0e32a9d5fab2610397d06fc04ea153a9193cdc19df31762080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56429
x-xss-protection: 0
server: cafe
etag: 6841481342643540930
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 22 May 2022 14:23:19 GMT

GET
H2 200 preview Show response
drive.google.com/file/d/19nO-qDE0VzVa3Hx26uFSfWEicpjBsbRA/ Frame 7205 75 KB
24 KB 585ms
535ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/file/d/19nO-qDE0VzVa3Hx26uFSfWEicpjBsbRA/preview?usp=sharing

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5f28b4175798a718987919177cb071f12bf59c523eac281731998d6e609cdef0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2I9Y-VTmaKauaE8ShUsmDA' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dideva.alle.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2I9Y-VTmaKauaE8ShUsmDA' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/
content-type: text/html; charset=utf-8
date: Sun, 22 May 2022 14:23:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: GSE
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, nosnippet
x-xss-protection: 1; mode=block

GET
H2 200 wr2egk6u14copga1rusj7lb.webp
cdn4.amcn.in/a/dideva.alle.bg/assets/c9bab51763d2-w450-c999999999-opng/ 27 KB
28 KB 169ms
168ms Image
image/webp 18.156.188.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.amcn.in/a/dideva.alle.bg/assets/c9bab51763d2-w450-c999999999-opng/wr2egk6u14copga1rusj7lb.webp
Requested by: Host: dideva.alle.bg
URL: https://dideva.alle.bg/%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BD%D0%BC%D1%81-%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0-%D0%B7%D0%B0-%D0%B2%D1%81%D0%B5%D0%BA%D0%B8/%D0%BC%D0%B2%D1%81-2021/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.188.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-188-218.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: abfb1e38bfc0632700d4dcaaae12b40b74c44cea002539ab743be9418077d952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:19 GMT
cache-control: public, max-age=999999999
server: nginx
content-length: 28100
content-type: image/webp

GET
H2 200 -vs.js Show response
dideva.alle.bg/ 2 B
115 B 146ms
146ms Script
text/javascript 52.209.140.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dideva.alle.bg/-vs.js?a=pageview&d=%7B%22url%22%3A%22https%3A%2F%2Fdideva.alle.bg%2F%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D1%2587%25D0%25B5%25D1%2581%25D0%25BA%25D0%25B8-%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BD%25D0%25BC%25D1%2581-%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25BA%25D0%25B0-%25D0%25B7%25D0%25B0-%25D0%25B2%25D1%2581%25D0%25B5%25D0%25BA%25D0%25B8%2F%25D0%25BC%25D0%25B2%25D1%2581-2021%2F%22%7D&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36
Requested by: Host: dideva.alle.bg
URL: https://dideva.alle.bg/%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BD%D0%BC%D1%81-%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0-%D0%B7%D0%B0-%D0%B2%D1%81%D0%B5%D0%BA%D0%B8/%D0%BC%D0%B2%D1%81-2021/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.209.140.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-140-2.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8-%D1%81%D1%8A%D1%81%D1%82%D0%B5%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F/%D0%BD%D0%BC%D1%81-%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0-%D0%B7%D0%B0-%D0%B2%D1%81%D0%B5%D0%BA%D0%B8/%D0%BC%D0%B2%D1%81-2021/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:19 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx
content-length: 2
content-type: text/javascript; charset=UTF-8

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/ 310 KB
111 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8967311918154367&plah=dideva.alle.bg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3933cf1e3ea29583459249d9ef6dee380a056802e2c5d0adb1cb72453d852902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113361
x-xss-protection: 0
server: cafe
etag: 10622115904945827668
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 22 May 2022 14:23:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame 8390 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dideva.alle.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 22:40:59 GMT
etag: 1428802124239944296
expires: Sat, 04 Jun 2022 22:40:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 211 B
640 B 74ms
17ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dideva.alle.bg&callback=_gfp_s_&client=ca-pub-8967311918154367

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8967311918154367&plah=dideva.alle.bg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c42c136907d62c11c783190cbc3d5968e4b927d4fd8597434257968b781c259d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 71ms
20ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dideva.alle.bg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 14:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dideva.alle.bg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 14:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 203B 233 KB
49 KB 437ms
436ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&adk=1812271804&adf=3025194257&lmt=1653229399&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdideva.alle.bg%2F%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D1%2587%25D0%25B5%25D1%2581%25D0%25BA%25D0%25B8-%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BD%25D0%25BC%25D1%2581-%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25BA%25D0%25B0-%25D0%25B7%25D0%25B0-%25D0%25B2%25D1%2581%25D0%25B5%25D0%25BA%25D0%25B8%2F%25D0%25BC%25D0%25B2%25D1%2581-2021%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653229399490&bpp=2&bdt=154&idt=69&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1118969634799&frm=20&pv=2&ga_vid=741736441.1653229400&ga_sid=1653229400&ga_hid=1999809175&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531557%2C44761043%2C31064018&oid=2&pvsid=1020458733677912&pem=712&tmod=232761319&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=84

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a6562ee8f59ed63c768641f3ca21b09ca94b1d144d98123a20169f060008fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dideva.alle.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 49818
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 14:23:20 GMT
expires: Sun, 22 May 2022 14:23:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 82D9 75 KB
22 KB 591ms
591ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&h=600&slotname=1952520136&adk=1531912847&adf=1950255931&pi=t.ma~as.1952520136&w=160&fwrn=4&fwrnh=100&lmt=1653229399&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fdideva.alle.bg%2F%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D1%2587%25D0%25B5%25D1%2581%25D0%25BA%25D0%25B8-%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BD%25D0%25BC%25D1%2581-%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25BA%25D0%25B0-%25D0%25B7%25D0%25B0-%25D0%25B2%25D1%2581%25D0%25B5%25D0%25BA%25D0%25B8%2F%25D0%25BC%25D0%25B2%25D1%2581-2021%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653229399492&bpp=2&bdt=156&idt=89&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1118969634799&frm=20&pv=1&ga_vid=741736441.1653229400&ga_sid=1653229400&ga_hid=1999809175&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1420&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531557%2C44761043%2C31064018&oid=2&pvsid=1020458733677912&pem=712&tmod=232761319&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GVxPcYvihv&p=https%3A//dideva.alle.bg&dtd=93

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d4debe4bd2ff39564c8d630a5994b031a66a8ee733fbc57293cd85c5d6be905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dideva.alle.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 22794
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 14:23:20 GMT
expires: Sun, 22 May 2022 14:23:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 7205 12 KB
1 KB 57ms
24ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/19nO-qDE0VzVa3Hx26uFSfWEicpjBsbRA/preview?usp=sharing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3007792220b169e1cb8b6c70d859f36f9d04b392636dffebaa4708df16b911c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 13:42:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 14:23:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 14:23:20 GMT

GET
H2 200 rs=AO0039um1fRZvfTs7uLpPcaw-lX-6rb63w
www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.0DG94MlWP20.L.W.O/d=0/ Frame 7205 1 MB
181 KB 44ms
15ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.0DG94MlWP20.L.W.O/d=0/rs=AO0039um1fRZvfTs7uLpPcaw-lX-6rb63w

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/19nO-qDE0VzVa3Hx26uFSfWEicpjBsbRA/preview?usp=sharing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28f75c9253a2d1d6569fcd1f757a645f3508a5616ec6b52cab03223deadba29c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 07:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 184286
x-xss-protection: 0
last-modified: Thu, 12 May 2022 01:10:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 07:57:22 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/ 147 KB
52 KB 147ms
147ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205170101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd455b773b66cff4fb7a76cda8a3c94d8741b8db6d47f72e5c5a1edfed0d661b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53590
x-xss-protection: 0
server: cafe
etag: 1039594012652652506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 May 2022 14:23:20 GMT

GET
H3 200 m=v,wb Show response
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=1/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/ Frame 7205 1 MB
426 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=1/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/m=v,wb

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/19nO-qDE0VzVa3Hx26uFSfWEicpjBsbRA/preview?usp=sharing

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563e41d789a87b504222d7e7307c8d1473986b87b8d9d4f29e0f854b8fd11269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 16:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 436409
x-xss-protection: 0
last-modified: Thu, 12 May 2022 03:10:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 16:41:01 GMT

GET
H3 200 rs=AA2YrTsHgfR9b0cqQkUkzGHEl3I7ha1_YQ Show response
www.gstatic.com/og/_/js/k=og.qtm.en_US.lwdlZRS49Hs.O/rt=j/m=qabr,q_dnp,qapid/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ Frame 7205 91 KB
32 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/js/k=og.qtm.en_US.lwdlZRS49Hs.O/rt=j/m=qabr,q_dnp,qapid/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTsHgfR9b0cqQkUkzGHEl3I7ha1_YQ

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/19nO-qDE0VzVa3Hx26uFSfWEicpjBsbRA/preview?usp=sharing

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cd518ede987ff16e745d5f13acba8e6ed0c174403c0849429fdcc4efa2fc8e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 08:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32375
x-xss-protection: 0
last-modified: Mon, 16 May 2022 01:31:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 08:33:48 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.BYmJjssVfqI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo80_DzWbqWOZXEixUAk9-Z2HYlC7A/ Frame 7205 108 KB
37 KB 138ms
111ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.BYmJjssVfqI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo80_DzWbqWOZXEixUAk9-Z2HYlC7A/cb=gapi.loaded_0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.lwdlZRS49Hs.O/rt=j/m=qabr,q_dnp,qapid/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTsHgfR9b0cqQkUkzGHEl3I7ha1_YQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c8627cc01fd4c26677a545914f6f1a9e9021a368c7101a793a8b2db0fbe1af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36725
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 15:16:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 May 2023 14:08:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 82D9 8 KB
891 B 37ms
18ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&h=600&slotname=1952520136&adk=1531912847&adf=1950255931&pi=t.ma~as.1952520136&w=160&fwrn=4&fwrnh=100&lmt=1653229399&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fdideva.alle.bg%2F%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D1%2587%25D0%25B5%25D1%2581%25D0%25BA%25D0%25B8-%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BD%25D0%25BC%25D1%2581-%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25BA%25D0%25B0-%25D0%25B7%25D0%25B0-%25D0%25B2%25D1%2581%25D0%25B5%25D0%25BA%25D0%25B8%2F%25D0%25BC%25D0%25B2%25D1%2581-2021%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653229399492&bpp=2&bdt=156&idt=89&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1118969634799&frm=20&pv=1&ga_vid=741736441.1653229400&ga_sid=1653229400&ga_hid=1999809175&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1420&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531557%2C44761043%2C31064018&oid=2&pvsid=1020458733677912&pem=712&tmod=232761319&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GVxPcYvihv&p=https%3A//dideva.alle.bg&dtd=93

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dafcfb8e5da88fc67a5eb628e432d27437f87fb6e4a47bc308d58ec03d510309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 13:35:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 14:23:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 14:23:20 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 82D9 2 KB
983 B 63ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 14:19:47 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 82D9 21 KB
9 KB 51ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 14:22:09 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 82D9 3 KB
1 KB 60ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 14:21:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82D9 135 KB
42 KB 64ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 14:23:20 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 82D9 17 KB
7 KB 52ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 14:18:20 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 82D9 30 KB
12 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 13:38:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 82D9 0
0 62ms
61ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0LIgV0eKYq6dJ8v-ywXigZ-IB_ywmYFpoc7TkJEQwI23ARABIJjlqSxgleKQgqAHoAH9r-DhAcgBAakCWOMO4LD1tD6oAwGqBMIDT9DRBi7IKyfE06ThW427cqUS8QOHX4A2mspp0a871svepJbhKywI5DIXfWPSjIfbyrWbTFBQUyPdGXOjA6hccr-LhUdv4sI6SqPiFOlFacfQY-QztmxphXwVHPIDQ5O5A0hk_frNs0FnhwfCvqUSwhyMrBXkgK6zG6dJEnGQ2BEP5I7304RukGv9tPDpfFocBPR1bpkWBwUViPxl8OzId0fj1ygy4zhrknz_PJx1EfYzRYaM6f4_ob73xGLESPWeeeyxb86bF2dY0kund_ha5OXoY0xGhY-5u0_LWitO-YDLc93ABa_wm_fjglEVFw1pAKosG9WkoTaRRxXVLtZs9m9t4JUTV6nDLZgwh5OI4h7mpddqwuUqd0NvwgTTq0131OSbx1jWNxAeLQe6GHmWca0ZS1c8YPmgY145I5-7q7ZZCB6Gduprew8GTqTb8he_QEdYLl6xcoYhSoBXSPMu_582l9xFW3BCXw31gSZxZjTkqREReIHwtpzv5xR4YBzSH4WfbAkKpJ6w6-sYQZuA4Oc4qF-_1l4vNN6rv50ZkYfGmluNns4b2BwlRRfZ5fbeYR_eHGZzeZ7PljSDNnOLABLIwATX9Zaf7wOSBQQIBBgBkgUECAUYBIAH68-fngKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCSvhTSCAkIgOGAcBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItODk2NzMxMTkxODE1NDM2NxgA&sigh=lXEieXcjhAU&uach_m=[UACH]&template_id=5020

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&h=600&slotname=1952520136&adk=1531912847&adf=1950255931&pi=t.ma~as.1952520136&w=160&fwrn=4&fwrnh=100&lmt=1653229399&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fdideva.alle.bg%2F%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D1%2587%25D0%25B5%25D1%2581%25D0%25BA%25D0%25B8-%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BD%25D0%25BC%25D1%2581-%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25BA%25D0%25B0-%25D0%25B7%25D0%25B0-%25D0%25B2%25D1%2581%25D0%25B5%25D0%25BA%25D0%25B8%2F%25D0%25BC%25D0%25B2%25D1%2581-2021%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653229399492&bpp=2&bdt=156&idt=89&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1118969634799&frm=20&pv=1&ga_vid=741736441.1653229400&ga_sid=1653229400&ga_hid=1999809175&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1420&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531557%2C44761043%2C31064018&oid=2&pvsid=1020458733677912&pem=712&tmod=232761319&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GVxPcYvihv&p=https%3A//dideva.alle.bg&dtd=93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 22 May 2022 14:23:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 22 May 2022 14:23:20 GMT

GET
DATA 200
OK truncated
/ Frame 82D9 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.BYmJjssVfqI.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo80_DzWbqWOZXEixUAk9-Z2HYlC7A/ Frame 7205 208 KB
71 KB 156ms
155ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.BYmJjssVfqI.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo80_DzWbqWOZXEixUAk9-Z2HYlC7A/cb=gapi.loaded_1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f3b9638865631df44da4b64c23ea31c5db20b273b2389f6983bd748a7c85fdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:12:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72673
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 15:16:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 19:12:34 GMT

GET
H3 200 m=MpJwZc,sy8o,e83Grd,sya6,sybt,s39S4,sy8p,syc5,pw70Gc Show response
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=0/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/ Frame 7205 12 KB
5 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=0/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/m=MpJwZc,sy8o,e83Grd,sya6,sybt,s39S4,sy8p,syc5,pw70Gc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=1/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8eafd7606fdaab559259d5924c3d4fa92618c3ba8e80f56d3ff20b2f1131e2d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 16:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5181
x-xss-protection: 0
last-modified: Thu, 12 May 2022 03:10:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 16:41:03 GMT

GET
H2 200 v-sprite43.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 7205 106 KB
47 KB 121ms
8ms Image
image/svg+xml 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite43.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.0DG94MlWP20.L.W.O/d=0/rs=AO0039um1fRZvfTs7uLpPcaw-lX-6rb63w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9957cdb6efb34b018994223d4317d7ab45f2d7168bcc319f04fa373e23dc8c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47363
x-xss-protection: 0
last-modified: Sat, 05 Mar 2022 00:28:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Mon, 22 May 2023 12:09:16 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 7205 28 KB
28 KB 119ms
10ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drive.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 403780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 22:13:40 GMT

GET
H2 200 Rvt55nMYWwo4iSF2aqEVk7-WFngLOmnbKO1zckenYhhynOXFxqJGGfNyouZ6k5Bj7MoLmTH8oT_ojg=w800-rw Show response
lh5.googleusercontent.com/ Frame 7205 398 KB
399 KB 280ms
184ms XHR
image/webp 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh5.googleusercontent.com/Rvt55nMYWwo4iSF2aqEVk7-WFngLOmnbKO1zckenYhhynOXFxqJGGfNyouZ6k5Bj7MoLmTH8oT_ojg=w800-rw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=1/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/m=v,wb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

70c511d60bf4db9a3c59b3e5528fe646ada9d843f7f350129e708ba21c121bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:20 GMT
x-content-type-options: nosniff
content-disposition: inline;filename="__________ __ _____ 2021.pdf.webp";filename*=UTF-8''%D0%9C%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B7%D0%B0%20%D0%B2%D1%81%D0%B5%D0%BA%D0%B8%202021.pdf.webp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 407510
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/webp
access-control-allow-origin: https://drive.google.com
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
access-control-allow-credentials: true
timing-allow-origin: https://drive.google.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 meta Show response
drive.google.com/viewer2/prod-03/ Frame 7205 625 B
573 B 60ms
30ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/viewer2/prod-03/meta?ck=drive&ds=APznzabaPm9E4ztHEBFgiSF5uD9AVbyJLkewBalyhXXvoz2mf4fyRS4hD9ai2Hs3xDirF6y9HzCEKFL9yAYhAfqe-Tqaj1sCfKFzbyCPNEUZ4V5oPpi89k1b_bqmLqYOilPgpitm_c5qj_vvISSW80HQau5iT8JR8Lc4r4A_wFC6cbNbPzGHNXZwHRBwRzUbbzZotEKPwRUy04J8oTdZH4T8qSJlt-DbrJ0Qqd0uxCWpJlVK9hHpjSqPgEAPEloOVgb3XrLSlRMwBS_2j-4j-QotDA_A4jZ51MT6MopikAc-OrdZHoXoYSMm5HqhKJ1J0efY-Rn-ZZj5U02EAty9XAxfrOHFk7aFVE_CVmF31ySeDUQvJ5mGTmu1Rt0v4oXetDZ0_--g60eV&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=1/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

859f5f7b20ec361cd527751fb2dd9db712c2a4b993b1d73f47167a4442a9707b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m7oL3f52ioEiayy2fOb_gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-m7oL3f52ioEiayy2fOb_gA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
cross-origin-embedder-policy-report-only: require-corp; report-to="AppsViewerFrontendHttp"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AppsViewerFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AppsViewerFrontendHttp/internal"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-m7oL3f52ioEiayy2fOb_gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-m7oL3f52ioEiayy2fOb_gA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 37ms
18ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dideva.alle.bg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 14:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 38ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dideva.alle.bg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 14:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/ Frame 3B4F 10 KB
4 KB 13ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dideva.alle.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 23:12:05 GMT
etag: 1428802124239944296
expires: Sat, 04 Jun 2022 23:12:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/ Frame 2358 10 KB
4 KB 13ms
8ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dideva.alle.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 May 2022 23:12:05 GMT
etag: 1428802124239944296
expires: Sat, 04 Jun 2022 23:12:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C04B 143 B
163 B 13ms
9ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8967311918154367&output=html&h=600&slotname=1952520136&adk=1531912847&adf=1950255931&pi=t.ma~as.1952520136&w=160&fwrn=4&fwrnh=100&lmt=1653229399&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fdideva.alle.bg%2F%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D1%2587%25D0%25B5%25D1%2581%25D0%25BA%25D0%25B8-%25D1%2581%25D1%258A%25D1%2581%25D1%2582%25D0%25B5%25D0%25B7%25D0%25B0%25D0%25BD%25D0%25B8%25D1%258F%2F%25D0%25BD%25D0%25BC%25D1%2581-%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25BA%25D0%25B0-%25D0%25B7%25D0%25B0-%25D0%25B2%25D1%2581%25D0%25B5%25D0%25BA%25D0%25B8%2F%25D0%25BC%25D0%25B2%25D1%2581-2021%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653229399492&bpp=2&bdt=156&idt=89&shv=r20220518&mjsv=m202205170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1118969634799&frm=20&pv=1&ga_vid=741736441.1653229400&ga_sid=1653229400&ga_hid=1999809175&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1420&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531557%2C44761043%2C31064018&oid=2&pvsid=1020458733677912&pem=712&tmod=232761319&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GVxPcYvihv&p=https%3A//dideva.alle.bg&dtd=93
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 14:09:35 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 82D9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76c8333b4f1e07b7ffb6744e92180bab56b5a8ce22e7eb478ddc000a028c2eae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 82D9 28 KB
28 KB 31ms
18ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 403780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 22:13:40 GMT

GET
H3 200 img Show response
drive.google.com/viewer2/prod-03/ Frame 7205 641 KB
641 KB 45ms
44ms XHR
image/png 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/viewer2/prod-03/img?ck=drive&ds=APznzabaPm9E4ztHEBFgiSF5uD9AVbyJLkewBalyhXXvoz2mf4fyRS4hD9ai2Hs3xDirF6y9HzCEKFL9yAYhAfqe-Tqaj1sCfKFzbyCPNEUZ4V5oPpi89k1b_bqmLqYOilPgpitm_c5qj_vvISSW80HQau5iT8JR8Lc4r4A_wFC6cbNbPzGHNXZwHRBwRzUbbzZotEKPwRUy04J8oTdZH4T8qSJlt-DbrJ0Qqd0uxCWpJlVK9hHpjSqPgEAPEloOVgb3XrLSlRMwBS_2j-4j-QotDA_A4jZ51MT6MopikAc-OrdZHoXoYSMm5HqhKJ1J0efY-Rn-ZZj5U02EAty9XAxfrOHFk7aFVE_CVmF31ySeDUQvJ5mGTmu1Rt0v4oXetDZ0_--g60eV&authuser=0&page=0&w=800&webp=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=1/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db3a54cb399fb513a05ca553c41126c1bd3e82f1a3786a276309f2086f860fd4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Pq2zt1awyq6Z-Xrz9D62rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-Pq2zt1awyq6Z-Xrz9D62rw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-Pq2zt1awyq6Z-Xrz9D62rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-Pq2zt1awyq6Z-Xrz9D62rw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
cross-origin-embedder-policy-report-only: require-corp; report-to="AppsViewerFrontendHttp"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Sun, 22 May 2022 14:23:20 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"AppsViewerFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AppsViewerFrontendHttp/internal"}]}
content-type: image/png
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
drive.google.com/viewer2/prod-03/ Frame 7205 608 B
386 B 487ms
486ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/viewer2/prod-03/presspage?ck=drive&ds=APznzabaPm9E4ztHEBFgiSF5uD9AVbyJLkewBalyhXXvoz2mf4fyRS4hD9ai2Hs3xDirF6y9HzCEKFL9yAYhAfqe-Tqaj1sCfKFzbyCPNEUZ4V5oPpi89k1b_bqmLqYOilPgpitm_c5qj_vvISSW80HQau5iT8JR8Lc4r4A_wFC6cbNbPzGHNXZwHRBwRzUbbzZotEKPwRUy04J8oTdZH4T8qSJlt-DbrJ0Qqd0uxCWpJlVK9hHpjSqPgEAPEloOVgb3XrLSlRMwBS_2j-4j-QotDA_A4jZ51MT6MopikAc-OrdZHoXoYSMm5HqhKJ1J0efY-Rn-ZZj5U02EAty9XAxfrOHFk7aFVE_CVmF31ySeDUQvJ5mGTmu1Rt0v4oXetDZ0_--g60eV&authuser=0&page=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=1/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

590f4b55528ca4f4829a6e8ec56071dc931e6bcfd2a152b223ae11caac02aaa3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport, script-src 'report-sample' 'nonce-4eWKPJI9KR2zJHRwdCEVxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-4eWKPJI9KR2zJHRwdCEVxg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
cross-origin-embedder-policy-report-only: require-corp; report-to="AppsViewerFrontendHttp"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AppsViewerFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AppsViewerFrontendHttp/internal"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport, script-src 'report-sample' 'nonce-4eWKPJI9KR2zJHRwdCEVxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-4eWKPJI9KR2zJHRwdCEVxg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
drive.google.com/viewer2/prod-03/ Frame 7205 777 KB
777 KB 35ms
35ms XHR
image/png 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=1/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38b8727a25b71b507fd22feb9114e3a2731d8445224c01b7a4e8cc09a0b4f3a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vpvCbG1fk-6nAn36Ghqn3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-vpvCbG1fk-6nAn36Ghqn3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-vpvCbG1fk-6nAn36Ghqn3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-vpvCbG1fk-6nAn36Ghqn3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
cross-origin-embedder-policy-report-only: require-corp; report-to="AppsViewerFrontendHttp"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Sun, 22 May 2022 14:23:20 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"AppsViewerFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AppsViewerFrontendHttp/internal"}]}
content-type: image/png
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
drive.google.com/viewer2/prod-03/ Frame 7205 608 B
389 B 463ms
463ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=1/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88b112018f32460e296ae2ff0cba003e3607b3fe9c1032e2a3af93c43b3379bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IZKt5N2J-vgXVIz0hRtQ4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-IZKt5N2J-vgXVIz0hRtQ4g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
cross-origin-embedder-policy-report-only: require-corp; report-to="AppsViewerFrontendHttp"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AppsViewerFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AppsViewerFrontendHttp/internal"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-IZKt5N2J-vgXVIz0hRtQ4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-IZKt5N2J-vgXVIz0hRtQ4g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
drive.google.com/viewer2/prod-03/ Frame 7205 578 KB
578 KB 33ms
33ms XHR
image/png 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=1/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d388775284663924b6edb755ef3f3eb70a7ea790024c9e322ee3c082ec2c8b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p9z1QNfqLRgMGcIUKzz2gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-p9z1QNfqLRgMGcIUKzz2gg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
cross-origin-embedder-policy-report-only: require-corp; report-to="AppsViewerFrontendHttp"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Sun, 22 May 2022 14:23:20 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"AppsViewerFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AppsViewerFrontendHttp/internal"}]}
content-type: image/png
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-p9z1QNfqLRgMGcIUKzz2gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-p9z1QNfqLRgMGcIUKzz2gg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
drive.google.com/viewer2/prod-03/ Frame 7205 608 B
382 B 568ms
568ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=1/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b9320b434db892649b64e5be801c053d92745df54889e2d66682cea50bf4502

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mbxStcTzzSTv30MGy-1R7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-mbxStcTzzSTv30MGy-1R7w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
cross-origin-embedder-policy-report-only: require-corp; report-to="AppsViewerFrontendHttp"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AppsViewerFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AppsViewerFrontendHttp/internal"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-mbxStcTzzSTv30MGy-1R7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AppsViewerFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-mbxStcTzzSTv30MGy-1R7w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AppsViewerFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/AppsViewerFrontendHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=sy8f,sy8j,sy92,sy8z,sy90,sy8v,sy94,gypOCd Show response
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=0/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/ Frame 7205 60 KB
20 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=0/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/m=sy8f,sy8j,sy92,sy8z,sy90,sy8v,sy94,gypOCd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.XLJVUx3rAdY.O/d=1/rs=AO0039trcon2Xyy7VqGi5p3EBQ4OChFmiw/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

842ed2a3cc2ba12a1c27a37cb067042fa64dd8b6a322b76281b88af80811d8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 16:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20392
x-xss-protection: 0
last-modified: Thu, 12 May 2022 03:10:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 16:41:03 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 3B4F 4 KB
633 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 13:30:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 14:23:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 14:23:20 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3B4F 205 B
229 B 9ms
9ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:32:37 GMT
x-content-type-options: nosniff
age: 6643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 22 May 2023 12:32:37 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3B4F 604 B
628 B 10ms
9ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:58:09 GMT
x-content-type-options: nosniff
age: 1511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 22 May 2023 13:58:09 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 3B4F 19 KB
8 KB 319ms
147ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 13:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 13:29:45 GMT

GET
H3 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 2358 9 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 13:38:12 GMT

GET
H3 200 7e8d9be85afe70328c144e2bd1bc7ea5.js Show response
www.gstatic.com/mysidia/ Frame 2358 8 KB
4 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7e8d9be85afe70328c144e2bd1bc7ea5.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e011e5db5fba47db92bc725349b3ef86a4c8cdb49a750ab259704596e0e5ef05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3703
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 13:38:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2358 8 KB
892 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 13:37:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 14:23:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 14:23:20 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 2358 2 KB
904 B 333ms
167ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 14:19:47 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 2358 21 KB
8 KB 275ms
109ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 14:22:09 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 2358 3 KB
1 KB 333ms
168ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 14:21:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2358 135 KB
41 KB 262ms
91ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 14:23:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 2358 17 KB
7 KB 258ms
93ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 14:18:20 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 2358 30 KB
12 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 13:38:13 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C04B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

71ms
71ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 14:23:20 GMT
expires: Sun, 22 May 2022 14:23:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 14:23:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 81F7 8 KB
892 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 22 May 2022 13:38:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 22 May 2022 14:23:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 May 2022 14:23:20 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 81F7 2 KB
904 B 181ms
82ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 14:19:47 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 81F7 21 KB
8 KB 181ms
82ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8611
x-xss-protection: 0
server: cafe
etag: 11030745046341915621
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 14:22:09 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 81F7 3 KB
1 KB 267ms
169ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 14:21:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81F7 135 KB
41 KB 246ms
142ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 14:23:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 81F7 17 KB
7 KB 225ms
127ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Jun 2022 14:18:20 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 81F7 30 KB
12 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:21:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 13:38:13 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6946590792562677673/ Frame 2358 2 KB
2 KB 235ms
142ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6946590792562677673/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d698b544161bdac60cd4cc3e630105e0ec1d07015e62b766315301006256ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:02:37 GMT
x-content-type-options: nosniff
age: 422443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2493
x-xss-protection: 0
last-modified: Thu, 22 Apr 2021 04:06:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 May 2023 17:02:37 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2358 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHsHDV0eKYtOMJdDW1fAPq4iemAXW4-fjaKHqueOgDob4gNrDARABIJjlqSxgleKQgqAHoAHlobLsA8gBAagDAaoEswNP0MUQp6ekQnt4DCnYOmIexXisV4Ly2OVuZAKAyGGWgcO5TZaFeG52PlcgxnIW8CUWZACLjv0lcoT3Qst71K9daJBmpb4Hy8gP86vvSJIuLcNpAeL1Vavbp-ZdcLnS39wN7dTuE_-jIZruJGWvekRD8EAd12YDW8SgT6FoE3CWKhrsfegTASCivXOtPQbIrr8830vsU8hY48HfxpCn4yRbAZ434--lqJh4kW70I02iQpSXEx0E-7UrHkszLO9efM-_bFIWkrwfbzNniRJ5_W4Aa0agX1gbrROwGv6_dKELEeCdZDQ6xNNbG4KmoyNXtA9AoQqkaluqSJ7JuHO4VoCq2QfSj2HSJNp2LaJ2MbGqV4nRGTfCw3zV2jpDfFq0Fd-H6W6YFWg6vLRhoGrkvQk3mv5gqq1GTEH58PFnEqy9KbCk-GYab6HY5NeHaoISy7Hk_HqWt05Dp6cUAMGRsf6nLpFBE-BCYa5xCCccqqwTqnUN8jmuk4TNrB7yocu47Ybm50FfwBotb-ttNg-8NP2Thp4G4fIoRqs6j6f7pseCFn5anhoNS7M_9PCURKpIsxBe29vABJnVqa_1AZIFBAgEGAGSBQQIBRgEgAepp4owqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ5tQM0ggJCIDhgHAQARgfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTg5NjczMTE5MTgxNTQzNjcYAA&sigh=A5MqzRgmSVE&uach_m=[UACH]&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 22 May 2022 14:23:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
BLOB 200
OK d58551db-3986-4d56-9d11-540963400ff5
https://drive.google.com/ Frame 7205 578 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://drive.google.com/d58551db-3986-4d56-9d11-540963400ff5
Requested by: Host: drive.google.com
URL: https://drive.google.com/file/d/19nO-qDE0VzVa3Hx26uFSfWEicpjBsbRA/preview
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d388775284663924b6edb755ef3f3eb70a7ea790024c9e322ee3c082ec2c8b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length: 592132
Content-Type: image/png

GET
BLOB 200
OK 5e30b35c-af92-4e91-98ce-b7e26722a3e9
https://drive.google.com/ Frame 7205 641 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://drive.google.com/5e30b35c-af92-4e91-98ce-b7e26722a3e9
Requested by: Host: drive.google.com
URL: https://drive.google.com/file/d/19nO-qDE0VzVa3Hx26uFSfWEicpjBsbRA/preview
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db3a54cb399fb513a05ca553c41126c1bd3e82f1a3786a276309f2086f860fd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length: 655946
Content-Type: image/png

GET
BLOB 200
OK 6a31689b-7075-45cf-8e78-b03d4d24a3fb
https://drive.google.com/ Frame 7205 777 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://drive.google.com/6a31689b-7075-45cf-8e78-b03d4d24a3fb
Requested by: Host: drive.google.com
URL: https://drive.google.com/file/d/19nO-qDE0VzVa3Hx26uFSfWEicpjBsbRA/preview
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38b8727a25b71b507fd22feb9114e3a2731d8445224c01b7a4e8cc09a0b4f3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length: 795703
Content-Type: image/png

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame E634 382 B
1 KB 50ms
15ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.BYmJjssVfqI.O%2Fd%3D1%2Frs%3DAHpOoo80_DzWbqWOZXEixUAk9-Z2HYlC7A%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.BYmJjssVfqI.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo80_DzWbqWOZXEixUAk9-Z2HYlC7A/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288a89e061904ca9d515bd06a91e5c10a8b6af5e6b0ce3defa1943a1c6b9f9eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce--Yjo--91xO8LXnUrnx0o2w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 272
content-security-policy: script-src 'nonce--Yjo--91xO8LXnUrnx0o2w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 14:23:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 17 Jul 2020 22:45:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 1133ab45-0f75-4496-b282-6beba950e009
https://drive.google.com/ Frame 7205 398 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://drive.google.com/1133ab45-0f75-4496-b282-6beba950e009
Requested by: Host: drive.google.com
URL: https://drive.google.com/file/d/19nO-qDE0VzVa3Hx26uFSfWEicpjBsbRA/preview
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70c511d60bf4db9a3c59b3e5528fe646ada9d843f7f350129e708ba21c121bf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length: 407510
Content-Type: image/webp

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame E634 14 KB
5 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.BYmJjssVfqI.O%2Fd%3D1%2Frs%3DAHpOoo80_DzWbqWOZXEixUAk9-Z2HYlC7A%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adb1b3d2b9ecdfcc15feaef1d05320ea9f3e4f6854367e7c387d27042e75fc4c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5543
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Sun, 22 May 2022 14:23:20 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "d9d80d6a13c2cf52"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 May 2022 14:23:20 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.BYmJjssVfqI.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo80_DzWbqWOZXEixUAk9-Z2HYlC7A/ Frame E634 66 KB
23 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.BYmJjssVfqI.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo80_DzWbqWOZXEixUAk9-Z2HYlC7A/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27b04cadb280a67c963ca231c275f71be0e6d5cf4bd7ad85a057ee6ec265103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23323
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 15:16:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 19:12:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C8E 143 B
163 B 8ms
8ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 14:09:35 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame E634 0
19 B 155ms
135ms XHR
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.BYmJjssVfqI.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo80_DzWbqWOZXEixUAk9-Z2HYlC7A/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://drive.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.BYmJjssVfqI.O%2Fd%3D1%2Frs%3DAHpOoo80_DzWbqWOZXEixUAk9-Z2HYlC7A%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://drive.google.com

Response headers

pragma: no-cache
date: Sun, 22 May 2022 14:23:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame E634 0
19 B 184ms
165ms XHR
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://drive.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.BYmJjssVfqI.O%2Fd%3D1%2Frs%3DAHpOoo80_DzWbqWOZXEixUAk9-Z2HYlC7A%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://drive.google.com

Response headers

pragma: no-cache
date: Sun, 22 May 2022 14:23:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4C8E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

71ms
71ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 14:23:20 GMT
expires: Sun, 22 May 2022 14:23:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 14:23:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D653 143 B
163 B 8ms
8ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 14:09:35 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D653
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

70ms
70ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 14:23:20 GMT
expires: Sun, 22 May 2022 14:23:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 22 May 2022 14:23:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7205 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 7205 14 KB
14 KB 25ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

977d7a1f66defb437e71c15dab19d4fdd7cc0d4ad9da121d26e4436b7c8a97eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drive.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 22:19:14 GMT
x-content-type-options: nosniff
age: 403446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13872
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:20:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 22:19:14 GMT

GET
DATA 200
OK truncated
/ Frame 2358 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf02f4b9b9c2339b5789ee0db2f3de3a7db3bb83115a345efc681936828b7743

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 44ms
24ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220518&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c55a8ea5ab8d04b6ecf67872bb3a8f1b9c071c9db5cee4ed67005d27913bdf0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 22 May 2022 14:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10645
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 22 May 2022 14:23:21 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7205 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
Origin: https://drive.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 422200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 17 May 2023 17:06:41 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7205 10 KB
10 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
Origin: https://drive.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 21:29:26 GMT
x-content-type-options: nosniff
age: 492835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 16 May 2023 21:29:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F79B 13 KB
5 KB 110ms
110ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dideva.alle.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 655
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 14:12:26 GMT
expires: Mon, 22 May 2023 14:12:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AA7C 783 B
536 B 15ms
15ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc47276855b9294c534f61b26735614ffe41fdc50372b377b245618bc863c2b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GehqHQ28UkjdV9VTxFOvvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dideva.alle.bg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-GehqHQ28UkjdV9VTxFOvvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 22 May 2022 14:23:21 GMT
expires: Sun, 22 May 2022 14:23:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AA7C 0
0 151ms
151ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220518&jk=1020458733677912&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js Show response
pagead2.googlesyndication.com/bg/ Frame F79B 35 KB
13 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 21:24:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 May 2023 21:24:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F79B 0
9 B 103ms
103ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8k6xzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 22 May 2022 14:23:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 82D9 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6KQ_4vjx6AyabeRx5SjJxjE-AtYY2xCo1FzlalKPzfomt6akHEQyDf3hRb-mmlD42JQqQKP1sRKeDC0xiKN0XBF2WSQQq13GD0gmeblKRpASzyJrvJMZ8AQTA&sai=AMfl-YTLsQk7MWpFF25kFC9E_cyxpqXxJ9AWOTanCRO_aGX28nJb96QmiciZ_c7GfR-zLL2JM0ZNUwMQvF-R&sig=Cg0ArKJSzJ8njp7Rl5gPEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1531912847&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653229399586&rpt=885&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 14:23:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 112ms
112ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-8967311918154367&su=dideva.alle.bg&eid=44759875%2C44759926%2C44759837%2C42531557%2C44761043%2C31064018&doc=complete&pg_h=8214&pg_w=1600&pg_hs=8214&c=1&aa_c=0&av_h=600&av_w=160&av_a=96000&b=7391&all_b=7391&d=0.073&all_d=0.073&ard=0.007&all_ard=0.007&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 14:23:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 120ms
120ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220518&jk=1020458733677912&bg=!TU6lTgrNAAZ4vKt9WLw7ACkAdvg8WrzcT1v19NLJQk7a3-vJAWuXzTqsvb9vAgxL491v0-NGX4P5lQIAAABOUgAAAAJoAQcKAOCqgFJvIimriwmBBKMX9dmTnzj8YBVlyHTkOo5R8dsjF_0cisElNxqNTQxtFceGjt_YbE0vGv7CFmAHRgkgxqtQs0H-zKXYt_R3i_HxeIgFsRHS9Fb-GKKYBoKBeXSyKeeH-MJr9QSSjofl0zz330Ipv85KQRK1RzTfG9OAEOS8uvBCyvca4fgIr7ko68MxChn3vVMy0ms8Wc357rc78G2own-NP9OpcjAIW8jF60ON8PrgeazrvgjP6jrHMjr9CuqvLpMoAJQLPTGcnSKnKU47bQX51gYeXqqtCWbgbod8S5kCqT-vZ4F2Z-lS2MZ1hti6IkbrF6g483O26twof34U-NDhpydr8TnzwrPhfDakfigCHHelo9jXBv9O2KigOXDIKFlv33AH3X6PKjxGVGQHB7qfYrABxZs_RkSrw6CB8dGn-bNEz0mjra-yGavIdB-g-CKrRj9ZbbA2eNt6nsaOXUhtnmH9hQtUnK5t6d2oe96LGtYtRhmMFDgXUciFV4SWngFTGQAOcVco1vIGMPPp6Eng9gSB9JPSwEYkeRvT3ygNPXTCH74SqD8J3HHdBLfm4vWJniYYLy7olgpXsgtSJhc4EldannyHtPREskPa5fptRAEm7piFkk3KxfBlISMSgbx8WKkaWqa4IGH6p9BfEX6ddSlrJsD3EovfONt8TBh3BmnuoJabSeBuLncPjG-dIG6Nq8DX7jjX9M8sS8_yU5B3jOVkM0gsSOss0XGUMeM4DPrAF0Boot17VI817OU1OXNamXR5k43ANKqbI2l2s1wnwesskqFcQ6ekGjaWtJfC-mUJsPYkTCty1MkNxv9rt9AzGW32uL5TqHiLKUHZ2arkpMaEYJOsR3yW369ycClS-m39CGmvYI7LwpZQ3FW0fGIdXGnJN9odHb4tWbg_ol1B4bn721FKskr4WgcKs1RrWi8ZHXdxwisNpZHyfj40OjlkAxjbaq5iJevsnPHvhBaU1zDmaccaXGhAUZQjQxyHRBkTlCmIYiliOrfiywmQOJ-sXZhTfivWeK1J6jIOzsUHeIyhGM5nwSdS9C2Pgwt3w9I2UVzh0y0Gs2aYo3wIFW35FeWUZILvoX7yxk_wKEMXKqNSm_0RIlCArq0qjFKGtrVukUMMjDH764wnIwPtxmb2V4YsHKxGi62d0cQE9pWaxIjFCZC-NeMXzv9V5zD4ePmaO76o6v9umg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dideva.alle.bg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2358 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuop78fXbUuPoPKqZ0FKOIbaKSx6yy6NSRzpQLIZdXkxVkZxbAcYD5_-12HVOCPcKX1E1Jhd9Xv6t5ZsUOfD0ETDOZ6gTZWCTHQXaRnIObusx013kF6pM-bb5wC&sai=AMfl-YQDRDMHJZRM_sFgWbvEEecYiDRSz8hZeYd9EBi5SYaTv_xYxK3PcBU6oZKpqV6kT6E-V8pYnanPHANd&sig=Cg0ArKJSzOF2obSYeKZWEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=317,1000,1000,1000,1000&tos=317,683,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653229400338&rpt=594&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 14:23:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.alle.bg/	1970-01-20 12:35:25	Name: __gads Value: ID=f6f32fd8ddedded8-22d63a889bcd00b8:T=1653229399:RT=1653229399:S=ALNI_Ma9s7Y7lgpZFeZj026FFdkhMkYYoA
.google.com/	1970-01-20 07:37:20	Name: NID Value: 511=i3vatrLUPsDp-An_Z5MPGdmjePb2donPKbyMH7Vy-aDVwWxhsXp-7Zj7h9j5U70AsdXdmj4BC0U3KwavgPUtytVuWy4duGlf6GjjhBRlVlQL5jjWonp-LmSlt5vMeGQP7wJ3DYUmMUIXmhMW7871j_7TDmdkd7UPqzXd0o8V-i4
.doubleclick.net/	1970-01-20 12:35:25	Name: IDE Value: AHWqTUmGhZrXXLuBMiic7Qm3BJkWMmQzVXt6Jztci9VNVIbrF5JjCOdBZIXCSml2vLM
.doubleclick.net/	1970-01-20 03:13:53	Name: DSID Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apis.google.com
cdn4.amcn.in
content.googleapis.com
dideva.alle.bg
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lh5.googleusercontent.com
pagead2.googlesyndication.com
partner.googleadservices.com
ssl.gstatic.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.184.194
18.156.188.218
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
52.209.140.2
00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
0d388775284663924b6edb755ef3f3eb70a7ea790024c9e322ee3c082ec2c8b2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
1d4debe4bd2ff39564c8d630a5994b031a66a8ee733fbc57293cd85c5d6be905
288a89e061904ca9d515bd06a91e5c10a8b6af5e6b0ce3defa1943a1c6b9f9eb
28f75c9253a2d1d6569fcd1f757a645f3508a5616ec6b52cab03223deadba29c
2b9320b434db892649b64e5be801c053d92745df54889e2d66682cea50bf4502
3007792220b169e1cb8b6c70d859f36f9d04b392636dffebaa4708df16b911c1
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
38b8727a25b71b507fd22feb9114e3a2731d8445224c01b7a4e8cc09a0b4f3a7
3933cf1e3ea29583459249d9ef6dee380a056802e2c5d0adb1cb72453d852902
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
43d698b544161bdac60cd4cc3e630105e0ec1d07015e62b766315301006256ad
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f3b9638865631df44da4b64c23ea31c5db20b273b2389f6983bd748a7c85fdb
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563e41d789a87b504222d7e7307c8d1473986b87b8d9d4f29e0f854b8fd11269
590f4b55528ca4f4829a6e8ec56071dc931e6bcfd2a152b223ae11caac02aaa3
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f28b4175798a718987919177cb071f12bf59c523eac281731998d6e609cdef0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67e1aca6cb5b9e0e32a9d5fab2610397d06fc04ea153a9193cdc19df31762080
6a6562ee8f59ed63c768641f3ca21b09ca94b1d144d98123a20169f060008fd6
70c511d60bf4db9a3c59b3e5528fe646ada9d843f7f350129e708ba21c121bf6
76c8333b4f1e07b7ffb6744e92180bab56b5a8ce22e7eb478ddc000a028c2eae
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
842ed2a3cc2ba12a1c27a37cb067042fa64dd8b6a322b76281b88af80811d8be
859f5f7b20ec361cd527751fb2dd9db712c2a4b993b1d73f47167a4442a9707b
88b112018f32460e296ae2ff0cba003e3607b3fe9c1032e2a3af93c43b3379bf
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8eafd7606fdaab559259d5924c3d4fa92618c3ba8e80f56d3ff20b2f1131e2d6
9096c9618f2ea5e87abe982a94c7d2811bb17bb11e35a129ee79823fb4ccb908
977d7a1f66defb437e71c15dab19d4fdd7cc0d4ad9da121d26e4436b7c8a97eb
9957cdb6efb34b018994223d4317d7ab45f2d7168bcc319f04fa373e23dc8c1b
9acc3f7efe40ecb575c3608315b98bde8e7c63dd6f3f09cf078989ecf4d47814
9cd518ede987ff16e745d5f13acba8e6ed0c174403c0849429fdcc4efa2fc8e9
9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
abfb1e38bfc0632700d4dcaaae12b40b74c44cea002539ab743be9418077d952
adb1b3d2b9ecdfcc15feaef1d05320ea9f3e4f6854367e7c387d27042e75fc4c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
ba46e4241ae942f247b9a7f85b6f4f8100ede038730080380ec82f2a58c729c6
bd455b773b66cff4fb7a76cda8a3c94d8741b8db6d47f72e5c5a1edfed0d661b
bf02f4b9b9c2339b5789ee0db2f3de3a7db3bb83115a345efc681936828b7743
c11a9907cb3cf8221604c45e879d60fcd28811011c6b14557d212a6f3d6df156
c42c136907d62c11c783190cbc3d5968e4b927d4fd8597434257968b781c259d
c55a8ea5ab8d04b6ecf67872bb3a8f1b9c071c9db5cee4ed67005d27913bdf0b
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
dafcfb8e5da88fc67a5eb628e432d27437f87fb6e4a47bc308d58ec03d510309
db3a54cb399fb513a05ca553c41126c1bd3e82f1a3786a276309f2086f860fd4
dd0a89078267d32b84d5692634c6b72043ed17846d144d4bb99931e83f4a583d
e011e5db5fba47db92bc725349b3ef86a4c8cdb49a750ab259704596e0e5ef05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f27b04cadb280a67c963ca231c275f71be0e6d5cf4bd7ad85a057ee6ec265103
f6c8627cc01fd4c26677a545914f6f1a9e9021a368c7101a793a8b2db0fbe1af
fc47276855b9294c534f61b26735614ffe41fdc50372b377b245618bc863c2b8

dideva.alle.bg Open in urlscan Pro 52.209.140.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

97 Requests

96 %HTTPS

83 %IPv6

11 Domains

18 Subdomains

19 IPs

3 Countries

4059 kBTransfer

10555 kBSize

4 Cookies

97 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dideva.alle.bg Open in urlscan Pro
52.209.140.2 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

96 %
HTTPS

83 %
IPv6

11
Domains

18
Subdomains

19
IPs

3
Countries

4059 kB
Transfer

10555 kB
Size

4
Cookies

97 HTTP transactions
7 data transactions