putuj-povoljno.rs Open in urlscan Pro
185.119.88.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://putuj-povoljno.rs/
Submission Tags: krdtest
Submission: On April 24 via api (April 24th 2021, 12:05:38 am UTC) from JP

Summary HTTP 129 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 22 domains to perform 129 HTTP transactions. The main IP is 185.119.88.30, located in Serbia and belongs to UNITED, RS. The main domain is putuj-povoljno.rs.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 22nd 2021. Valid for: 3 months.

This is the only time putuj-povoljno.rs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	185.119.88.30 185.119.88.30	12459 (UNITED) (UNITED)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
9	172.255.224.36 172.255.224.36	7979 (SERVERS-COM) (SERVERS-COM)
5	2606:4700:303... 2606:4700:3036::ac43:a62d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.245.33 143.204.245.33	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:777	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 19	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 8	185.106.81.236 185.106.81.236	7979 (SERVERS-COM) (SERVERS-COM)
1	143.204.245.61 143.204.245.61	16509 (AMAZON-02) (AMAZON-02)
6	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.245.19 143.204.245.19	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2 2	52.39.207.175 52.39.207.175	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:6251:ed87:4ce3:f14c	16509 (AMAZON-02) (AMAZON-02)
129	26

31 185.119.88.30 (Serbia)

ASN12459 (UNITED, RS)
PTR: s10.unlimited.rs

putuj-povoljno.rs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.255.224.36 (Netherlands)

ASN7979 (SERVERS-COM, US)

www.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
suggest.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
autocomplete.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::ac43:a62d (United States)

ASN13335 (CLOUDFLARENET, US)

tp.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.245.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-33.cph50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:777 (United States)

ASN13335 (CLOUDFLARENET, US)

st.avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.106.81.236 (Netherlands) 1 redirects

ASN7979 (SERVERS-COM, US)

avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.245.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-61.cph50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.245.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-19.cph50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.39.207.175 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-207-175.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:6251:ed87:4ce3:f14c (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	putuj-povoljno.rs putuj-povoljno.rs	465 KB
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	239 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	241 KB
13	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	56 KB
9	avsplow.com 1 redirects st.avsplow.com avsplow.com	17 KB
9	travelpayouts.com www.travelpayouts.com suggest.travelpayouts.com autocomplete.travelpayouts.com	86 KB
5	tp.media tp.media	117 KB
4	google.com 1 redirects adservice.google.com www.google.com	253 B
4	googleapis.com fonts.googleapis.com	3 KB
3	googletagservices.com www.googletagservices.com	98 KB
3	google.de adservice.google.de www.google.de	337 B
3	googleadservices.com www.googleadservices.com partner.googleadservices.com	16 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	googletagmanager.com www.googletagmanager.com	112 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
1	innovid.com ag.innovid.com	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	mookie1.com odr.mookie1.com	324 B
1	google-analytics.com www.google-analytics.com	74 B
1	cloudflare.com cdnjs.cloudflare.com	19 KB
129	22

	Domain	Requested by
31	putuj-povoljno.rs	putuj-povoljno.rs
14	fonts.gstatic.com	fonts.googleapis.com www.travelpayouts.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	pagead2.googlesyndication.com	putuj-povoljno.rs pagead2.googlesyndication.com googleads.g.doubleclick.net cdnjs.cloudflare.com tpc.googlesyndication.com www.googletagservices.com
8	avsplow.com	1 redirects putuj-povoljno.rs st.avsplow.com
8	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.googleadservices.com googleads.g.doubleclick.net
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	tp.media	putuj-povoljno.rs tp.media
5	www.travelpayouts.com	putuj-povoljno.rs www.travelpayouts.com
4	fonts.googleapis.com	putuj-povoljno.rs googleads.g.doubleclick.net
3	www.google.com	1 redirects putuj-povoljno.rs googleads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	suggest.travelpayouts.com	cdnjs.cloudflare.com
3	www.googletagmanager.com	putuj-povoljno.rs www.googletagmanager.com
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.google.de	putuj-povoljno.rs
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	vars.hotjar.com	static.hotjar.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	autocomplete.travelpayouts.com	www.travelpayouts.com
1	script.hotjar.com	static.hotjar.com
1	www.google-analytics.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	tp.media
1	st.avsplow.com	tp.media
1	static.hotjar.com	putuj-povoljno.rs
129	33

This site contains links to these domains. Also see Links.

Domain
pretraga.putuj-povoljno.rs
www.facebook.com
www.travelpayouts.com
unsplash.com
tp.media

Subject Issuer	Validity	Valid
putuj-povoljno.rs cPanel, Inc. Certification Authority	`2021-04-22` - `2021-07-21`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.travelpayouts.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-02` - `2022-02-07`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-06` - `2021-07-06`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
avsplow.com R3	`2021-04-10` - `2021-07-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 10 frames:

Primary Page: https://putuj-povoljno.rs/
Frame ID: 7253FDC861BAC37D3CB0200AC0B2BF62
Requests: 105 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html
Frame ID: A0A60CEF2DD5DDCC0D712BFB978F67AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&adk=1812271804&adf=3025194257&lmt=1619222703&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fputuj-povoljno.rs%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703676&bpp=12&bdt=390&idt=401&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7402867900829&frm=20&pv=2&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=415
Frame ID: 3D8C3594009FB5C1A9A3A25A8D3C37B8
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: 4C8D486A962C9C9443DD0E82EC801E3C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=3738507136&adf=3404032449&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703689&bpp=5&bdt=403&idt=434&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1010&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OVM3DuralB&p=https%3A//putuj-povoljno.rs&dtd=470
Frame ID: 5DFDF8672B3BDB9E7B17CB140B9A439F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490
Frame ID: 3A6BB4AA424C0FBEA460F07ED7835485
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Frame ID: B6125FABD99F552824B67E76172D96A1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4174C38BADB52AA261B4F518DF63CD83
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Frame ID: 8D88BD311357BFCCC846BB25FABB8B32
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D511CA287888EE6661E99F6AC56CB64E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

129
Requests

100 %
HTTPS

55 %
IPv6

22
Domains

33
Subdomains

26
IPs

5
Countries

1531 kB
Transfer

4154 kB
Size

8
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://pretraga.putuj-povoljno.rs/app/ios
Title: iOS aplikacija

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Najjeftinije-avio-karte-i-sme%C5%A1taj-putuj-povoljnors-105135151428715
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.travelpayouts.com/?marker=303248.poweredby&utm_source=powered_by&utm_medium=widget&utm_campaign=mewtwo

Search URL Search Domain Scan URL

URL: https://unsplash.com/@gladegoggles
Title: Curt Nichols

Search URL Search Domain Scan URL

URL: https://pretraga.putuj-povoljno.rs/hotels?destination=Bansko
Title: BanskoBugarska

Search URL Search Domain Scan URL

URL: https://pretraga.putuj-povoljno.rs/hotels?destination=Kopaonik
Title: KopaonikSrbija

Search URL Search Domain Scan URL

URL: https://pretraga.putuj-povoljno.rs/hotels?destination=Kranjska+Gora
Title: Kranjska GoraSlovenija

Search URL Search Domain Scan URL

URL: https://tp.media/r?locale=bs&marker=303248&p=4041&type=click&campaign_id=100&trace_id=Zz1fa5071e35334d4bb3cd895-303248&u=https%3A%2F%2Fpretraga.putuj-povoljno.rs%2Fflights%3Fdepart_date%3D2021-06-01%26return_date%3D2021-06-08%26origin_iata%3DBEG%26destination_iata%3DSOF%26currency%3Deur%26with_request%3Dtrue%26locale%3Dbs
Title: Juni

Search URL Search Domain Scan URL

URL: https://tp.media/r?locale=bs&marker=303248&p=4041&type=click&campaign_id=100&trace_id=Zz1fa5071e35334d4bb3cd895-303248&u=https%3A%2F%2Fpretraga.putuj-povoljno.rs%2Fflights%3Fdepart_date%3D2021-07-01%26return_date%3D2021-07-08%26origin_iata%3DBEG%26destination_iata%3DSOF%26currency%3Deur%26with_request%3Dtrue%26locale%3Dbs
Title: Juli

Search URL Search Domain Scan URL

URL: https://tp.media/r?locale=bs&marker=303248&p=4041&type=click&campaign_id=100&trace_id=Zz1fa5071e35334d4bb3cd895-303248&u=https%3A%2F%2Fpretraga.putuj-povoljno.rs%2Fflights%3Fdepart_date%3D2021-08-01%26return_date%3D2021-08-08%26origin_iata%3DBEG%26destination_iata%3DSOF%26currency%3Deur%26with_request%3Dtrue%26locale%3Dbs
Title: avgusta

Search URL Search Domain Scan URL

URL: https://tp.media/r?locale=bs&marker=303248&p=4041&type=click&campaign_id=100&trace_id=Zz1fa5071e35334d4bb3cd895-303248&u=https%3A%2F%2Fpretraga.putuj-povoljno.rs%2Fflights%3Fdepart_date%3D2021-09-01%26return_date%3D2021-09-08%26origin_iata%3DBEG%26destination_iata%3DSOF%26currency%3Deur%26with_request%3Dtrue%26locale%3Dbs
Title: Septembar

Search URL Search Domain Scan URL

URL: https://tp.media/r?locale=bs&marker=303248&p=4041&type=click&campaign_id=100&trace_id=Zz1fa5071e35334d4bb3cd895-303248&u=https%3A%2F%2Fpretraga.putuj-povoljno.rs%2Fflights%3Fdepart_date%3D2021-10-01%26return_date%3D2021-10-08%26origin_iata%3DBEG%26destination_iata%3DSOF%26currency%3Deur%26with_request%3Dtrue%26locale%3Dbs
Title: Oktobar

Search URL Search Domain Scan URL

URL: https://tp.media/r?locale=bs&marker=303248&p=4041&type=click&campaign_id=100&trace_id=Zz1fa5071e35334d4bb3cd895-303248&u=https%3A%2F%2Fpretraga.putuj-povoljno.rs%2Fflights%3Fdepart_date%3D2021-11-01%26return_date%3D2021-11-08%26origin_iata%3DBEG%26destination_iata%3DSOF%26currency%3Deur%26with_request%3Dtrue%26locale%3Dbs
Title: Novembar

Search URL Search Domain Scan URL

URL: https://tp.media/r?locale=bs&marker=303248&p=4041&type=click&campaign_id=100&trace_id=Zz1fa5071e35334d4bb3cd895-303248&u=https%3A%2F%2Fpretraga.putuj-povoljno.rs%2Fflights%3Fdepart_date%3D2021-12-01%26return_date%3D2021-12-08%26origin_iata%3DBEG%26destination_iata%3DSOF%26currency%3Deur%26with_request%3Dtrue%26locale%3Dbs
Title: Decembar

Search URL Search Domain Scan URL

URL: https://tp.media/r?locale=bs&marker=303248&p=4041&type=click&campaign_id=100&trace_id=Zz1fa5071e35334d4bb3cd895-303248&u=https%3A%2F%2Fpretraga.putuj-povoljno.rs%2Fflights%3Fdepart_date%3D2022-01-01%26return_date%3D2022-01-08%26origin_iata%3DBEG%26destination_iata%3DSOF%26currency%3Deur%26with_request%3Dtrue%26locale%3Dbs
Title: Januar

Search URL Search Domain Scan URL

URL: https://tp.media/r?locale=bs&marker=303248&p=4041&type=click&campaign_id=100&trace_id=Zz1fa5071e35334d4bb3cd895-303248&u=https%3A%2F%2Fpretraga.putuj-povoljno.rs%2Fflights%3Fdepart_date%3D2022-02-01%26return_date%3D2022-02-08%26origin_iata%3DBEG%26destination_iata%3DSOF%26currency%3Deur%26with_request%3Dtrue%26locale%3Dbs
Title: Februar

Search URL Search Domain Scan URL

URL: https://tp.media/r?locale=bs&marker=303248&p=4041&type=click&campaign_id=100&trace_id=Zz1fa5071e35334d4bb3cd895-303248&u=https%3A%2F%2Fpretraga.putuj-povoljno.rs%2Fflights%3Fdepart_date%3D2022-03-01%26return_date%3D2022-03-08%26origin_iata%3DBEG%26destination_iata%3DSOF%26currency%3Deur%26with_request%3Dtrue%26locale%3Dbs
Title: Mart

Search URL Search Domain Scan URL

URL: http://pretraga.putuj-povoljno.rs/app/ios/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%22widget_id%22%3A%22df196e1efb972f20e1b8e7a3d94541b4%22%2C%22trace_id%22%3A%22Zz7cecd928e2a64830a2c9d79-303248%22%2C%22promo_id%22%3A%224238%22%7D%7D%5D%7D HTTP 302
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22df196e1efb972f20e1b8e7a3d94541b4%22,%22trace_id%22:%22Zz7cecd928e2a64830a2c9d79-303248%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web

Request Chain 103

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/792707840/?random=572816511&cv=9&fst=1619222704176&num=1&label=zxeeCP703uwBEICG__kC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4e1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fputuj-povoljno.rs%2F&tiba=Putuj%20Povoljno%20%E2%80%93%20Prona%C4%91ite%20najpovoljnije%20avio%20karte%20i%20sme%C5%A1taj&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=sGCDYO-dDr_H7_UP1rCFiAE&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/792707840/?random=572816511&cv=9&fst=1619222704176&num=1&label=zxeeCP703uwBEICG__kC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4e1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fputuj-povoljno.rs%2F&tiba=Putuj%20Povoljno%20%E2%80%93%20Prona%C4%91ite%20najpovoljnije%20avio%20karte%20i%20sme%C5%A1taj&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=sGCDYO-dDr_H7_UP1rCFiAE&cid=CAQSKQCNIrLM1C0NKG6L7ZN3xXcFh3CNbCdqO1Y5oPpHDr_IP2TJHjQewVv6&random=2603274787&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/792707840/?random=572816511&cv=9&fst=1619222704176&num=1&label=zxeeCP703uwBEICG__kC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4e1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fputuj-povoljno.rs%2F&tiba=Putuj%20Povoljno%20%E2%80%93%20Prona%C4%91ite%20najpovoljnije%20avio%20karte%20i%20sme%C5%A1taj&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=sGCDYO-dDr_H7_UP1rCFiAE&cid=CAQSKQCNIrLM1C0NKG6L7ZN3xXcFh3CNbCdqO1Y5oPpHDr_IP2TJHjQewVv6&random=2603274787&resp=GooglemKTybQhCsO&ipr=y

Request Chain 136

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJYwVDX4eTC-4LDxNxKQLqvhpIOkGJGSpBanivoqPygGBH7oVKZJRy4MxdyiN1TysAl0A1C2t2hjMJgrif4VMPKzY41LSuAOQ&google_gid=CAESEAchKV0ZmoXCl288OBtOH2A&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJYwVDX4eTC-4LDxNxKQLqvhpIOkGJGSpBanivoqPygGBH7oVKZJRy4MxdyiN1TysAl0A1C2t2hjMJgrif4VMPKzY41LSuAOQ&google_gid=CAESEAchKV0ZmoXCl288OBtOH2A&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjQyNDA1MDU3NTgzNzI1MTE5NTE4Nw%3D%3D&google_push=AQvitUJYwVDX4eTC-4LDxNxKQLqvhpIOkGJGSpBanivoqPygGBH7oVKZJRy4MxdyiN1TysAl0A1C2t2hjMJgrif4VMPKzY41LSuAOQ

Request Chain 138

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEG6OCRAGJ83KFd-_KaU1xzI&google_cver=1&google_push=AQvitUKImq4FivEEXFh3Gs8yegFLyyGdlsyVI1EBEwVVnLejmCpJry_fzHGb-RrhoXGcI8oCUlnK0HY25GgqtvVSCn9A0bUd2l8-5w HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEG6OCRAGJ83KFd-_KaU1xzI&google_cver=1&google_push=AQvitUKImq4FivEEXFh3Gs8yegFLyyGdlsyVI1EBEwVVnLejmCpJry_fzHGb-RrhoXGcI8oCUlnK0HY25GgqtvVSCn9A0bUd2l8-5w&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P3Mwxc9sRIWksmR-2b05QQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKImq4FivEEXFh3Gs8yegFLyyGdlsyVI1EBEwVVnLejmCpJry_fzHGb-RrhoXGcI8oCUlnK0HY25GgqtvVSCn9A0bUd2l8-5w

Request Chain 139

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI_8RZSkxH4QesFimYR6fyU&google_cver=1&google_push=AQvitUKC7e2e_37Y2pZnXQECE_AqebS4IChkXSivLJ_Lm6H4vAlPUr3qDBTODndjrHTWVmxdZFGtx_ql1jGrUfzKYbOzPLxMiLwI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05VWkUzRDctMjAtNTEyVQ==&google_push=AQvitUKC7e2e_37Y2pZnXQECE_AqebS4IChkXSivLJ_Lm6H4vAlPUr3qDBTODndjrHTWVmxdZFGtx_ql1jGrUfzKYbOzPLxMiLwI

Request Chain 140

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDYH3YWSkw2vO4MKwIa1ydU&google_cver=1&google_push=AQvitUJcYXnQGYZCjJsJ85DuAnZNn3WbYkoUGvR43PWXyemR0qtwcdfWIX6R3kFkPNR9E8yUXWk2mXGuSglTYR-HMUpVBLBN1GL4Zg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDYH3YWSkw2vO4MKwIa1ydU&google_cver=1&google_push=AQvitUJcYXnQGYZCjJsJ85DuAnZNn3WbYkoUGvR43PWXyemR0qtwcdfWIX6R3kFkPNR9E8yUXWk2mXGuSglTYR-HMUpVBLBN1GL4Zg&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YINgsQ6zbbq8d7sbMpDh-wAABJwAAAAB&google_cver=1&google_gid=CAESEDYH3YWSkw2vO4MKwIa1ydU&google_push=AQvitUJcYXnQGYZCjJsJ85DuAnZNn3WbYkoUGvR43PWXyemR0qtwcdfWIX6R3kFkPNR9E8yUXWk2mXGuSglTYR-HMUpVBLBN1GL4Zg

129 HTTP transactions
22 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
putuj-povoljno.rs/ 45 KB
11 KB 3355ms
3246ms Document
text/html 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed / PHP/7.4.16
Resource Hash: 994f8bcbd38a2e6d0c1e70d57e8f31762adf184a5b0c6776d6d001432a835a66

Request headers

:method: GET
:authority: putuj-povoljno.rs
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by: PHP/7.4.16
content-type: text/html; charset=UTF-8
link: <https://putuj-povoljno.rs/wp-json/>; rel="https://api.w.org/" <https://putuj-povoljno.rs/wp-json/wp/v2/pages/42>; rel="alternate"; type="application/json" <https://putuj-povoljno.rs/>; rel=shortlink
last-modified: Sat, 24 Apr 2021 00:05:03 GMT
pragma: public
cache-control: max-age=3600, public
etag: "ec3e9c8c8e4f4e6ba3663f5745ae6f1c"
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 24 Apr 2021 00:05:03 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H3-Q050 200 lazyload.min.js Show response
putuj-povoljno.rs/wp-content/plugins/w3-total-cache/pub/js/ 6 KB
2 KB 102ms
65ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

:path: /wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 21 Jan 2021 23:13:12 GMT
server: LiteSpeed
etag: "1883-600a0a88-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 2233
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 style.min.css
putuj-povoljno.rs/wp-includes/css/dist/block-library/ 50 KB
7 KB 101ms
65ms Stylesheet
text/css 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-includes/css/dist/block-library/style.min.css?ver=5.6.3
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.6.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Feb 2021 07:36:57 GMT
server: LiteSpeed
etag: "c88a-6034b099-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 7413
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 all.min.css
putuj-povoljno.rs/wp-content/plugins/getwid/vendors/fontawesome-free/css/ 50 KB
11 KB 99ms
64ms Stylesheet
text/css 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/plugins/getwid/vendors/fontawesome-free/css/all.min.css?ver=5.5.0
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 75109178327c42bfeff31a154786e4f395e9c9cecd2dd4fc5c178025791f8b02

Request headers

:path: /wp-content/plugins/getwid/vendors/fontawesome-free/css/all.min.css?ver=5.5.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 22:31:34 GMT
server: LiteSpeed
etag: "c813-5fdd2dc6-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 10772
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 slick.min.css
putuj-povoljno.rs/wp-content/plugins/getwid/vendors/slick/slick/ 1 KB
440 B 100ms
65ms Stylesheet
text/css 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/plugins/getwid/vendors/slick/slick/slick.min.css?ver=1.9.0
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9

Request headers

:path: /wp-content/plugins/getwid/vendors/slick/slick/slick.min.css?ver=1.9.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 22:31:34 GMT
server: LiteSpeed
etag: "52f-5fdd2dc6-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 395
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 slick-theme.min.css
putuj-povoljno.rs/wp-content/plugins/getwid/vendors/slick/slick/ 2 KB
689 B 99ms
64ms Stylesheet
text/css 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/plugins/getwid/vendors/slick/slick/slick-theme.min.css?ver=1.9.0
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 618cacf7e3c9cf90cb3245f033e6b0cbf5fc41ef5ecb98c136247eb6aa8641c5

Request headers

:path: /wp-content/plugins/getwid/vendors/slick/slick/slick-theme.min.css?ver=1.9.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 22:31:34 GMT
server: LiteSpeed
etag: "929-5fdd2dc6-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 644
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 magnific-popup.min.css
putuj-povoljno.rs/wp-content/plugins/getwid/vendors/magnific-popup/ 5 KB
1 KB 99ms
64ms Stylesheet
text/css 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/plugins/getwid/vendors/magnific-popup/magnific-popup.min.css?ver=1.1.0
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 9af0f4e90a7cba0dbe38575666bfedf0e853278155957eb78e63761e33b88a11

Request headers

:path: /wp-content/plugins/getwid/vendors/magnific-popup/magnific-popup.min.css?ver=1.1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 22:31:34 GMT
server: LiteSpeed
etag: "1473-5fdd2dc6-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 1401
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 blocks.style.css
putuj-povoljno.rs/wp-content/plugins/getwid/assets/css/ 136 KB
14 KB 99ms
65ms Stylesheet
text/css 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/plugins/getwid/assets/css/blocks.style.css?ver=1.6.9
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: a95f7ab1221dc143e4410043b13c4214d15f05258fd27a46be3834cb2dfa43f7

Request headers

:path: /wp-content/plugins/getwid/assets/css/blocks.style.css?ver=1.6.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 22:31:34 GMT
server: LiteSpeed
etag: "21f99-5fdd2dc6-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 14011
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 styles.css
putuj-povoljno.rs/wp-content/plugins/contact-form-7/includes/css/ 2 KB
689 B 99ms
64ms Stylesheet
text/css 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 15:39:31 GMT
server: LiteSpeed
etag: "780-5fdccd33-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 621
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 style.css
putuj-povoljno.rs/wp-content/themes/palmeria/ 96 KB
14 KB 70ms
37ms Stylesheet
text/css 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/themes/palmeria/style.css?ver=5.6.3
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 7a129b7e280a11ca308802b054dc7d625a32f49565e0629f0de54febabef9ffa

Request headers

:path: /wp-content/themes/palmeria/style.css?ver=5.6.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Nov 2020 16:57:36 GMT
server: LiteSpeed
etag: "17fa2-5fb94700-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 14614
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 10 KB
895 B 25ms
22ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A300%2C400%2C400i%2C700%2C+700i&subset=latin%2Clatin-ext%2Ccyrillic

Requested by

Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8039f90cf336209621cb864be863bb8861b68876876cf3e02aea03d9c66ff01f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Apr 2021 00:05:03 GMT
server: ESF
date: Sat, 24 Apr 2021 00:05:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Apr 2021 00:05:03 GMT

GET
H3-Q050 200 style.css
putuj-povoljno.rs/wp-content/themes/palmeria-child/ 2 KB
876 B 72ms
38ms Stylesheet
text/css 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/themes/palmeria-child/style.css?ver=1.2.3
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 4d611fabd15dd322bb3f4999c27b1baf9dbe7fa42836a6c0abd1a951a985daef

Request headers

:path: /wp-content/themes/palmeria-child/style.css?ver=1.2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Jan 2021 14:06:04 GMT
server: LiteSpeed
etag: "9c5-5ff9b84c-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 809
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 all.css
putuj-povoljno.rs/wp-content/themes/palmeria/assets/fontawesome/css/ 73 KB
12 KB 95ms
62ms Stylesheet
text/css 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/themes/palmeria/assets/fontawesome/css/all.css?ver=5.11.2
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 11134ed2da8b7dccdc0edf0f700d0d088a50bffffbd66fb71559c06615b7e550

Request headers

:path: /wp-content/themes/palmeria/assets/fontawesome/css/all.css?ver=5.11.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Nov 2020 16:57:35 GMT
server: LiteSpeed
etag: "124c2-5fb946ff-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 12347
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 pum-site-styles.css
putuj-povoljno.rs/wp-content/uploads/pum/ 17 KB
3 KB 96ms
63ms Stylesheet
text/css 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/uploads/pum/pum-site-styles.css?generated=1610804253&ver=1.15.0
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 7b56bacb274e42298759ca65e0ad2902b02e367a0ad84426ef70770433ffa7cd

Request headers

:path: /wp-content/uploads/pum/pum-site-styles.css?generated=1610804253&ver=1.15.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 16 Jan 2021 13:37:33 GMT
server: LiteSpeed
etag: "444d-6002ec1d-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 3123
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 jquery.min.js Show response
putuj-povoljno.rs/wp-includes/js/jquery/ 87 KB
30 KB 96ms
63ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 22:41:41 GMT
server: LiteSpeed
etag: "15d98-5fdd3025-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 30287
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 jquery-migrate.min.js Show response
putuj-povoljno.rs/wp-includes/js/jquery/ 11 KB
4 KB 97ms
64ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 22:41:41 GMT
server: LiteSpeed
etag: "2bd8-5fdd3025-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 3995
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 118 KB
45 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BPCKPKQQKH

Requested by

Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da865c29928c334cc5438ea68bf1769a8d9ecaab1ff081e0dbeb6421a8dd6e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46304
x-xss-protection: 0
expires: Sat, 24 Apr 2021 00:05:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48209
x-xss-protection: 0
server: cafe
etag: 2341374986041078434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 00:05:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-792707840

Requested by

Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3975ecbf343e2318a30903a31db7f3bbd7a067ed31f999cc5891b73f924b5548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34127
x-xss-protection: 0
expires: Sat, 24 Apr 2021 00:05:03 GMT

GET
H2 200 df196e1efb972f20e1b8e7a3d94541b4.js Show response
www.travelpayouts.com/widgets/ 7 KB
3 KB 115ms
45ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets/df196e1efb972f20e1b8e7a3d94541b4.js?v=2062
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 48d7e14b3bb1bb17740eb5b2a2e4432a1b798c87d34aa404a291d1bf68374e5b

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: gzip
server: nginx
etag: W/"20cbd3e05640f3eada091aceed177325502af7dc"
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=0
link: </mewtwo/styles.css?v=002>; rel=preload; as=style, </widgets_static/df196e1efb972f20e1b8e7a3d94541b4.js?v=2062>; rel=preload; as=script
x-request-id: 65168abb3248dcf4f76e07488f3e4752

GET
H2 200 content Show response
tp.media/ 104 KB
23 KB 59ms
40ms Script
application/javascript 2606:4700:3036::ac43:a62d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tp.media/content?promo_id=4041&shmarker=303248&campaign_id=100&trs=5519&searchUrl=pretraga.putuj-povoljno.rs%2Fflights&locale=bs&currency=eur&powered_by=false&one_way=false&only_direct=false&period=year&range=7%2C14&show_logo=false&primary=%230469ab&achieve=%23f86f35&origin=BEG&destination=SOF

Requested by

Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a62d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99fafca94943298b983fa1436ac6e103929bb5b5c632ef0ff92da3b680c6d290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-h2-pushed: </cascoon/common.51c7f342ff807d8949b4.js>
x-promo-id: 4041
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09a2cac4d000004a912180b000000001
x-request-id: 4718d27551bc4906f118114828909484
server: cloudflare
etag: W/"5dcc136ed3cab73236e7cc3163046cf020b7377e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dgi25YMYxFxlbim1lFxz8FOn22eFFOCREgqmt7s5uysFYwBYap0Ut2Dj7n9n8k%2FMvQCDmbeQngPeHqJi0Wx3jdh6idF%2FrKtXsEpGVbt7ai%2F1suYK1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private, max-age=0
cf-ray: 644b13e7b8554a91-FRA
link: </cascoon/common.51c7f342ff807d8949b4.js>; rel=preload; as=script

GET
H3-Q050 200 frontend.blocks.js Show response
putuj-povoljno.rs/wp-content/plugins/getwid/assets/js/ 32 KB
8 KB 98ms
65ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/plugins/getwid/assets/js/frontend.blocks.js?ver=1.6.9
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: f3ba9fba6711707bfb5ba722d6004cf0c6eb3178bc49b104dff6323a6f994e48

Request headers

:path: /wp-content/plugins/getwid/assets/js/frontend.blocks.js?ver=1.6.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 22:31:34 GMT
server: LiteSpeed
etag: "7f6d-5fdd2dc6-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 8046
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 scripts.js Show response
putuj-povoljno.rs/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 98ms
65ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 15:39:31 GMT
server: LiteSpeed
etag: "37c8-5fdccd33-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 3700
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 functions.js Show response
putuj-povoljno.rs/wp-content/themes/palmeria/js/ 3 KB
795 B 98ms
65ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/themes/palmeria/js/functions.js?ver=1.2.3
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 8c21dc373a5d6d260657189e9da2feaa64e87beccec835c849c0592ee4f38fda

Request headers

:path: /wp-content/themes/palmeria/js/functions.js?ver=1.2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Nov 2020 16:57:36 GMT
server: LiteSpeed
etag: "ac0-5fb94700-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 750
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 navigation.js Show response
putuj-povoljno.rs/wp-content/themes/palmeria/js/ 3 KB
1 KB 70ms
38ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/themes/palmeria/js/navigation.js?ver=1.2.3
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 752dfb20c76cd0780e844889283f08ab1ae0fbdcdffe2b34507ed6e2bc88ace9

Request headers

:path: /wp-content/themes/palmeria/js/navigation.js?ver=1.2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Nov 2020 16:57:36 GMT
server: LiteSpeed
etag: "c18-5fb94700-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 980
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 skip-link-focus-fix.js Show response
putuj-povoljno.rs/wp-content/themes/palmeria/js/ 739 B
400 B 98ms
66ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/themes/palmeria/js/skip-link-focus-fix.js?ver=1.2.3
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 6dc7a6896974c4b21c2ae93a1d03a95e439a7cac4b248574e93402a3e9397bc3

Request headers

:path: /wp-content/themes/palmeria/js/skip-link-focus-fix.js?ver=1.2.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Nov 2020 16:57:36 GMT
server: LiteSpeed
etag: "2e3-5fb94700-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 355
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 core.min.js Show response
putuj-povoljno.rs/wp-includes/js/jquery/ui/ 20 KB
7 KB 98ms
66ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

:path: /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 15 Apr 2021 08:10:14 GMT
server: LiteSpeed
etag: "5133-6077f4e6-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 6589
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 pum-site-scripts.js Show response
putuj-povoljno.rs/wp-content/uploads/pum/ 68 KB
16 KB 98ms
66ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1610804253&ver=1.15.0
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 61bf1c9874265d3fd43515489918908f275eee49b6f67cf93e41e99c37f816d6

Request headers

:path: /wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1610804253&ver=1.15.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 16 Jan 2021 13:37:33 GMT
server: LiteSpeed
etag: "11070-6002ec1d-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 16789
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 wp-embed.min.js Show response
putuj-povoljno.rs/wp-includes/js/ 1 KB
732 B 98ms
66ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-includes/js/wp-embed.min.js?ver=5.6.3
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.6.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Feb 2021 07:40:28 GMT
server: LiteSpeed
etag: "592-601ba4ec-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 663
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 imagesloaded.min.js Show response
putuj-povoljno.rs/wp-includes/js/ 5 KB
2 KB 99ms
66ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

:path: /wp-includes/js/imagesloaded.min.js?ver=4.1.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 13 Jun 2020 22:23:28 GMT
server: LiteSpeed
etag: "15fd-5ee551e0-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 1733
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 slick.min.js Show response
putuj-povoljno.rs/wp-content/plugins/getwid/vendors/slick/slick/ 43 KB
10 KB 99ms
67ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/plugins/getwid/vendors/slick/slick/slick.min.js?ver=1.9.0
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 254d80a49d0c9fced2fd0c272e7b868ca726df8189dc9c5735c56a33e7853dfc

Request headers

:path: /wp-content/plugins/getwid/vendors/slick/slick/slick.min.js?ver=1.9.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 22:31:34 GMT
server: LiteSpeed
etag: "ab7a-5fdd2dc6-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 10662
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 wp-emoji-release.min.js Show response
putuj-povoljno.rs/wp-includes/js/ 14 KB
4 KB 38ms
37ms Script
application/x-javascript 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-includes/js/wp-emoji-release.min.js?ver=5.6.3
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.6.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Feb 2021 07:40:28 GMT
server: LiteSpeed
etag: "3795-601ba4ec-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 4316
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-29 200 common.51c7f342ff807d8949b4.js Show response
tp.media/cascoon/ 396 KB
77 KB 39ms
29ms Script
application/javascript 2606:4700:3036::ac43:a62d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tp.media/cascoon/common.51c7f342ff807d8949b4.js

Requested by

Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a62d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

575447270674dcaaad6da9cc75a05905ab9a54ec8946dbc0ce2e04800bb9f0f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1435920
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09a2cac50400002bc2e0255000000001
last-modified: Mon, 05 Apr 2021 11:50:02 GMT
server: cloudflare
etag: W/"606af96a-631be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e%2FzaVWESs332xkWaAuKGHDKIV%2BS3xjKFPqZ3c7gz2Z61HPflk%2Bnv4lxgEueugbEIuRzHoltuMIJpnczrOXV%2BZbEXEDFdYgSBlpOqh9IpprnHBjtNqg%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 644b13e809b22bc2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
511 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100

Requested by

Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/wp-content/uploads/pum/pum-site-styles.css?generated=1610804253&ver=1.15.0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2597337524a833cfb605b63e2a3a9aaf7857b11587b8dba5fb7932a504a19e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/wp-content/uploads/pum/pum-site-styles.css?generated=1610804253&ver=1.15.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 23:24:15 GMT
server: ESF
date: Sat, 24 Apr 2021 00:05:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Apr 2021 00:05:03 GMT

GET
H2 200 hotjar-2172166.js Show response
static.hotjar.com/c/ 4 KB
2 KB 215ms
96ms Script
application/javascript 143.204.245.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2172166.js?sv=6

Requested by

Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-33.cph50.r.cloudfront.net

Software

Resource Hash

21c386def736069d8e68bd6861df8d2aefe52305991fbfc7b9d60d4b6a74d62a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: CPH50-C1
etag: W/dd19a8a80f79a7422b9536bfe1e4b11f
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1687
via: 1.1 6cbce7f027770aab1fdecc1818c43a0b.cloudfront.net (CloudFront)
x-amz-cf-id: _MGzyvWe-wJQxnL2vHPUUg2Ajq5Xr6nHvvxdZOPeIAbd9dzNKMmu8w==

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 483784ecdf80ccaffd50869e23e2efdbeed9343b1b4c7dae837667e4984a68a7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83e93182297e9d28c29634f1fdb580ec1a4a459d30cebf3581ba65dcc3192e0d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C400i%2C700%2C700i%7COpen+Sans%3A300%2C400%2C400i%2C700%2C+700i&subset=latin%2Clatin-ext%2Ccyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://putuj-povoljno.rs
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 339266
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 20 Apr 2022 01:50:37 GMT

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v9/ 26 KB
27 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v9/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

451dad3dfc12bb5652e7600fa6ba6a2d49d804d10768758940be9fee8cf04399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://putuj-povoljno.rs
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:35:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:19 GMT
server: sffe
age: 116951
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27108
x-xss-protection: 0
expires: Fri, 22 Apr 2022 15:35:52 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFW50bbck.woff2
fonts.gstatic.com/s/opensans/v18/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50bbck.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://putuj-povoljno.rs
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:44:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:21 GMT
server: sffe
age: 116456
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11316
x-xss-protection: 0
expires: Fri, 22 Apr 2022 15:44:07 GMT

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72507f00b0d3b3f05bc451ca44338766fc332877a0dd2cb09132cbbef11ff60b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4a52407881d56ce5bbe99e093739af9e5a2a027a7782ccb72d8ddc47181cacb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 601c8d9fff6f9466c64f239d5342367b7822a9ef7fd55a5805c993a30c403a15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sp.js Show response
st.avsplow.com/19.18.11/ 42 KB
14 KB 59ms
35ms Script
application/javascript 2606:4700:20::681a:777
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://st.avsplow.com/19.18.11/sp.js
Requested by: Host: tp.media
URL: https://tp.media/content?promo_id=4041&shmarker=303248&campaign_id=100&trs=5519&searchUrl=pretraga.putuj-povoljno.rs%2Fflights&locale=bs&currency=eur&powered_by=false&one_way=false&only_direct=false&period=year&range=7%2C14&show_logo=false&primary=%230469ab&achieve=%23f86f35&origin=BEG&destination=SOF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:777 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e8f537145a37e6152c09f43181908275d093e501a2d935dd7922c79b8470f51

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1757
cf-request-id: 09a2cac5a000004e67f4abc000000001
last-modified: Sun, 15 Nov 2020 04:17:05 GMT
server: cloudflare
etag: W/"5fb0abc1-a6b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bxda8sjRe2i7WVSaLW2XpSpGt83p%2Bbqh0OpMeo8bpzk2vaoTdKSyFm8nnG9Rdd9J%2FTa1mjELEjkMi1TlOWz6XuW0Yy4Swh9cZ5gkeU%2BzCswTkDVI6BBJTfc19A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 644b13e8f9814e67-FRA
expires: Sat, 24 Apr 2021 03:35:46 GMT

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/ 69 KB
19 KB 57ms
43ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Requested by

Host: tp.media
URL: https://tp.media/content?promo_id=4041&shmarker=303248&campaign_id=100&trs=5519&searchUrl=pretraga.putuj-povoljno.rs%2Fflights&locale=bs&currency=eur&powered_by=false&one_way=false&only_direct=false&period=year&range=7%2C14&show_logo=false&primary=%230469ab&achieve=%23f86f35&origin=BEG&destination=SOF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://putuj-povoljno.rs
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 79061
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18862
cf-request-id: 09a2cac5a30000177290331000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-112f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4YYVm%2BCpfWtZcXwrLzBbWt4iWnG9D3zNm6HWG3VvClPjMT5de2b7CEw2kh8jIXzKVmXsBPLjUHCQOUGZF6e3EGzVN4DeLUc3xIdcoQnZ7K8oG8iLmJliOpGOYP2w8H9ceQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 644b13e909f91772-FRA
expires: Thu, 14 Apr 2022 00:05:03 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://putuj-povoljno.rs
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 20:40:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 271465
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Wed, 20 Apr 2022 20:40:38 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 186760d0c61c24ba02aa6f2a7e7215b128648caadc0a30419808461054977942

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7961bd096a84051ca81711f2126ee67d28e6f80eb1c1048e9201cdc55cc6417

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9a8768c59fb97194bf8bc1b3c1045bc46fc5c332a69611a044b2a8f2f0c5ad7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 fa-brands-400.woff2
putuj-povoljno.rs/wp-content/themes/palmeria/assets/fontawesome/webfonts/ 74 KB
74 KB 38ms
37ms Font
application/font-woff2 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to

Full URL: https://putuj-povoljno.rs/wp-content/themes/palmeria/assets/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/wp-content/themes/palmeria/assets/fontawesome/css/all.css?ver=5.11.2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843

Request headers

:path: /wp-content/themes/palmeria/assets/fontawesome/webfonts/fa-brands-400.woff2
pragma: no-cache
origin: https://putuj-povoljno.rs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/wp-content/themes/palmeria/assets/fontawesome/css/all.css?ver=5.11.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://putuj-povoljno.rs
Referer: https://putuj-povoljno.rs/wp-content/themes/palmeria/assets/fontawesome/css/all.css?ver=5.11.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
etag: "12648-5fb946ff-0;;;"
content-type: application/font-woff2
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 75336
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-29 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v9/ 27 KB
27 KB 35ms
35ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v9/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ca57650e9d1881e382bd324039937317b18e44fd5fadab6d09018d426a2622a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://putuj-povoljno.rs
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:44:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:29 GMT
server: sffe
age: 116455
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27932
x-xss-protection: 0
expires: Fri, 22 Apr 2022 15:44:08 GMT

GET
H3-29 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY5KcCsww.woff2
fonts.gstatic.com/s/librebaskerville/v9/ 19 KB
20 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v9/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY5KcCsww.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6091cb2703ba8f60c59a9afb06a4986c4bf29ece1bf186e0ec494eceb75e5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://putuj-povoljno.rs
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 22:54:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:32 GMT
server: sffe
age: 349810
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19960
x-xss-protection: 0
expires: Tue, 19 Apr 2022 22:54:53 GMT

GET
H3-29 200 4.f7f817e61a022b56c990.chunk.js Show response
tp.media/cascoon/ 16 KB
6 KB 22ms
22ms Script
application/javascript 2606:4700:3036::ac43:a62d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tp.media/cascoon/4.f7f817e61a022b56c990.chunk.js

Requested by

Host: tp.media
URL: https://tp.media/cascoon/common.51c7f342ff807d8949b4.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a62d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a7cafbeb9b7148d2d87a1ef9b0e72781d55dc570f565bc24dc2c0cf267a9fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2750407
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09a2cac61200002bc2d5b2b000000001
last-modified: Fri, 19 Mar 2021 14:11:25 GMT
server: cloudflare
etag: W/"6054b10d-3e03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wAqvBKDHBrSUH%2FV6BVyEa8dKDFMsRyWwP1xwgKGO%2BUPUXPBwa4JfsTZzk6bvsJELOGgL9aqcegBpkLK2sUXz1pM6dpJ5Vm8pQ13g2sq6v75BwRpl1A%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 644b13e9bb7c2bc2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 3.3ec7f1ef76c0cccb0938.chunk.js Show response
tp.media/cascoon/ 61 KB
10 KB 24ms
24ms Script
application/javascript 2606:4700:3036::ac43:a62d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tp.media/cascoon/3.3ec7f1ef76c0cccb0938.chunk.js

Requested by

Host: tp.media
URL: https://tp.media/cascoon/common.51c7f342ff807d8949b4.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a62d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edd0c4233ef1eb82856dae30af242fd3379a2b4171d01b87bdc195a55641d43a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 913806
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09a2cac61200002bc293aa8000000001
last-modified: Mon, 05 Apr 2021 11:50:02 GMT
server: cloudflare
etag: W/"606af96a-f33f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ML%2BjmOkeHVL1CjoCd6mjgJdJlX6x%2FSMbXT015C4kZtbBfNk7dja%2BZn8NNFcw4T3CB797zMfJ6bJkjHuiysTLNoP8AW8tsBhZrj1iChE4fZ%2BX58QtIA%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 644b13e9bb7d2bc2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 schedule_loader.svg
tp.media/cascoon/ 431 B
1 KB 23ms
22ms Image
image/svg+xml 2606:4700:3036::ac43:a62d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tp.media/cascoon/schedule_loader.svg

Requested by

Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a62d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10bb07f0aa89435e3c7aaa6e6f0981fcd3c5d01d88e61a54140d6e975c15f4b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1265045
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09a2cac61200002bc2fe2ed000000001
last-modified: Mon, 05 Apr 2021 11:51:12 GMT
server: cloudflare
etag: W/"606af9b0-1af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cnooroArtY3GPDxRSgETg7C%2Bzp2sEB0SpfE%2FL61uVexzt1FQxQi5wokwmynLjqngwBjn7CbiX%2Fr%2BybsurEXEVB5bM1ezxGroOHSu2VoAuGFR%2BP%2FBew%3D%3D"}],"group":"cf-nel"}
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 644b13e9bb7e2bc2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.css
www.travelpayouts.com/mewtwo/ 169 KB
12 KB 0ms
0ms Stylesheet
text/css 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f90ca8086e3a8827af8a77f407a2a9533d6c507b22c369f8741b6b83133db66

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
last-modified: Mon, 21 Dec 2020 11:26:23 GMT
server: nginx
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=600
content-length: 12051

GET
H2 200 df196e1efb972f20e1b8e7a3d94541b4.js Show response
www.travelpayouts.com/widgets_static/ 317 KB
62 KB 1ms
0ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets_static/df196e1efb972f20e1b8e7a3d94541b4.js?v=2062
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: f8d02e65e1cb25e1d770aeacc9de485cb3617172c164256648eef8b089cb835c

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: gzip
last-modified: Sat, 16 Jan 2021 14:15:20 GMT
server: nginx
etag: W/"6002f4f8-4f4bd"
content-type: application/javascript; charset=utf-8

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ 223 KB
83 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9810461040975217&plah=putuj-povoljno.rs&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 00:05:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/ Frame A0A6 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210422/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://putuj-povoljno.rs/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://putuj-povoljno.rs/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 23 Apr 2021 19:22:05 GMT
expires: Fri, 07 May 2021 19:22:05 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 16978
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 collect
www.google-analytics.com/g/ 0
74 B 13ms
13ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BPCKPKQQKH&gtm=2oe4e1&_p=1337116102&sr=1600x1200&ul=en-us&cid=713331106.1619222704&_s=1&dl=https%3A%2F%2Fputuj-povoljno.rs%2F&dt=Putuj%20Povoljno%20%E2%80%93%20Prona%C4%91ite%20najpovoljnije%20avio%20karte%20i%20sme%C5%A1taj&sid=1619222703&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BPCKPKQQKH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://putuj-povoljno.rs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 78ms
76ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-792707840&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BPCKPKQQKH

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9df45d5a472ccbfbb52a18ce2973331bb1a68d744805dc2d97efe541cc763826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34099
x-xss-protection: 0
expires: Sat, 24 Apr 2021 00:05:03 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 115ms
40ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-792707840

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3c3873b4b3cc35b18323781fa7884992e5e476fba8da153bb63d55adc572a583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13898
x-xss-protection: 0
server: cafe
etag: 2024374664263027787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 00:05:03 GMT

GET
H2

200

j.gif
avsplow.com/a/
Redirect Chain

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%2...
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22df196e1efb972f20e1b8e7a3d94541b4%22,%22trace_...

43 B
387 B

54ms
54ms

Image
image/gif

185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22df196e1efb972f20e1b8e7a3d94541b4%22,%22trace_id%22:%22Zz7cecd928e2a64830a2c9d79-303248%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:04 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 43

Redirect headers

date: Sat, 24 Apr 2021 00:05:03 GMT
server: nginx
location: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22df196e1efb972f20e1b8e7a3d94541b4%22,%22trace_id%22:%22Zz7cecd928e2a64830a2c9d79-303248%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 0

POST
H2 200 j
avsplow.com/a/ 2 B
338 B 93ms
60ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.11/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://putuj-povoljno.rs
date: Sat, 24 Apr 2021 00:05:03 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

GET
H2 200 modules.8b23c17a636351708db3.js Show response
script.hotjar.com/ 219 KB
58 KB 183ms
78ms Script
application/javascript 143.204.245.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8b23c17a636351708db3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2172166.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-61.cph50.r.cloudfront.net

Software

Resource Hash

312d088790a9ca18e8acf1c2821470549267bd6e04f2386138b6950c41b89faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 08:14:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57056
x-cache: Hit from cloudfront
content-length: 59040
access-control-allow-origin: *
last-modified: Fri, 23 Apr 2021 08:14:04 GMT
etag: "20783134264b5cc55eb8fd2fee5b1b4b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c0f81b73b25f5689e5357fd24a5fcb0d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: LbSpy-O4dsyi7-E9SUd2nAKzdIHxA9YCDqY-xTzbEarCPon95XyrMA==

GET
H3-Q050 200 logo50x50.png
putuj-povoljno.rs/wp-content/uploads/2020/11/ 3 KB
3 KB 37ms
36ms Image
image/png 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://putuj-povoljno.rs/wp-content/uploads/2020/11/logo50x50.png
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 9582bbeb3c9efbc0589d399c6b3d0d4548028a22e221704bf57d5a2fca014711

Request headers

:path: /wp-content/uploads/2020/11/logo50x50.png
pragma: no-cache
cookie: _ga_BPCKPKQQKH=GS1.1.1619222703.1.0.1619222703.0; _ga=GA1.1.713331106.1619222704; _sp_ses.116b=*; _sp_id.116b=780e620e-8a05-438a-9eec-69a196e10152.1619222704.1.1619222704.1619222704.5067c832-15fc-4fc9-b528-bcde77db2633
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Nov 2020 19:18:24 GMT
server: LiteSpeed
etag: "a92-5fb96800-0;;;"
content-type: image/png
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 2706
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 bluelogo50x50.png
putuj-povoljno.rs/wp-content/uploads/2020/11/ 3 KB
3 KB 39ms
38ms Image
image/png 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://putuj-povoljno.rs/wp-content/uploads/2020/11/bluelogo50x50.png
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: c7a1459135ed5ec332e8307e55efec84366c0303fdab40676544c2ec871824fc

Request headers

:path: /wp-content/uploads/2020/11/bluelogo50x50.png
pragma: no-cache
cookie: _ga_BPCKPKQQKH=GS1.1.1619222703.1.0.1619222703.0; _ga=GA1.1.713331106.1619222704; _sp_ses.116b=*; _sp_id.116b=780e620e-8a05-438a-9eec-69a196e10152.1619222704.1.1619222704.1619222704.5067c832-15fc-4fc9-b528-bcde77db2633
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 22 Nov 2020 14:49:39 GMT
server: LiteSpeed
etag: "b06-5fba7a83-0;;;"
content-type: image/png
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 2822
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H3-Q050 200 curt-nichols-jivuTHZ6J4c-unsplash-min-1.jpg
putuj-povoljno.rs/wp-content/uploads/2020/12/ 215 KB
215 KB 39ms
39ms Image
image/jpeg 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://putuj-povoljno.rs/wp-content/uploads/2020/12/curt-nichols-jivuTHZ6J4c-unsplash-min-1.jpg
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: 511f505c8a87bf962e10cba4b9fc84625683d2030cf2f22019220418bba39d51

Request headers

:path: /wp-content/uploads/2020/12/curt-nichols-jivuTHZ6J4c-unsplash-min-1.jpg
pragma: no-cache
cookie: _ga_BPCKPKQQKH=GS1.1.1619222703.1.0.1619222703.0; _ga=GA1.1.713331106.1619222704; _sp_ses.116b=*; _sp_id.116b=780e620e-8a05-438a-9eec-69a196e10152.1619222704.1.1619222704.1619222704.5067c832-15fc-4fc9-b528-bcde77db2633
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 16 Jan 2021 00:38:02 GMT
server: LiteSpeed
etag: "35cb1-6002356a-0;;;"
content-type: image/jpeg
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 220337
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H2 200 search Show response
suggest.travelpayouts.com/ 1 KB
617 B 237ms
157ms Fetch
application/json 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://suggest.travelpayouts.com/search?term=BEG&locale=bs&service=aviasales
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: e27562082fb3f26c611e4eb4b58806013e6d950596b318efae7e066b26e873ee

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-ttl: 0
date: Sat, 24 Apr 2021 00:05:04 GMT
content-encoding: gzip
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
x-request-id: a6fec2ad97be0ddf5d49f42cec848f19

GET
H2 200 search Show response
suggest.travelpayouts.com/ 1 KB
623 B 174ms
95ms Fetch
application/json 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://suggest.travelpayouts.com/search?term=SOF&locale=bs&service=aviasales
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a113fae242600f64f19ae3ff97ebe013dad1f4861b032f23f357ba2abbf745f

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-ttl: 0
date: Sat, 24 Apr 2021 00:05:04 GMT
content-encoding: gzip
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
x-request-id: 99be03a1711182b6452b3e107d369a10

GET
H3-Q050 200 ajax-loader.gif
putuj-povoljno.rs/wp-content/plugins/getwid/vendors/slick/slick/ 4 KB
4 KB 62ms
62ms Image
image/gif 185.119.88.30
UNITED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://putuj-povoljno.rs/wp-content/plugins/getwid/vendors/slick/slick/ajax-loader.gif
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/wp-content/plugins/getwid/vendors/slick/slick/slick-theme.min.css?ver=1.9.0
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 185.119.88.30 , Serbia, ASN12459 (UNITED, RS),
Reverse DNS: s10.unlimited.rs
Software: LiteSpeed /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

:path: /wp-content/plugins/getwid/vendors/slick/slick/ajax-loader.gif
pragma: no-cache
cookie: _ga_BPCKPKQQKH=GS1.1.1619222703.1.0.1619222703.0; _ga=GA1.1.713331106.1619222704; _sp_ses.116b=*; _sp_id.116b=780e620e-8a05-438a-9eec-69a196e10152.1619222704.1.1619222704.1619222704.5067c832-15fc-4fc9-b528-bcde77db2633
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: putuj-povoljno.rs
referer: https://putuj-povoljno.rs/wp-content/plugins/getwid/vendors/slick/slick/slick-theme.min.css?ver=1.9.0
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://putuj-povoljno.rs/wp-content/plugins/getwid/vendors/slick/slick/slick-theme.min.css?ver=1.9.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Apr 2021 00:05:03 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 22:31:34 GMT
server: LiteSpeed
etag: "1052-5fdd2dc6-0;;;"
content-type: image/gif
cache-control: public, max-age=31536000,public
accept-ranges: bytes
content-length: 4178
expires: Sun, 24 Apr 2022 00:05:03 GMT

GET
H2 200 whereami Show response
www.travelpayouts.com/ 125 B
297 B 55ms
54ms Script
text/plain 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/whereami?locale=sr&callback=mewtwoForms.geoIPSetter.lang_sr
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/df196e1efb972f20e1b8e7a3d94541b4.js?v=2062
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: be02387fae0d6b0c06e68634a2986e8bb951e9c11ba473784f875464440ac067

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 24 Apr 2021 00:05:04 GMT
context-type: application/x-javascript; charset=utf-8
server: nginx
content-length: 125
x-request-id: a85cfa914d40496328eb218bbf0fdcea
content-type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ 611 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f338c1e72f91b608a104274fee871904263742cdc40d05362d40beed5985034d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87299cf2d0c4c9d42f9661a934fc3248841bcfc2f3b499e3d84b54ea03421e01

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 129 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f3e856e1e142701f9211f03086b2de3586d8dab3d246bbc9b33fb9043ccc056

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b025fc2c1e1a86d07d3529a5f36efe47182e3b464c424d250991fb1b29f55ab2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/opensans/v13/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2

Requested by

Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://putuj-povoljno.rs
Referer: https://www.travelpayouts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:35:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Apr 2015 23:45:29 GMT
server: sffe
age: 116965
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10352
x-xss-protection: 0
expires: Fri, 22 Apr 2022 15:35:38 GMT

GET
H3-29 200 MTP_ySUJH_bn48VBG8sNShampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/opensans/v13/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/MTP_ySUJH_bn48VBG8sNShampu5_7CjHW5spxoeN3Vs.woff2

Requested by

Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://putuj-povoljno.rs
Referer: https://www.travelpayouts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:43:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Apr 2015 23:45:49 GMT
server: sffe
age: 116479
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10328
x-xss-protection: 0
expires: Fri, 22 Apr 2022 15:43:44 GMT

GET
H3-29 200 u-WUoqrET9fUeobQW7jkRYX0hVgzZQUfRDuZrPvH3D8.woff2
fonts.gstatic.com/s/opensans/v13/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/u-WUoqrET9fUeobQW7jkRYX0hVgzZQUfRDuZrPvH3D8.woff2

Requested by

Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e5b8e25541257e9ccea8199657b27ee53af841ce6d58b9baebc547ae48d28f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://putuj-povoljno.rs
Referer: https://www.travelpayouts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:43:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Apr 2015 23:46:33 GMT
server: sffe
age: 116482
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8224
x-xss-protection: 0
expires: Fri, 22 Apr 2022 15:43:41 GMT

GET
H2 200 places2 Show response
autocomplete.travelpayouts.com/ 11 KB
3 KB 93ms
92ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://autocomplete.travelpayouts.com/places2?term=BEG&locale=sr&types=city%2Cairport&max=7&callback=callback_75309
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/df196e1efb972f20e1b8e7a3d94541b4.js?v=2062
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 87ab20673a87200f73d3e09d730f66438a3ed8b1fad7a14ed3beb0f39aac8f8c

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:04 GMT
access-control-request-method: *
server: nginx
etag: W/"f309e3c2cd935d13c0cb0fdc23a29a6bd55da707"
x-cache-status: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-cache-type: autocomplete
content-encoding: gzip
x-proxy-cache: BYPASS

GET
DATA 200
OK truncated
/ 503 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c584328b1c7755f6a642bf5040cc170565be42a3fe07439f4f865fa4bb1e830b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 635 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef236b75e52442788cbbebf2d5762bcdaced71fdfbb032e2600e312bd9620815

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 RjgO7rYTmqiVp7vzi-Q5UYX0hVgzZQUfRDuZrPvH3D8.woff2
fonts.gstatic.com/s/opensans/v13/ 6 KB
6 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/RjgO7rYTmqiVp7vzi-Q5UYX0hVgzZQUfRDuZrPvH3D8.woff2

Requested by

Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28add160ac626b83c6f7ce827f0c0cb8bf6f7914b140c0bd242f59d545ba3d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://putuj-povoljno.rs
Referer: https://www.travelpayouts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 23:06:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Apr 2015 23:46:59 GMT
server: sffe
age: 262739
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5916
x-xss-protection: 0
expires: Wed, 20 Apr 2022 23:06:05 GMT

GET
DATA 200
OK truncated
/ 261 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e345df69bc7e03c6fb150a526675c88e4bed7136aa3b1eb21f68f1a6a4204d23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 704 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75fc384c8b2f47fcbdc7291162c2e8a3879a67a82e2b3db3067684ff852206ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 j
avsplow.com/a/ 2 B
338 B 30ms
28ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.11/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://putuj-povoljno.rs
date: Sat, 24 Apr 2021 00:05:04 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

POST
H2 200 j
avsplow.com/a/ 2 B
338 B 30ms
30ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.11/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://putuj-povoljno.rs
date: Sat, 24 Apr 2021 00:05:04 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

POST
H2 200 j
avsplow.com/a/ 2 B
338 B 31ms
31ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.11/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://putuj-povoljno.rs
date: Sat, 24 Apr 2021 00:05:04 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

GET
H2 200 tp_white.png
www.travelpayouts.com/powered_by/img/ 4 KB
4 KB 31ms
31ms Image
image/png 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelpayouts.com/powered_by/img/tp_white.png
Requested by: Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 69e3cc6ecc85577ba972970520d0a4abc0c253ad2b714ac4ed0429025bf959ba

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:04 GMT
last-modified: Thu, 10 Dec 2020 06:20:54 GMT
server: nginx
accept-ranges: bytes
etag: "5fd1be46-107d"
content-length: 4221
content-type: image/png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
647 B 107ms
37ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=putuj-povoljno.rs&callback=_gfp_s_&client=ca-pub-9810461040975217

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9810461040975217&plah=putuj-povoljno.rs&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

74950037c3172459f34d6666e4b5cebb17cf917e3c35ac91e7a88eb574074f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=putuj-povoljno.rs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 00:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=putuj-povoljno.rs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 00:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D8C 54 B
56 B 79ms
77ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&adk=1812271804&adf=3025194257&lmt=1619222703&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fputuj-povoljno.rs%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703676&bpp=12&bdt=390&idt=401&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7402867900829&frm=20&pv=2&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=415

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9810461040975217&output=html&adk=1812271804&adf=3025194257&lmt=1619222703&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fputuj-povoljno.rs%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703676&bpp=12&bdt=390&idt=401&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7402867900829&frm=20&pv=2&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=415
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://putuj-povoljno.rs/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://putuj-povoljno.rs/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Apr 2021 00:05:04 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 24-Apr-2021 00:20:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Apr 2021 00:05:04 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Sat, 24 Apr 2021 00:05:04 GMT

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame 4C8D 1 KB
1 KB 155ms
51ms Document
text/html 143.204.245.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2172166.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.245.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-245-19.cph50.r.cloudfront.net
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://putuj-povoljno.rs/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://putuj-povoljno.rs/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c63e477878535a923916847cfe5704eb.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: j46-05PCqAYHvQ3lplpckave2YWORiF52xiYvws8FM2dOntjJP5bVA==
age: 2102072

POST
H2 200 j
avsplow.com/a/ 2 B
338 B 37ms
37ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.11/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://putuj-povoljno.rs
date: Sat, 24 Apr 2021 00:05:04 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5DFD 78 KB
24 KB 528ms
528ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=3738507136&adf=3404032449&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703689&bpp=5&bdt=403&idt=434&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1010&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OVM3DuralB&p=https%3A//putuj-povoljno.rs&dtd=470

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

121dc58d7fb86276b819f809daee0fa9496c9b956d02a8e2b18cdad33c7aed40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=3738507136&adf=3404032449&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703689&bpp=5&bdt=403&idt=434&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1010&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OVM3DuralB&p=https%3A//putuj-povoljno.rs&dtd=470
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://putuj-povoljno.rs/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://putuj-povoljno.rs/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Apr 2021 00:05:04 GMT
server: cafe
content-length: 24361
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 24-Apr-2021 00:20:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Apr 2021 00:05:04 GMT
cache-control: private

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/792707840/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/792707840/?random=1619222704175&cv=9&fst=1619222704175&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4e1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fputuj-povoljno.rs%2F&tiba=Putuj%20Povoljno%20%E2%80%93%20Prona%C4%91ite%20najpovoljnije%20avio%20karte%20i%20sme%C5%A1taj&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20afc5b6f2aab5fdf1b0ff3e3c026a174d602c622946588c9d85b1819f151410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/792707840/ 2 KB
1 KB 76ms
39ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/792707840/?random=1619222704176&cv=9&fst=1619222704176&num=1&label=zxeeCP703uwBEICG__kC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4e1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fputuj-povoljno.rs%2F&tiba=Putuj%20Povoljno%20%E2%80%93%20Prona%C4%91ite%20najpovoljnije%20avio%20karte%20i%20sme%C5%A1taj&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f9081633ab062b964d38569ec653158795a2d428cca15c3fcada4579245f29de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1181
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A6B 80 KB
26 KB 600ms
600ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0aedda8af2db62e9855541d5ae2ad12034ca2be80f7305a7492b764396744cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://putuj-povoljno.rs/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://putuj-povoljno.rs/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Apr 2021 00:05:04 GMT
server: cafe
content-length: 26330
x-xss-protection: 0
set-cookie: IDE=AHWqTUmuGJPKbtMQYktd4cAKA9dTSu2rBSH_uNQiJEjjFOu-5mr6FU_PRTxEORryI9U; expires=Thu, 19-May-2022 00:05:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Apr 2021 00:05:04 GMT
cache-control: private

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/792707840/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/792707840/?random=1619222704175&cv=9&fst=1619222400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fputuj-povoljno.rs%2F&tiba=Putuj%20Povoljno%20%E2%80%93%20Prona%C4%91ite%20najpovoljnije%20avio%20karte%20i%20sme%C5%A1taj&async=1&fmt=3&is_vtc=1&random=1204459680&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/792707840/ 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/792707840/?random=1619222704175&cv=9&fst=1619222400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4e1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fputuj-povoljno.rs%2F&tiba=Putuj%20Povoljno%20%E2%80%93%20Prona%C4%91ite%20najpovoljnije%20avio%20karte%20i%20sme%C5%A1taj&async=1&fmt=3&is_vtc=1&random=1204459680&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/792707840/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/792707840/?random=572816511&cv=9&fst=1619222704176&num=1&label=zxeeCP703uwBEICG__kC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505...
https://www.google.com/pagead/1p-conversion/792707840/?random=572816511&cv=9&fst=1619222704176&num=1&label=zxeeCP703uwBEICG__kC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1...
https://www.google.de/pagead/1p-conversion/792707840/?random=572816511&cv=9&fst=1619222704176&num=1&label=zxeeCP703uwBEICG__kC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=16...

42 B
64 B

32ms
30ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/792707840/?random=572816511&cv=9&fst=1619222704176&num=1&label=zxeeCP703uwBEICG__kC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4e1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fputuj-povoljno.rs%2F&tiba=Putuj%20Povoljno%20%E2%80%93%20Prona%C4%91ite%20najpovoljnije%20avio%20karte%20i%20sme%C5%A1taj&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=sGCDYO-dDr_H7_UP1rCFiAE&cid=CAQSKQCNIrLM1C0NKG6L7ZN3xXcFh3CNbCdqO1Y5oPpHDr_IP2TJHjQewVv6&random=2603274787&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: putuj-povoljno.rs
URL: https://putuj-povoljno.rs/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/792707840/?random=572816511&cv=9&fst=1619222704176&num=1&label=zxeeCP703uwBEICG__kC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4e1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fputuj-povoljno.rs%2F&tiba=Putuj%20Povoljno%20%E2%80%93%20Prona%C4%91ite%20najpovoljnije%20avio%20karte%20i%20sme%C5%A1taj&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=sGCDYO-dDr_H7_UP1rCFiAE&cid=CAQSKQCNIrLM1C0NKG6L7ZN3xXcFh3CNbCdqO1Y5oPpHDr_IP2TJHjQewVv6&random=2603274787&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 data_api Show response
suggest.travelpayouts.com/ 168 B
346 B 134ms
133ms Fetch
application/json 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://suggest.travelpayouts.com/data_api?service=calendar_aviasales_year&origin_iata=BEG&currency=eur&destination_iata=SOF&one_way=false&min_trip_duration=7&max_trip_duration=14&only_direct=false&month=&host=pretraga.putuj-povoljno.rs/flights
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d9c9187ef71fd2f8dbe773982f91b41a1b04c47f5b9bca3d9565266ef68a5e6

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-ttl: 0
date: Sat, 24 Apr 2021 00:05:04 GMT
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 168
x-request-id: 3c0671a98e597933f43f0afb35b9534a

POST
H2 200 j
avsplow.com/a/ 2 B
338 B 30ms
29ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.11/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://putuj-povoljno.rs
date: Sat, 24 Apr 2021 00:05:04 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

GET
H3-29 200 css
fonts.googleapis.com/ Frame 5DFD 3 KB
578 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=3738507136&adf=3404032449&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703689&bpp=5&bdt=403&idt=434&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1010&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OVM3DuralB&p=https%3A//putuj-povoljno.rs&dtd=470

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 23:14:49 GMT
server: ESF
date: Sat, 24 Apr 2021 00:05:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Apr 2021 00:05:04 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 5DFD 1 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 23:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 May 2021 23:59:35 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 5DFD 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 23:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 May 2021 23:57:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 5DFD 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:01:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 00:01:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5DFD 116 KB
35 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 00:05:04 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 5DFD 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 23:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 May 2021 23:50:42 GMT

GET
H3-29 200 b42b11247d0ebeb7b44892ca7e629453.js Show response
www.gstatic.com/mysidia/ Frame 5DFD 25 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 03:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 07:12:01 GMT
server: sffe
age: 72903
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10497
x-xss-protection: 0
expires: Thu, 22 Jul 2021 03:50:01 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4283435847921023915/ Frame 5DFD 28 KB
28 KB 16ms
14ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4283435847921023915/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f95aa208f8986ce84303f304fece66f287fe0803b1179e99565f25342d1de873

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 07:30:54 GMT
x-content-type-options: nosniff
age: 318850
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28836
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 09:31:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Apr 2022 07:30:54 GMT

GET
DATA 200
OK truncated
/ Frame 5DFD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5DFD 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cw2WIsGCDYNnrCoepx_APr6yrmAH0ueWnYsih_Z_TDZ-bgq3LBBABIKGTmjxglQKgAd-b8sUByAEJqQLomteo8Uu0PqgDAcgDywSqBNkBT9AKpmz4LOq24QVt1uoyHV-ERwlcNLUn_j52AjA0E7cYnyY20G3EAVyQ1w2mDbEypCIfhhWRWaQQcEZQOkTTzakCUXLQsD_fepdali5G7-hIRKRZk6vFAXxtiTM4ftIQIeGDd6Pif0hc9qj0cMGkCoNkfD6TdCUy339NPIU0EQGV7xzJU9Vsuez2FSkUjXZLYiqyVkerQ-SjDmLjsIJXCDwg2UN_hxyQRJBD9lBHW7_nKZF5vAflcAWTr7i6UyDWULbxZNb_rh1b6tqb5CeZ8UGvveWaBRFrhcAE_4TC5rUDkgUECAQYAZIFBAgFGASgBi6AB4nkjboCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcFELfNygHSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMNiBQQ0BUBgBcBshcaChgIABIUcHViLTk4MTA0NjEwNDA5NzUyMTc&sigh=0bl2JcMf-Jw&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=3738507136&adf=3404032449&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703689&bpp=5&bdt=403&idt=434&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1010&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=OVM3DuralB&p=https%3A//putuj-povoljno.rs&dtd=470
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Apr 2021 00:05:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5DFD 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fa39a647b8e7dc742a3e71c80f1f68706296d52ec595d2bef1156fc2b2764c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 5DFD 21 KB
21 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 167582
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 22 Apr 2022 01:32:02 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 5DFD 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 21:23:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 268868
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Wed, 20 Apr 2022 21:23:56 GMT

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame B612 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 03:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 72494
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Sat, 23 Apr 2022 03:56:50 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 3A6B 6 KB
669 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 23:15:06 GMT
server: ESF
date: Sat, 24 Apr 2021 00:05:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Apr 2021 00:05:04 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 3A6B 1 KB
909 B 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 23:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 May 2021 23:59:35 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 3A6B 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 23:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 May 2021 23:57:01 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 3A6B 2 KB
1 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:01:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 May 2021 00:01:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A6B 116 KB
35 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Sat, 24 Apr 2021 00:05:04 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 3A6B 13 KB
5 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 23:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 May 2021 23:50:42 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 3A6B 0
0 16ms
14ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqDKh7IZQCOtKwOBcom__yDjxCCHDCYPN8Ca6U8sFyTazZL4YHDtn09WtVO0XetoX3IoNufGuBEPfp1I8690NdSzYzIA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 b42b11247d0ebeb7b44892ca7e629453.js Show response
www.gstatic.com/mysidia/ Frame 3A6B 25 KB
10 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b42b11247d0ebeb7b44892ca7e629453.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 03:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Apr 2021 07:12:01 GMT
server: sffe
age: 72903
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10497
x-xss-protection: 0
expires: Thu, 22 Jul 2021 03:50:01 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A6B 0
0 16ms
15ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-zKSsGCDYL2sDJ68x_APw7CK2AX0ueWnYsih_Z_TDYrRo-2-ARABIKGTmjxglQKgAd-b8sUByAEJqQLomteo8Uu0PqgDAcgDywSqBN8BT9Dv3vCJbeQluKjx_D5E3Xim_Eqb1x0F-7uJdOHLlx-M2GEPNjjV4nYZkP1Au9DLA9gyMGzeS3tiYFttKW5IH1l9QzZRBlCDcFPIfAfcs7nBICsDZ5F-lj-y2XBUkQGuI2VPcHlvmRRcnLevsuqyLsVBM5v3HEi94xuqaOsO9fw3-XgdtTWlSTKp_8hQkg9LCqYk0kIfEuTNThmufKTc1U4YI4dLAuUERvJZAzQNzU40iqLN6565ht4n_lPSKOvi6p5vSFQ3Lozu4YKwRcioIPTbXkURz1uG7yW9A9BQ1MAE_4TC5rUDkgUECAQYAZIFBAgFGASgBi6AB4nkjboCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIT4SdIICQiA4YAQEAEYH4AKAcgLAdgTDYgUELIXGgoYCAASFHB1Yi05ODEwNDYxMDQwOTc1MjE3&sigh=GqGeHYr9ygM&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Apr 2021 00:05:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4283435847921023915/ Frame 3A6B 14 KB
14 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4283435847921023915/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

028aee8ebdaefb6f7a3a28479b93d9e705585c12ce0b7af0c5f5cb3d9df811fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 00:50:29 GMT
x-content-type-options: nosniff
age: 170075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14347
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 09:31:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 00:50:29 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3200160035678753905/ Frame 3A6B 2 KB
2 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3200160035678753905/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33102e31bbad99c1969aa00d12e6cb01540aad74e5008eede7c5ec395b233263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:50 GMT
x-content-type-options: nosniff
age: 482474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1567
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 13:21:57 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Apr 2022 10:03:50 GMT

GET
DATA 200
OK truncated
/ Frame 3A6B 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4174 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 23 Apr 2021 03:14:09 GMT
expires: Sat, 24 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 75055
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3A6B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24007e0d23e6b1b423ee787a9990cbfc1f821a36a5b8aa30d66eaab03288c4f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3A6B 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 502901
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 18 Apr 2022 04:23:23 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3A6B 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 116975
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 22 Apr 2022 15:35:29 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4174
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJYwVDX...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUJYwVDX...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjQyNDA1MDU3NTgzNzI1MTE5NTE4Nw%3D%3D&google_push=AQvitUJYwVDX4eTC-4LDxNxKQLqvhpIOkGJGSpBanivoqPygGBH7oVKZJRy4MxdyiN1Tys...

170 B
188 B

38ms
38ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjQyNDA1MDU3NTgzNzI1MTE5NTE4Nw%3D%3D&google_push=AQvitUJYwVDX4eTC-4LDxNxKQLqvhpIOkGJGSpBanivoqPygGBH7oVKZJRy4MxdyiN1TysAl0A1C2t2hjMJgrif4VMPKzY41LSuAOQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MjQyNDA1MDU3NTgzNzI1MTE5NTE4Nw%3D%3D&google_push=AQvitUJYwVDX4eTC-4LDxNxKQLqvhpIOkGJGSpBanivoqPygGBH7oVKZJRy4MxdyiN1TysAl0A1C2t2hjMJgrif4VMPKzY41LSuAOQ
Pragma: no-cache
Date: Sat, 24 Apr 2021 00:05:05 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 4174 43 B
324 B 79ms
34ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBBiU3dzFyknk-bumdBQc1c&google_push=AQvitUKWjn2hL7oKV8NTyzca8zPYhVuBRO8uUP5zPFhdTVEI8nNA1ASL9-uc_stMV575cVqQqTAqWq73LKImsb33FXNn_shjcnPA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:04 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4174
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P3Mwxc9sRIWksmR-2b05QQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

39ms
38ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P3Mwxc9sRIWksmR-2b05QQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKImq4FivEEXFh3Gs8yegFLyyGdlsyVI1EBEwVVnLejmCpJry_fzHGb-RrhoXGcI8oCUlnK0HY25GgqtvVSCn9A0bUd2l8-5w

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P3Mwxc9sRIWksmR-2b05QQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKImq4FivEEXFh3Gs8yegFLyyGdlsyVI1EBEwVVnLejmCpJry_fzHGb-RrhoXGcI8oCUlnK0HY25GgqtvVSCn9A0bUd2l8-5w
Date: Sat, 24 Apr 2021 00:05:02 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4174
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI_8RZSkxH4QesFimYR6fyU&google_cver=1&google_push=AQvitUKC7e2e_37Y2pZnXQECE_AqebS4IChkXSivLJ_Lm6H4vAlPUr3qDBTODndjrHTWVmxdZFG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05VWkUzRDctMjAtNTEyVQ==&google_push=AQvitUKC7e2e_37Y2pZnXQECE_AqebS4IChkXSivLJ_Lm6H4vAlPUr3qDBTODndjrHTWVmxdZFGtx_ql1jGrUfzKYbOzPLxMiLwI

170 B
188 B

47ms
45ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05VWkUzRDctMjAtNTEyVQ==&google_push=AQvitUKC7e2e_37Y2pZnXQECE_AqebS4IChkXSivLJ_Lm6H4vAlPUr3qDBTODndjrHTWVmxdZFGtx_ql1jGrUfzKYbOzPLxMiLwI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05VWkUzRDctMjAtNTEyVQ==&google_push=AQvitUKC7e2e_37Y2pZnXQECE_AqebS4IChkXSivLJ_Lm6H4vAlPUr3qDBTODndjrHTWVmxdZFGtx_ql1jGrUfzKYbOzPLxMiLwI
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4174
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDYH3YWSkw2vO4MKwIa1ydU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDYH3YWSkw2vO4MKwIa1ydU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YINgsQ6zbbq8d7sbMpDh-wAABJwAAAAB&google_cver=1&google_gid=CAESEDYH3YWSkw2vO4MKwIa1ydU&google_push=AQvitUJcYXnQGYZCjJsJ85DuAnZNn3WbYkoUG...

170 B
188 B

44ms
43ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YINgsQ6zbbq8d7sbMpDh-wAABJwAAAAB&google_cver=1&google_gid=CAESEDYH3YWSkw2vO4MKwIa1ydU&google_push=AQvitUJcYXnQGYZCjJsJ85DuAnZNn3WbYkoUGvR43PWXyemR0qtwcdfWIX6R3kFkPNR9E8yUXWk2mXGuSglTYR-HMUpVBLBN1GL4Zg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 24 Apr 2021 00:05:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YINgsQ6zbbq8d7sbMpDh-wAABJwAAAAB&google_cver=1&google_gid=CAESEDYH3YWSkw2vO4MKwIa1ydU&google_push=AQvitUJcYXnQGYZCjJsJ85DuAnZNn3WbYkoUGvR43PWXyemR0qtwcdfWIX6R3kFkPNR9E8yUXWk2mXGuSglTYR-HMUpVBLBN1GL4Zg
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Sat, 24 Apr 2021 00:05:05 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 4174 43 B
296 B 63ms
19ms Image
image/gif 2a05:d01c:1d8:8102:6251:ed87:4ce3:f14c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEM5vqakuGunVZ_ACbI3B7Ds&google_cver=1&google_push=AQvitUIa8wHLhCbUPQ-wP4I1At4agUTRRNvkKGXCuIrFN4khOKToAcxnGK5oWNysoZmSeDnf9myBUINZrVeYJAY9m5PMsaVpOhLrsA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:6251:ed87:4ce3:f14c London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:04 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4174 0
236 B 104ms
36ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLEH6s6-jVkRyYjEoKq6v1vhH3B5ljlLnVILEJsDGfKQzq8YydODboqh8x1tdzlA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:05 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 30ms
17ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13cda9ce3c9f3b63c63927152914a3ae7d164534ae807b2d6f6555c8ea6f0ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Apr 2021 00:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6951
x-xss-protection: 0

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D88 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9810461040975217&output=html&h=280&slotname=7204792748&adk=81520564&adf=701410834&pi=t.ma~as.7204792748&w=1120&fwrn=4&fwrnh=100&lmt=1619222703&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fputuj-povoljno.rs%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619222703694&bpp=1&bdt=409&idt=486&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1120x280&nras=1&correlator=7402867900829&frm=20&pv=1&ga_vid=713331106.1619222704&ga_sid=1619222704&ga_hid=1337116102&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44741879&oid=3&pvsid=2433035682915633&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cm%7CeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dNQsmBIEPw&p=https%3A//putuj-povoljno.rs&dtd=490

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 03:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 72494
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Sat, 23 Apr 2022 03:56:50 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 00:05:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 24 Apr 2021 00:05:05 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D511 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://putuj-povoljno.rs/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://putuj-povoljno.rs/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 23 Apr 2021 18:26:38 GMT
expires: Sat, 23 Apr 2022 18:26:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20307
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js Show response
pagead2.googlesyndication.com/bg/ Frame D511 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 03:56:50 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 72495
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5687
x-xss-protection: 0
expires: Sat, 23 Apr 2022 03:56:50 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=2433035682915633&bg=!z8ylzIjNAAZUuIlwVLg7ACkAdvg8WmquBu9oQSfHa5fXMTkDp8J5__X-akU3ryuneAkpnDP0FW6lawIAAABVUgAAAAxoAQcKAKPVW4M8ZHri4ZwxSOQP1hslJY4Hze08Ka6bAnYddyF873_8Sjq4LUMvdaxcrUtqOW3gFMDCQuG1odENJCqDtsMCcfTo7VGG8yU8riTOlwdgJHGYqYWHv39q20HUCYX-msIZgK9HBkkCNoFjfy48LzDPzeVmLN_HfxtTiK0155HznaBMXEnxhaJXsOVU19Aa0SPtZsTwM-cpIMv0VtYBATmhZx5RmQIaemvQUHnmieIhXkgQO2k7xbhygrDXy18rX8xJGIV-95owh3ccpj2iNtv5jkC9-VfIRG-HVq5B3vMMRk8U-vgaiEMaX_p2Azcd9soNTf-EAHUYNbkcznYVXoSskeAnp9Zh46kYgXGO5H-vef9HCron6FZfBGlH7lkwNIWdS6W_uWKFGvD0hWG517ZbwLwK_m2jDnRV6XgKK3d9ZBzMmmOgbzeudv9PpW--vnqE_T3EbIMdfZmnQvQ91HctFqMMPrHmZ2tjtIaw3O4n5Z6HwVZC-7pTOv1PZ5y7TROjo78tzelHqk0-XKvhWjTdMtcaM_NJKXG8PoMAYLZSmxUJKXfQ9DItN-tPXCgE-4cJ3wswREzZMrzZ-Rpi-B7WlSCNsJQ6kaLODFXbe7J3Zhu2qrD2gq-uzujq8JZJKQItSU-Kf4nJpW9S-9AeaMMivplBAi139jhzK8Vyp8Z7xBF3D9nSozRLC4RVjVXjAhRvl3q2VlBhJG9LE0Vf7uL_4V86wgFua4FL0Jl10vxYoZAUkVTSn18jKY_hlOExBMsoG68scvC6YR_BACoQMSDDMjEN5jGTMQjh-ywu6i7VMgsS7iPAhUKXuIPCqNHNyNTijCod5dw5YwcEVsAyNE9pBHUfz4zYN2RK9r2R9maZI-1j0u153f8wiMaYnHsf1Q6ollpB2_JWpBAyMPm2BM16yijck6x1k1sEc0kxknn6wA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://putuj-povoljno.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5DFD 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstz13bJLqpKFEKg5dqfcoHMG1OGln-MrVUR8VHGfKbtGquXREVnLRwBhI18u452pbDVibjxHvUUKJOqqnKOHuCJ54nNRpQSPS8cUwVYRYATmXtrBuZQNwib07gKwg&sai=AMfl-YRmWmH1t8JQWyXYaICKkQRXYX9fpfotItKdhxrFD-E05y8sMwI4Ef36I9aDKQFYAMBwmBanjRxgQuAP&sig=Cg0ArKJSzFClzaoPyJPBEAE&id=lidar2&mcvt=1000&p=1010,240,1290,1360&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=0.68&if=1&app=0&itpl=22&adk=3738507136&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619222704163&dlt=530&rpt=101&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Apr 2021 00:05:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.putuj-povoljno.rs/	1970-01-20 11:18:14	Name: _sp_id.116b Value: 780e620e-8a05-438a-9eec-69a196e10152.1619222704.1.1619222704.1619222704.5067c832-15fc-4fc9-b528-bcde77db2633
.putuj-povoljno.rs/	1970-01-19 17:47:04	Name: _hjFirstSeen Value: 1
.putuj-povoljno.rs/	1970-01-19 17:47:04	Name: _sp_ses.116b Value: *
.putuj-povoljno.rs/	1970-01-20 02:32:38	Name: _hjid Value: 3b1c5ed1-84fe-4f59-b7bc-27d4c9b216f8
.doubleclick.net/	1970-01-20 03:08:38	Name: IDE Value: AHWqTUmuGJPKbtMQYktd4cAKA9dTSu2rBSH_uNQiJEjjFOu-5mr6FU_PRTxEORryI9U
.putuj-povoljno.rs/	1970-01-20 03:08:38	Name: __gads Value: ID=36c58d9f590eaa1c-22568d27efc7007e:T=1619222704:RT=1619222704:S=ALNI_MbYBFVMIwNw6w2LH8FjKQziba9S9A
.putuj-povoljno.rs/	1970-01-20 11:18:14	Name: _ga Value: GA1.1.713331106.1619222704
.putuj-povoljno.rs/	1970-01-20 11:18:14	Name: _ga_BPCKPKQQKH Value: GS1.1.1619222703.1.0.1619222703.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://putuj-povoljno.rs/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://putuj-povoljno.rs/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1610804253&ver=1.15.0(Line 7) Message: init popups ✔

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
autocomplete.travelpayouts.com
avsplow.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
putuj-povoljno.rs
script.hotjar.com
ssum-sec.casalemedia.com
st.avsplow.com
static.hotjar.com
suggest.travelpayouts.com
tp.media
tpc.googlesyndication.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.travelpayouts.com
142.250.185.130
143.204.245.19
143.204.245.33
143.204.245.61
172.255.224.36
185.106.81.236
185.119.88.30
185.64.190.78
2.18.234.21
216.58.212.162
2606:4700:20::681a:777
2606:4700:3036::ac43:a62d
2606:4700::6810:125e
2a00:1450:4001:801::2003
2a00:1450:4001:808::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a05:d01c:1d8:8102:6251:ed87:4ce3:f14c
34.98.67.61
52.39.207.175
69.173.144.139
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
028aee8ebdaefb6f7a3a28479b93d9e705585c12ce0b7af0c5f5cb3d9df811fb
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10bb07f0aa89435e3c7aaa6e6f0981fcd3c5d01d88e61a54140d6e975c15f4b6
11134ed2da8b7dccdc0edf0f700d0d088a50bffffbd66fb71559c06615b7e550
121dc58d7fb86276b819f809daee0fa9496c9b956d02a8e2b18cdad33c7aed40
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
13cda9ce3c9f3b63c63927152914a3ae7d164534ae807b2d6f6555c8ea6f0ee6
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
186760d0c61c24ba02aa6f2a7e7215b128648caadc0a30419808461054977942
1a113fae242600f64f19ae3ff97ebe013dad1f4861b032f23f357ba2abbf745f
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d9c9187ef71fd2f8dbe773982f91b41a1b04c47f5b9bca3d9565266ef68a5e6
20afc5b6f2aab5fdf1b0ff3e3c026a174d602c622946588c9d85b1819f151410
21c386def736069d8e68bd6861df8d2aefe52305991fbfc7b9d60d4b6a74d62a
24007e0d23e6b1b423ee787a9990cbfc1f821a36a5b8aa30d66eaab03288c4f2
254d80a49d0c9fced2fd0c272e7b868ca726df8189dc9c5735c56a33e7853dfc
2597337524a833cfb605b63e2a3a9aaf7857b11587b8dba5fb7932a504a19e23
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28add160ac626b83c6f7ce827f0c0cb8bf6f7914b140c0bd242f59d545ba3d77
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
2ca57650e9d1881e382bd324039937317b18e44fd5fadab6d09018d426a2622a
312d088790a9ca18e8acf1c2821470549267bd6e04f2386138b6950c41b89faa
33102e31bbad99c1969aa00d12e6cb01540aad74e5008eede7c5ec395b233263
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3975ecbf343e2318a30903a31db7f3bbd7a067ed31f999cc5891b73f924b5548
3c3873b4b3cc35b18323781fa7884992e5e476fba8da153bb63d55adc572a583
3e8f537145a37e6152c09f43181908275d093e501a2d935dd7922c79b8470f51
417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
451dad3dfc12bb5652e7600fa6ba6a2d49d804d10768758940be9fee8cf04399
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
483784ecdf80ccaffd50869e23e2efdbeed9343b1b4c7dae837667e4984a68a7
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
48d7e14b3bb1bb17740eb5b2a2e4432a1b798c87d34aa404a291d1bf68374e5b
4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27
4d611fabd15dd322bb3f4999c27b1baf9dbe7fa42836a6c0abd1a951a985daef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
511f505c8a87bf962e10cba4b9fc84625683d2030cf2f22019220418bba39d51
575447270674dcaaad6da9cc75a05905ab9a54ec8946dbc0ce2e04800bb9f0f9
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a7cafbeb9b7148d2d87a1ef9b0e72781d55dc570f565bc24dc2c0cf267a9fe1
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e5b8e25541257e9ccea8199657b27ee53af841ce6d58b9baebc547ae48d28f3
601c8d9fff6f9466c64f239d5342367b7822a9ef7fd55a5805c993a30c403a15
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
618cacf7e3c9cf90cb3245f033e6b0cbf5fc41ef5ecb98c136247eb6aa8641c5
61bf1c9874265d3fd43515489918908f275eee49b6f67cf93e41e99c37f816d6
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69e3cc6ecc85577ba972970520d0a4abc0c253ad2b714ac4ed0429025bf959ba
6d0b74f2a3e089cde650f0972d1a568843c275718277a2c167af9011ebf91ff5
6dc7a6896974c4b21c2ae93a1d03a95e439a7cac4b248574e93402a3e9397bc3
72507f00b0d3b3f05bc451ca44338766fc332877a0dd2cb09132cbbef11ff60b
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
74950037c3172459f34d6666e4b5cebb17cf917e3c35ac91e7a88eb574074f93
75109178327c42bfeff31a154786e4f395e9c9cecd2dd4fc5c178025791f8b02
752dfb20c76cd0780e844889283f08ab1ae0fbdcdffe2b34507ed6e2bc88ace9
75fc384c8b2f47fcbdc7291162c2e8a3879a67a82e2b3db3067684ff852206ce
7a129b7e280a11ca308802b054dc7d625a32f49565e0629f0de54febabef9ffa
7b56bacb274e42298759ca65e0ad2902b02e367a0ad84426ef70770433ffa7cd
7fa39a647b8e7dc742a3e71c80f1f68706296d52ec595d2bef1156fc2b2764c6
8039f90cf336209621cb864be863bb8861b68876876cf3e02aea03d9c66ff01f
83e93182297e9d28c29634f1fdb580ec1a4a459d30cebf3581ba65dcc3192e0d
87299cf2d0c4c9d42f9661a934fc3248841bcfc2f3b499e3d84b54ea03421e01
87ab20673a87200f73d3e09d730f66438a3ed8b1fad7a14ed3beb0f39aac8f8c
8c21dc373a5d6d260657189e9da2feaa64e87beccec835c849c0592ee4f38fda
8f90ca8086e3a8827af8a77f407a2a9533d6c507b22c369f8741b6b83133db66
9582bbeb3c9efbc0589d399c6b3d0d4548028a22e221704bf57d5a2fca014711
994f8bcbd38a2e6d0c1e70d57e8f31762adf184a5b0c6776d6d001432a835a66
99fafca94943298b983fa1436ac6e103929bb5b5c632ef0ff92da3b680c6d290
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af0f4e90a7cba0dbe38575666bfedf0e853278155957eb78e63761e33b88a11
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9df45d5a472ccbfbb52a18ce2973331bb1a68d744805dc2d97efe541cc763826
9f3e856e1e142701f9211f03086b2de3586d8dab3d246bbc9b33fb9043ccc056
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d34b0d95e73a7ae965ab9eef15d273c1b4ab22aa7d5648e120a2763434ce84
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a95f7ab1221dc143e4410043b13c4214d15f05258fd27a46be3834cb2dfa43f7
b025fc2c1e1a86d07d3529a5f36efe47182e3b464c424d250991fb1b29f55ab2
be02387fae0d6b0c06e68634a2986e8bb951e9c11ba473784f875464440ac067
c584328b1c7755f6a642bf5040cc170565be42a3fe07439f4f865fa4bb1e830b
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c7a1459135ed5ec332e8307e55efec84366c0303fdab40676544c2ec871824fc
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
d6091cb2703ba8f60c59a9afb06a4986c4bf29ece1bf186e0ec494eceb75e5fe
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da865c29928c334cc5438ea68bf1769a8d9ecaab1ff081e0dbeb6421a8dd6e35
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
e0aedda8af2db62e9855541d5ae2ad12034ca2be80f7305a7492b764396744cb
e27562082fb3f26c611e4eb4b58806013e6d950596b318efae7e066b26e873ee
e345df69bc7e03c6fb150a526675c88e4bed7136aa3b1eb21f68f1a6a4204d23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a52407881d56ce5bbe99e093739af9e5a2a027a7782ccb72d8ddc47181cacb
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e9a8768c59fb97194bf8bc1b3c1045bc46fc5c332a69611a044b2a8f2f0c5ad7
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
edd0c4233ef1eb82856dae30af242fd3379a2b4171d01b87bdc195a55641d43a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef236b75e52442788cbbebf2d5762bcdaced71fdfbb032e2600e312bd9620815
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f338c1e72f91b608a104274fee871904263742cdc40d05362d40beed5985034d
f3ba9fba6711707bfb5ba722d6004cf0c6eb3178bc49b104dff6323a6f994e48
f7961bd096a84051ca81711f2126ee67d28e6f80eb1c1048e9201cdc55cc6417
f8d02e65e1cb25e1d770aeacc9de485cb3617172c164256648eef8b089cb835c
f9081633ab062b964d38569ec653158795a2d428cca15c3fcada4579245f29de
f95aa208f8986ce84303f304fece66f287fe0803b1179e99565f25342d1de873
fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

putuj-povoljno.rs Open in urlscan Pro 185.119.88.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

129 Requests

100 %HTTPS

55 %IPv6

22 Domains

33 Subdomains

26 IPs

5 Countries

1531 kBTransfer

4154 kBSize

8 Cookies

18 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 22 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

putuj-povoljno.rs Open in urlscan Pro
185.119.88.30 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

100 %
HTTPS

55 %
IPv6

22
Domains

33
Subdomains

26
IPs

5
Countries

1531 kB
Transfer

4154 kB
Size

8
Cookies

129 HTTP transactions
22 data transactions