dom-me4ty.ru Open in urlscan Pro
144.76.221.244  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

• https://cdn.connect.mail.ru/js/loader.js HTTP 301
• https://connect.mail.ru/js/loader.js

Request Chain 37

• https://counter.yadro.ru/hit?t14.11;r;s1600*1200*24;uhttps%3A//dom-me4ty.ru/;0.8975812609733809 HTTP 302
• https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//dom-me4ty.ru/;0.8975812609733809

Request Chain 134

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESED7P1SyGTqKplNtW7wxEl_w&google_cver=1&google_push=ATf1kGML3_Ag8vyQlYbQmubxCOw0KdHq7tSSduuJvgVFRl7b27QtNbW2wpPqFdTcDbWaRudDRPqoCX77s9xsIkJRfTfzGKxnrCjPkA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY1Njc3OTI1MjYwOTk0ODg2MA==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED7P1SyGTqKplNtW7wxEl_w&google_cver=1

Request Chain 137

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEG37veuRalEabTinokK8Vc4&google_cver=1&google_push=ATf1kGN6Q1DdsKR_CN5lwMmlTIG8m2wbhjnz8KKEK8kjXCIFzD4GwNXRv0CE53mq0SFBD1IIfEm22-aMUOQcXsxQWgKdcXY5zcgt HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGN6Q1DdsKR_CN5lwMmlTIG8m2wbhjnz8KKEK8kjXCIFzD4GwNXRv0CE53mq0SFBD1IIfEm22-aMUOQcXsxQWgKdcXY5zcgt

Request Chain 139

• https://d.agkn.com/pixel/2175/?google_gid=CAESEK70Pa5lhLhrefCi4be0bDo&google_cver=1&google_push=ATf1kGPq8ypmb6lqqNp_WO4cUk7MFDyb4Z8bGU98M2MB7CD4aNhLRlh-yBA4v0Msy3XsXpJAkUMnuwf_W_PcU4lcNCluNXs77rlHTA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGPq8ypmb6lqqNp_WO4cUk7MFDyb4Z8bGU98M2MB7CD4aNhLRlh-yBA4v0Msy3XsXpJAkUMnuwf_W_PcU4lcNCluNXs77rlHTA&google_hm=Q0FFU0VLNzBQYTVsaExocmVmQ2k0YmUwYkRv

Request Chain 140

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEARJyxUIlYEBz04DqQGrtk8&google_cver=1&google_push=ATf1kGOqvEM4M3jljWBfYft_upHFtFsEkrqkLQr8cFYMKxk4mbuNxYPdcs1tapcaZihW5BssAavnxwY9_mTyK0oTrfYhVfnrrSh30g HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEARJyxUIlYEBz04DqQGrtk8&google_cver=1&google_push=ATf1kGOqvEM4M3jljWBfYft_upHFtFsEkrqkLQr8cFYMKxk4mbuNxYPdcs1tapcaZihW5BssAavnxwY9_mTyK0oTrfYhVfnrrSh30g HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEzMTA0MDg1OTAzMjA3OTk5MA&google_push=ATf1kGOqvEM4M3jljWBfYft_upHFtFsEkrqkLQr8cFYMKxk4mbuNxYPdcs1tapcaZihW5BssAavnxwY9_mTyK0oTrfYhVfnrrSh30g

Request Chain 152

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESED7P1SyGTqKplNtW7wxEl_w&google_cver=1&google_push=ATf1kGNhCxYEHo8TapIQ62xSWz9altKnx7dbOwb4sV6bQ8do7htmmicCX_S12x8S7NyQx0v8Sf08yoy_XhpIbcwN8TD7v78yuk9OK0dRtSsQC50AHeNmP0LMCzl6bZnNSQD9XYmpLvq7PvuKMcExkoZbJq9WS54 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY1Njc3OTI1MjYwOTk0ODg2MA==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED7P1SyGTqKplNtW7wxEl_w&google_cver=1

Request Chain 153

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEMrL7DWxc-cgUEBSou_j5Jk&google_cver=1&google_push=ATf1kGM_RPCsbEtlB6wGwqkp8UpFbAN49Jkm1LDBv4HX6OSl2JueGiFXw9QgNThMsYM5qU1FsSX3Y_FkJfWAe5E9TLfXtGH7FVk6KmAXnx22xTk48xmuFlZAJ6V7WP4Y-0xsHW2VgR1jM0ojeYhPKzHkZAZ5GCE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGM_RPCsbEtlB6wGwqkp8UpFbAN49Jkm1LDBv4HX6OSl2JueGiFXw9QgNThMsYM5qU1FsSX3Y_FkJfWAe5E9TLfXtGH7FVk6KmAXnx22xTk48xmuFlZAJ6V7WP4Y-0xsHW2VgR1jM0ojeYhPKzHkZAZ5GCE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMrL7DWxc-cgUEBSou_j5Jk&google_cver=1&google_push=ATf1kGM_RPCsbEtlB6wGwqkp8UpFbAN49Jkm1LDBv4HX6OSl2JueGiFXw9QgNThMsYM5qU1FsSX3Y_FkJfWAe5E9TLfXtGH7FVk6KmAXnx22xTk48xmuFlZAJ6V7WP4Y-0xsHW2VgR1jM0ojeYhPKzHkZAZ5GCE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGM_RPCsbEtlB6wGwqkp8UpFbAN49Jkm1LDBv4HX6OSl2JueGiFXw9QgNThMsYM5qU1FsSX3Y_FkJfWAe5E9TLfXtGH7FVk6KmAXnx22xTk48xmuFlZAJ6V7WP4Y-0xsHW2VgR1jM0ojeYhPKzHkZAZ5GCE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 155

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEARJyxUIlYEBz04DqQGrtk8&google_cver=1&google_push=ATf1kGPYh0Zlfp9pm_dSPUZk2iECQbc1WSLhpskeZqGIdYHsvgiW5CjOSlcetPPZwV5jD_JqD373kdZNlmydxkj-2u5dtAb3udLLb-UEWWJ1b4FrmG1V0QgwO4oz53Egc76c3akRIeLnbnnXb6aiKa_-XZYGCw8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQxNzk0NTEwOTc1Mjg2NjM1NQ&google_push=ATf1kGPYh0Zlfp9pm_dSPUZk2iECQbc1WSLhpskeZqGIdYHsvgiW5CjOSlcetPPZwV5jD_JqD373kdZNlmydxkj-2u5dtAb3udLLb-UEWWJ1b4FrmG1V0QgwO4oz53Egc76c3akRIeLnbnnXb6aiKa_-XZYGCw8

Request Chain 157

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMZsMhcaFnEjHaH1vn2jHeg&google_cver=1&google_push=ATf1kGNBns6oB4SVmLlX6vz3lqHRimesehQvHCAO6w-lv0bv5qG4YMgJ1DiY6wOKmEvzEKQykyTo9RWOrbR4pQckcy61c-tPQvqxRWu1tPCbZc6FR64H3AXUw6V63YgqDyozWafpEDZE71VoEZq0Rlr6P0bnJFU HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyNTFVMkYtMVctNVZKWQ==&google_push=ATf1kGNBns6oB4SVmLlX6vz3lqHRimesehQvHCAO6w-lv0bv5qG4YMgJ1DiY6wOKmEvzEKQykyTo9RWOrbR4pQckcy61c-tPQvqxRWu1tPCbZc6FR64H3AXUw6V63YgqDyozWafpEDZE71VoEZq0Rlr6P0bnJFU

Request Chain 158

• https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJprHZ9PG4WA9u3ogzXcfvQ&google_cver=1&google_push=ATf1kGPjfqDWlAlUA8xIgqhe4OPi3KEvF-mRRoZv_s8izd3rpIgCTNtCnIT80sJfPJP3DInw8TJCE3kEB-x3lP8UwcLtYJ9AAW_CMYElfRgyhsgG8Nq4u-N1e6EwCj9ioj5vEb-DESh3uvXTTHsFwu_CNoXc0o33 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGPjfqDWlAlUA8xIgqhe4OPi3KEvF-mRRoZv_s8izd3rpIgCTNtCnIT80sJfPJP3DInw8TJCE3kEB-x3lP8UwcLtYJ9AAW_CMYElfRgyhsgG8Nq4u-N1e6EwCj9ioj5vEb-DESh3uvXTTHsFwu_CNoXc0o33&google_hm=wQ-pAoWNRMiNJ7dLS2YUxa4

Request Chain 162

• https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPqxxrtgqB0FvFCZwi2syNY&google_cver=1&google_push=ATf1kGMbWp-LPma-wPzmarwy-YgAABctxuTBe3XTmAS8rVnrFjGMdGNua0ivWVbKBlICPedoYsCzDxPKMeMEA6SUxPT7xZAi2Rae HTTP 302
• https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGMbWp-LPma-wPzmarwy-YgAABctxuTBe3XTmAS8rVnrFjGMdGNua0ivWVbKBlICPedoYsCzDxPKMeMEA6SUxPT7xZAi2Rae&google_hm=URtEJw8vWl6hSIMmTMdReQ

Request Chain 163

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEMrL7DWxc-cgUEBSou_j5Jk&google_cver=1&google_push=ATf1kGPHI_Z_9qSsvwtZCxpMJZ_CKFASfjgqC6WLQ5uizCV15WYY3UgAUy3q19tZWiaGB1i0doAszJmZTS9P0_9UQ4rO3BsRyckhWA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPHI_Z_9qSsvwtZCxpMJZ_CKFASfjgqC6WLQ5uizCV15WYY3UgAUy3q19tZWiaGB1i0doAszJmZTS9P0_9UQ4rO3BsRyckhWA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMrL7DWxc-cgUEBSou_j5Jk&google_cver=1&google_push=ATf1kGPHI_Z_9qSsvwtZCxpMJZ_CKFASfjgqC6WLQ5uizCV15WYY3UgAUy3q19tZWiaGB1i0doAszJmZTS9P0_9UQ4rO3BsRyckhWA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPHI_Z_9qSsvwtZCxpMJZ_CKFASfjgqC6WLQ5uizCV15WYY3UgAUy3q19tZWiaGB1i0doAszJmZTS9P0_9UQ4rO3BsRyckhWA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 164

• https://um.simpli.fi/gp_match?google_gid=CAESEEZC4x4FnywlJTpzo-y8MBQ&google_cver=1&google_push=ATf1kGNF6-LbifGNjAa5e7kiymIACNyIPdjU33YqMYl3iJn7QAucKEGeJpwfdHUND0nELquk8i2UfQmuJsWQJgJ5dVR7fgRLlK0k HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=44E68DECD42E44D0A4287041486D0A66&google_push=ATf1kGNF6-LbifGNjAa5e7kiymIACNyIPdjU33YqMYl3iJn7QAucKEGeJpwfdHUND0nELquk8i2UfQmuJsWQJgJ5dVR7fgRLlK0k

Request Chain 166

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOdaK5tNAe5GUPAaSCSPu3A&google_cver=1&google_push=ATf1kGMqQG5EkRFr5oV21MIFSgCY0No93_gaTPqOJQcceaL1Fxy8SACNMM0EI-k0hlwgwaxIUIZPfN5xJl1vcSor_ESuPRHnqD2Ahg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMqQG5EkRFr5oV21MIFSgCY0No93_gaTPqOJQcceaL1Fxy8SACNMM0EI-k0hlwgwaxIUIZPfN5xJl1vcSor_ESuPRHnqD2Ahg&google_hm=eS1EOHN6Q085RTJwR3J6Z0RMbDlOaExFYzN0bmxrLnhydX5B

Request Chain 168

• https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJprHZ9PG4WA9u3ogzXcfvQ&google_cver=1&google_push=ATf1kGMhm6qMs0l5p3CGEk-ujrY9Rz2riLDKkExY652HfPFTC0PTxj2i9MTULZzbpnh043R5ZZlTSJ4KARJqZZNKb10ICkp21dXotQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGMhm6qMs0l5p3CGEk-ujrY9Rz2riLDKkExY652HfPFTC0PTxj2i9MTULZzbpnh043R5ZZlTSJ4KARJqZZNKb10ICkp21dXotQ&google_hm=91Gw-SbnTYy16piV3xvyYK4

Request Chain 192

• https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPqxxrtgqB0FvFCZwi2syNY&google_cver=1&google_push=ATf1kGMzp7Bg5dXieZIfU0tIUzbQuL_NEKQ8nNLSX5Kk9PraPT6wPfsM-wPYq4Ij0i1TJAYu_D7WJn0eXSlTo-wNhuyD8OCB9RG7NQ HTTP 302
• https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGMzp7Bg5dXieZIfU0tIUzbQuL_NEKQ8nNLSX5Kk9PraPT6wPfsM-wPYq4Ij0i1TJAYu_D7WJn0eXSlTo-wNhuyD8OCB9RG7NQ&google_hm=URtEJw8vWl6hSIMmTMdReQ

Request Chain 194

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBpecqK1jS-ChvS4_FJNEGE&google_cver=1&google_push=ATf1kGOJjZLznEQToWAkSg9IXsnue9I89zAAbIyyUXVCw8d18mnz-_JyaIbhzGPiUtZUXElC_aZwD8jcm7C2j7TNhHNzxrlSKndHqQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBpecqK1jS-ChvS4_FJNEGE&google_push=ATf1kGOJjZLznEQToWAkSg9IXsnue9I89zAAbIyyUXVCw8d18mnz-_JyaIbhzGPiUtZUXElC_aZwD8jcm7C2j7TNhHNzxrlSKndHqQ

Request Chain 195

• https://um.simpli.fi/gp_match?google_gid=CAESEEZC4x4FnywlJTpzo-y8MBQ&google_cver=1&google_push=ATf1kGM8gyEAknWDvWk5DCKPaoJxO52T2PDex0EJdl6fhEKAkWveIWNdOCE-3E1XY3AoKDRuH7aT8A7V7Lk8s7m67MDaGr02aO5c-A HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=44E68DECD42E44D0A4287041486D0A66&google_push=ATf1kGM8gyEAknWDvWk5DCKPaoJxO52T2PDex0EJdl6fhEKAkWveIWNdOCE-3E1XY3AoKDRuH7aT8A7V7Lk8s7m67MDaGr02aO5c-A

Request Chain 196

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOdaK5tNAe5GUPAaSCSPu3A&google_cver=1&google_push=ATf1kGNq-s9RsgjajWFnqEUz_WWMOWtiTaL9ogbIi7LTDIwh0_sySsCMpGhm-v1ALgQM8oXPfWXjPVMR-1su5eRahvr0Xk8Nr4nqvQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNq-s9RsgjajWFnqEUz_WWMOWtiTaL9ogbIi7LTDIwh0_sySsCMpGhm-v1ALgQM8oXPfWXjPVMR-1su5eRahvr0Xk8Nr4nqvQ&google_hm=eS1KcG80X0pwRTJwRzBwZzJ0NnQ5YnFqZXF1S0lMdFEuUH5B

Request Chain 197

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEARJyxUIlYEBz04DqQGrtk8&google_cver=1&google_push=ATf1kGObeepDYZa5kAsr--vm9-v5etOPKVAMk20kbvZNbNzYI67ceMUV01F0D6ZuICWzlv9jdKzRHPyfyhrNGrk-3JsIDm7kbne1BA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQxNzk0NTEwOTc1Mjg2NjM1NQ&google_push=ATf1kGObeepDYZa5kAsr--vm9-v5etOPKVAMk20kbvZNbNzYI67ceMUV01F0D6ZuICWzlv9jdKzRHPyfyhrNGrk-3JsIDm7kbne1BA

Request Chain 202

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

203 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response dom-me4ty.ru/	76 KB 77 KB	308ms 241ms	Document text/html	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / PHP/5.3.3 Resource Hash 68d73a851f74efd2f081e17eec7f810689275675f3d27b63f488f22df388823d Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection keep-alive Content-Type text/html; charset=UTF-8 Date Sat, 29 Apr 2023 15:29:29 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Link <https://dom-me4ty.ru/wp-json/>; rel="https://api.w.org/" <https://dom-me4ty.ru/>; rel=shortlink Pragma no-cache Server nginx/1.17.0 Strict-Transport-Security max-age=31536000; Transfer-Encoding chunked X-Pingback https://dom-me4ty.ru/xmlrpc.php X-Powered-By PHP/5.3.3
GET H/1.1	200 OK	style.css dom-me4ty.ru/wp-content/themes/le-news/	17 KB 17 KB	31ms 12ms	Stylesheet text/css	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dom-me4ty.ru/wp-content/themes/le-news/style.css Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash d9a46fc961590310f5d4ac51f345fb22d76654a3bf321c125d5a4818fbdec378 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Mon, 17 Dec 2012 21:52:03 GMT Server nginx/1.17.0 ETag "50cf9403-4397" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 17303
GET H/1.1	200 OK	user_tree.css dom-me4ty.ru/wp-content/plugins/plant-tree/css/	11 KB 11 KB	34ms 11ms	Stylesheet text/css	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dom-me4ty.ru/wp-content/plugins/plant-tree/css/user_tree.css?ver=4.7.25 Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash ce56f7e7ff89d9b664fb7696d16e292f89babe42bdcba0f5055151a1eb84000c Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Tue, 24 Sep 2013 08:01:31 GMT Server nginx/1.17.0 ETag "524146db-2b8f" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 11151
GET H/1.1	200 OK	front_end_style.css dom-me4ty.ru/wp-content/plugins/captcha/css/	2 KB 2 KB	35ms 12ms	Stylesheet text/css	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dom-me4ty.ru/wp-content/plugins/captcha/css/front_end_style.css?ver=4.2.9 Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash f407bc1f78799a21dfed1d505d615bc415c75ae45a8cfc33d8de7636c423f368 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Thu, 16 Mar 2017 23:02:27 GMT Server nginx/1.17.0 ETag "58cb1983-725" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1829
GET H/1.1	200 OK	dashicons.min.css dom-me4ty.ru/wp-includes/css/	45 KB 46 KB	46ms 22ms	Stylesheet text/css	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dom-me4ty.ru/wp-includes/css/dashicons.min.css?ver=4.7.25 Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash 5c68cf1f0dca577bf260a647a1e73410fae9b838e3da448412df4b142e4fc123 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Thu, 16 Mar 2017 22:14:58 GMT Server nginx/1.17.0 ETag "58cb0e62-b51c" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 46364
GET H/1.1	200 OK	desktop_style.css dom-me4ty.ru/wp-content/plugins/captcha/css/	2 KB 2 KB	39ms 11ms	Stylesheet text/css	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dom-me4ty.ru/wp-content/plugins/captcha/css/desktop_style.css?ver=4.2.9 Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash 7694092db9514c6643c47d692e5ac7bc1c924c3aa712c8ae4504a5cdd6cfb420 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Thu, 16 Mar 2017 23:02:27 GMT Server nginx/1.17.0 ETag "58cb1983-6d3" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1747
GET H/1.1	200 OK	form_style.css dom-me4ty.ru/wp-content/plugins/contact-form-plugin/css/	3 KB 3 KB	40ms 11ms	Stylesheet text/css	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dom-me4ty.ru/wp-content/plugins/contact-form-plugin/css/form_style.css?ver=4.0.5 Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash 1efbbf8bd9ca21544dbe9c54e278d62dca5fb2f862333bfd76ab2b96eed70146 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Thu, 16 Mar 2017 23:02:36 GMT Server nginx/1.17.0 ETag "58cb198c-cca" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 3274
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.4.2/	70 KB 25 KB	121ms 36ms	Script text/javascript	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js?ver=1.4.2 Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 23:03:41 GMT content-encoding gzip x-content-type-options nosniff age 577536 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24715 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Apr 2024 23:03:41 GMT
GET H/1.1	200 OK	jquery-1.7.1.min.js Show response dom-me4ty.ru/wp-content/plugins/plant-tree/js/	92 KB 92 KB	53ms 22ms	Script application/javascript	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dom-me4ty.ru/wp-content/plugins/plant-tree/js/jquery-1.7.1.min.js?ver=4.7.25 Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash ceee8189d2dc7c94550eb1db09abdb3a494e20be61ec7fe94d3775b5ce607cd4 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Tue, 24 Sep 2013 08:01:36 GMT Server nginx/1.17.0 ETag "524146e0-16ec2" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 93890
GET H/1.1	200 OK	tree_scripts.js Show response dom-me4ty.ru/wp-content/plugins/plant-tree/js/	72 KB 73 KB	55ms 22ms	Script application/javascript	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dom-me4ty.ru/wp-content/plugins/plant-tree/js/tree_scripts.js?ver=4.7.25 Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash b96c8acebde15401ed02ba5a3223301e0f4d6441272ce7b0d094260fd91e3e45 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Tue, 24 Sep 2013 08:01:36 GMT Server nginx/1.17.0 ETag "524146e0-121ff" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 74239
GET H/1.1	200 OK	user_tree_script.js Show response dom-me4ty.ru/wp-content/plugins/plant-tree/js/	5 KB 5 KB	48ms 11ms	Script application/javascript	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dom-me4ty.ru/wp-content/plugins/plant-tree/js/user_tree_script.js?ver=4.7.25 Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash 0a5bbd949e0ebc21c9a5a5dbb9fc4d25d438289064746536e4a9d3648668fae0 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Tue, 24 Sep 2013 08:01:36 GMT Server nginx/1.17.0 ETag "524146e0-1209" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 4617
GET H/1.1	200 OK	blue.css dom-me4ty.ru/wp-content/themes/le-news/includes/styles/	2 KB 3 KB	37ms 11ms	Stylesheet text/css	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dom-me4ty.ru/wp-content/themes/le-news/includes/styles/blue.css Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash f7df44b4559e1980284074b75e0df53130e139c6339720be3bf530ee8178202e Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Thu, 27 Sep 2012 19:17:56 GMT Server nginx/1.17.0 ETag "5064a664-9a2" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 2466
GET H/1.1	403 Forbidden	cookieconsent.latest.min.js s3.amazonaws.com/cc.silktide.com/	0 0	331ms 115ms	Script application/xml	52.216.90.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/cc.silktide.com/cookieconsent.latest.min.js Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.90.22 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H/1.1	200 OK	logo.jpg dom-me4ty.ru/wp-content/themes/le-news/images/	43 KB 43 KB	13ms 11ms	Image image/jpeg	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dom-me4ty.ru/wp-content/themes/le-news/images/logo.jpg Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash cb60449bc9ddb9444296a764afb0d5ad1df5bbc73e495af916cc4968e7792788 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Wed, 19 Dec 2012 11:26:30 GMT Server nginx/1.17.0 ETag "50d1a466-ac8c" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 44172
GET H/1.1	200 OK	dm.jpg www.domechti.ru/	31 KB 31 KB	435ms 22ms	Image image/jpeg	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.domechti.ru/dm.jpg Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash 842174e794ec97a9311dc1b7fab234622243f03788bb5c4b172b6cd68d205020 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Mon, 17 Dec 2012 21:41:16 GMT Server nginx/1.17.0 ETag "50cf917c-7a14" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 31252
GET H2	200	show_ads.js Show response pagead2.googlesyndication.com/pagead/	91 KB 32 KB	181ms 91ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_ads.js Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 79b037df03918b005fdf5d42cb8020192433a7a1a2d9b1210074438db0d736e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32251 x-xss-protection 0 server cafe etag 2417456600406528537 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sat, 29 Apr 2023 15:29:17 GMT
GET H/1.1	200 OK	loader.js Show response connect.mail.ru/js/ Redirect Chain https://cdn.connect.mail.ru/js/loader.js https://connect.mail.ru/js/loader.js	8 KB 3 KB	208ms 48ms	Script application/javascript	94.100.180.54 VK-AS
General Check archive.org Show headers Download Go to Full URL https://connect.mail.ru/js/loader.js Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Server 94.100.180.54 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS connect.mail.ru Software nginx / Resource Hash e6281f02c0046bbc01a017159bbd47839dd7f7e0e9f6857d14cbbc6646e88bd2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:18 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 18 Apr 2023 05:54:18 GMT Server nginx etag W/"643e308a-212c" x-webkit-csp-report-only default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript: Transfer-Encoding chunked x-frame-options DENY Content-Type application/javascript p3p policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA" cache-control no-cache, no-store, must-revalidate, private x-envoy-upstream-service-time 1 Connection keep-alive x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Redirect headers location https://connect.mail.ru/js/loader.js date Sat, 29 Apr 2023 15:29:17 GMT x-content-type-options nosniff server nginx content-length 162 content-type text/html
GET H/1.1	200 OK	3.jpg dom-me4ty.ru/wp-content/plugins/plant-tree/images/widget/	13 KB 14 KB	25ms 23ms	Image image/jpeg	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dom-me4ty.ru/wp-content/plugins/plant-tree/images/widget/3.jpg Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash f6f8df358a5863eaca5c89a2014ecf3eb332abd5efd5c486bf3f507c4ae3fd1a Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Mon, 18 Mar 2013 10:43:15 GMT Server nginx/1.17.0 ETag "5146efc3-3508" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 13576
GET H/1.1	200 OK	11.jpg dom-me4ty.ru/wp-content/plugins/plant-tree/images/widget/	14 KB 14 KB	25ms 24ms	Image image/jpeg	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dom-me4ty.ru/wp-content/plugins/plant-tree/images/widget/11.jpg Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash a7b933bbdce68a3e18bbee9a2f40f86bdb967c2e048afcb53e7e260a11fb240a Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Mon, 18 Mar 2013 10:43:14 GMT Server nginx/1.17.0 ETag "5146efc2-3662" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 13922
GET H/1.1	200 OK	13.jpg dom-me4ty.ru/wp-content/plugins/plant-tree/images/widget/	14 KB 14 KB	13ms 12ms	Image image/jpeg	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dom-me4ty.ru/wp-content/plugins/plant-tree/images/widget/13.jpg Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash afa6ee406d0ad5a660752b6e4f4f4345a242ebe3847db41f9e63103e4d19cf5e Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Mon, 18 Mar 2013 10:43:14 GMT Server nginx/1.17.0 ETag "5146efc2-3650" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 13904
GET H/1.1	200 OK	14.jpg dom-me4ty.ru/wp-content/plugins/plant-tree/images/widget/	14 KB 14 KB	25ms 24ms	Image image/jpeg	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dom-me4ty.ru/wp-content/plugins/plant-tree/images/widget/14.jpg Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash 8dffbdd559076cbfc2785532c4408ec73579344cb67ea98834ecb32f6da9a210 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Mon, 18 Mar 2013 10:43:14 GMT Server nginx/1.17.0 ETag "5146efc2-36f2" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 14066
GET H/1.1	200 OK	88x31_wm_blue_on_transparent_ru.png www.webmoney.ru/img/icons/	2 KB 2 KB	125ms 23ms	Image image/png	217.182.78.61 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://www.webmoney.ru/img/icons/88x31_wm_blue_on_transparent_ru.png Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 217.182.78.61 , France, ASN16276 (OVH, FR), Reverse DNS 61.ip-217-182-78.eu Software nginx / Resource Hash 838de34d50aa33294849823661889db8c80194d64210f579906d16977d57e995 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:17 GMT Last-Modified Mon, 14 Nov 2022 15:12:59 GMT Server nginx ETag "63725afb-6fd" X-Frame-Options SAMEORIGIN Content-Type image/png Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 1789 Expires Sun, 30 Apr 2023 08:50:55 GMT
GET H/1.1	200 OK	wp-embed.min.js Show response dom-me4ty.ru/wp-includes/js/	1 KB 2 KB	12ms 11ms	Script application/javascript	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dom-me4ty.ru/wp-includes/js/wp-embed.min.js?ver=4.7.25 Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash 57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Thu, 15 Apr 2021 07:13:35 GMT Server nginx/1.17.0 ETag "6077e79f-56a" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1386
GET H2	200	all.js Show response connect.facebook.net/ru_RU/	3 KB 2 KB	25ms 7ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/ru_RU/all.js Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c8387306208cf8b6ddd0eb1107e6a7577868ad278495d9decba95224e3c46f76 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 29 Apr 2023 15:29:17 GMT content-md5 HyXV+Rach+rGINzH7xi+4Q== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1686 x-fb-rlafr 0 x-fb-debug SsZjrBl9IteMMbKnoGWQiZI4/n8yHioVQN4UFQBF9DfN+gAuGN9dmm9m28/KmxPWxrr8xEdTEsDmFdm8ktKxTQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1679558926 x-fb-content-md5 c5ca41f47c7031a170108a03e18631ba cross-origin-opener-policy same-origin-allow-popups etag "75c6696f87e165f6385cb6832f6ebfc5" vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 x-frame-options DENY timing-allow-origin * expires Sat, 29 Apr 2023 15:38:03 GMT
GET H/1.1	200 OK	bg.png dom-me4ty.ru/wp-content/themes/le-news/includes/styles/blue/	1 KB 1 KB	11ms 11ms	Image image/png	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dom-me4ty.ru/wp-content/themes/le-news/includes/styles/blue/bg.png Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/wp-content/themes/le-news/includes/styles/blue.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash 3b52fe2cf0583f5b2e4eee1aea7262e8e1c3d96fad011df6399846c10fe13e44 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/wp-content/themes/le-news/includes/styles/blue.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Thu, 27 Sep 2012 19:17:57 GMT Server nginx/1.17.0 ETag "5064a665-4df" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1247
GET H/1.1	200 OK	bg-nav-tabs.png dom-me4ty.ru/wp-content/themes/le-news/includes/styles/blue/	957 B 1 KB	12ms 12ms	Image image/png	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dom-me4ty.ru/wp-content/themes/le-news/includes/styles/blue/bg-nav-tabs.png Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/wp-content/themes/le-news/includes/styles/blue.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash a0ff2ff72b25aebcc11afec3afcfb1003acdd81c829c70d86307053ebf604cea Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/wp-content/themes/le-news/includes/styles/blue.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Thu, 27 Sep 2012 19:17:57 GMT Server nginx/1.17.0 ETag "5064a665-3bd" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 957
GET H/1.1	200 OK	h2_bg.png dom-me4ty.ru/wp-content/themes/le-news/includes/styles/blue/	3 KB 3 KB	13ms 11ms	Image image/png	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dom-me4ty.ru/wp-content/themes/le-news/includes/styles/blue/h2_bg.png Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/wp-content/themes/le-news/includes/styles/blue.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash d9f037c675c1dce8b6de674eae33bd994a80ef3266915c318d6d06bccf8fa3ea Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/wp-content/themes/le-news/includes/styles/blue.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Thu, 27 Sep 2012 19:17:57 GMT Server nginx/1.17.0 ETag "5064a665-a6a" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 2666
GET H/1.1	200 OK	toptab.jpg dom-me4ty.ru/wp-content/plugins/plant-tree/images/	16 KB 16 KB	24ms 23ms	Image image/jpeg	144.76.221.244 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dom-me4ty.ru/wp-content/plugins/plant-tree/images/toptab.jpg Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/wp-content/plugins/plant-tree/css/user_tree.css?ver=4.7.25 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.221.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS uspehinfo.ru Software nginx/1.17.0 / Resource Hash d57f68c9c02dc6ced8723a9f2053608ba70afccad82fd95a574d9d9d48470513 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/wp-content/plugins/plant-tree/css/user_tree.css?ver=4.7.25 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:29 GMT Strict-Transport-Security max-age=31536000; Last-Modified Mon, 18 Mar 2013 10:43:02 GMT Server nginx/1.17.0 ETag "5146efb6-4060" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 16480
GET H3	200	all.js Show response connect.facebook.net/ru_RU/	309 KB 87 KB	26ms 9ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/ru_RU/all.js?hash=bfc34c81c174d73493c54e5cdef65a42 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/ru_RU/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c2fea4116fcb3b31d42b41793a3ca7cbe241d1113f5b8c3451a858e415bbc28c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://dom-me4ty.ru/ Origin https://dom-me4ty.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 29 Apr 2023 15:29:17 GMT content-md5 A92HDJ1wCVOqr6WUu4dShw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 88738 x-fb-rlafr 0 x-fb-debug hZzaD8VfDzKxAANd0goH23sC1Tp3elsFpdFLOmToVVNXNY9FEb84Ff9RqVMfF/m5Wwq8THzEgWJgM7QMglgOug== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 b50ba396942435cfad307d914f10a48a cross-origin-opener-policy same-origin-allow-popups etag "bdef4a35000900e993eec82b9c4055d2" vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable x-frame-options DENY timing-allow-origin * priority u=3,i expires Sun, 28 Apr 2024 12:25:11 GMT
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/	354 KB 119 KB	109ms 108ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4e55620bd5eb3d5515f9067c08c9f4bee17c27b7a7ffedabe340790279dc40a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 121981 x-xss-protection 0 server cafe etag 11204098790576015980 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 29 Apr 2023 15:29:17 GMT
GET H2	200	status www.facebook.com/x/oauth/	0 0	52ms 37ms	Fetch text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/x/oauth/status?client_id=391481457590307&input_token&origin=1&redirect_uri=https%3A%2F%2Fdom-me4ty.ru%2F&sdk=joey&wants_cookie_data=false Requested by Host: connect.facebook.net URL: https://connect.facebook.net/ru_RU/all.js?hash=bfc34c81c174d73493c54e5cdef65a42 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=15552000; preload date Sat, 29 Apr 2023 15:29:17 GMT x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 x-fb-rlafr 0 pragma no-cache x-fb-debug T/MC+qk807bBoJ8BavefcsZMXCH844YNkQpJJQEFWdt0JbQav8R/PZ19av7WB8iwDFxXlfgaRn1OFpRTazmh7Q== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" fb-s unknown report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type text/plain; charset=UTF-8 access-control-allow-origin https://dom-me4ty.ru origin-agent-cluster ?0 access-control-expose-headers fb-s cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	391 B 605 B	150ms 43ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=dom-me4ty.ru&callback=_gfp_s_&client=ca-pub-1495272264946693 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 68d3e875d7e53989d5ecd6dac6635f2f8551f1eec6531cd059154b0f7bf9cdf5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:17 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 253 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 531 B	140ms 44ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=dom-me4ty.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:17 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	131ms 46ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=dom-me4ty.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:17 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame D160	88 KB 32 KB	675ms 595ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1495272264946693&output=html&h=250&slotname=2243347748&adk=3396658608&adf=1455609843&pi=t.ma~as.2243347748&w=300&lmt=1682782157&url=https%3A%2F%2Fdom-me4ty.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682782157595&bpp=24&bdt=421&idt=238&shv=r20230426&mjsv=m202304250101&ptt=5&saldr=sa&abxe=1&correlator=3605199202256&frm=20&pv=2&ga_vid=1579603687.1682782158&ga_sid=1682782158&ga_hid=938112182&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=945&ady=157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1151737479327201&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nuViHdWw0g&p=https%3A//dom-me4ty.ru&dtd=257 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash db8ce99f70805fa9b0d9d28481e622baf70abd967f6234ec18404cae7748834d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dom-me4ty.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 32598 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 29 Apr 2023 15:29:18 GMT expires Sat, 29 Apr 2023 15:29:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	api_min.js Show response my2.imgsmail.ru/mail/ru/images/js/connect/api/	49 KB 15 KB	299ms 96ms	Script application/javascript	185.5.137.202 VK-AS
General Check archive.org Show headers Download Go to Full URL https://my2.imgsmail.ru/mail/ru/images/js/connect/api/api_min.js?16 Requested by Host: cdn.connect.mail.ru URL: https://cdn.connect.mail.ru/js/loader.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.5.137.202 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS mystatic2.i.mail.ru Software nginx / Resource Hash a104e58adddcc5086b3c84a058272e62965737fa798e3020b3db0c07e31ef6ec Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:18 GMT Content-Encoding gzip Last-Modified Tue, 18 Apr 2023 05:51:07 GMT Server nginx ETag W/"643e2fcb-c533" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin https://my.mail.ru Cache-Control max-age=315360000 Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	grstat my.mail.ru/	43 B 609 B	252ms 54ms	Image image/gif	94.100.180.38 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://my.mail.ru/grstat?name=my.api.browsers.total:my.api.browsers.chrome.112&r=0.6490965359642189 Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.100.180.38 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS my.mail.ru Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:18 GMT X-Content-Type-Options nosniff Server nginx X-WebKit-CSP-Report-Only default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript: X-Frame-Options DENY Content-Type image/gif P3P policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA" Cache-Control no-cache, no-store, must-revalidate, private Connection keep-alive Content-Length 43 X-XSS-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H2	200	likebox.php Show response www.facebook.com/plugins/ Frame 68E7	48 KB 16 KB	87ms 86ms	Document text/html	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25BE%25D0%25BC-%25D0%259C%25D0%25B5%25D1%2587%25D1%2582%25D1%258B%2F537753859574998&width=300&height=258&colorscheme=light&show_faces=true&border_color=%23ffffff&stream=false&header=false&appId=393578777370513 Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d67a360fabec574e170d1d2a4a426ca39e05a7a099b97f2a07f6fa9aeafedd54 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dom-me4ty.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Sat, 29 Apr 2023 15:29:18 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT origin-agent-cluster ?0 pragma no-cache report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug tpmn9GhyAHbWN0WrlHlw2aGAYaqKUurnPVZLEokyy+8uGDmV+2snA3rBTnlDSud0usCGeYtlNZs+4IzddXQY3w== x-fb-rlafr 0 x-xss-protection 0
GET H/1.1	200 OK	hit counter.yadro.ru/ Redirect Chain https://counter.yadro.ru/hit?t14.11;r;s1600*1200*24;uhttps%3A//dom-me4ty.ru/;0.8975812609733809 https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//dom-me4ty.ru/;0.8975812609733809	177 B 663 B	44ms 44ms	Image image/gif	88.212.201.198 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//dom-me4ty.ru/;0.8975812609733809 Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol HTTP/1.1 Server 88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host198.rax.ru Software nginx/1.17.9 / Resource Hash 30b1da9352116edc2eebad11c29a4f5596f6da0efecf74a3b61b56cfc585f3a8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Pragma no-cache Date Sat, 29 Apr 2023 15:29:18 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type image/gif P3P policyref="/w3c/p3p.xml", CP="UNI" Access-Control-Allow-Origin * Cache-control no-cache Connection keep-alive Content-Length 177 Expires Thu, 28 Apr 2022 21:00:00 GMT Redirect headers Pragma no-cache Date Sat, 29 Apr 2023 15:29:18 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type text/html Location https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//dom-me4ty.ru/;0.8975812609733809 P3P policyref="/w3c/p3p.xml", CP="UNI" Cache-control no-cache Connection keep-alive Content-Length 32 Expires Thu, 28 Apr 2022 21:00:00 GMT
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	130ms 38ms	Script text/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 29 Apr 2023 15:09:31 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 1187 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17168 expires Sat, 29 Apr 2023 17:09:31 GMT
GET H2	200	2jIL87R8lQo.css static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/ Frame 68E7	21 KB 6 KB	28ms 8ms	Stylesheet text/css	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/2jIL87R8lQo.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25BE%25D0%25BC-%25D0%259C%25D0%25B5%25D1%2587%25D1%2582%25D1%258B%2F537753859574998&width=300&height=258&colorscheme=light&show_faces=true&border_color=%23ffffff&stream=false&header=false&appId=393578777370513 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6fa640f3aaa8b9b0138277f64bb0dda71c66f2952fb043c788bed9283bfa306f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:18 GMT content-encoding br x-content-type-options nosniff content-md5 YnVtWuHMglHG9EuaPCP9lA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5283 x-fb-rlafr 0 x-fb-debug 9TBv/e+8L5WEEZDBlbLYZ5deYhBFYzBJVy5h18748b7pqOLeOvO8UDld1x7kxrZ8aUjpelh9zN+ZZdtM8+jnqQ== x-fb-trip-id 1679558926 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sat, 27 Apr 2024 16:25:07 GMT
GET H2	200	k9frVvgZWTr.css static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 68E7	2 KB 1 KB	28ms 8ms	Stylesheet text/css	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25BE%25D0%25BC-%25D0%259C%25D0%25B5%25D1%2587%25D1%2582%25D1%258B%2F537753859574998&width=300&height=258&colorscheme=light&show_faces=true&border_color=%23ffffff&stream=false&header=false&appId=393578777370513 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:18 GMT content-encoding br x-content-type-options nosniff content-md5 q6bCky1+00PrRbx3auADnQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 833 x-fb-rlafr 0 x-fb-debug yR41YqWUOjGl7RV6dXtyx0EOEojyT/oii9EJubOMxpb0ouBDAnJaT6S/aTXlG/3VHIpEXOdHLLfrIUU+rwU/lw== x-fb-trip-id 1679558926 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable timing-allow-origin * expires Thu, 25 Apr 2024 20:38:00 GMT
GET H2	200	BWAw9Os-g2M.js Show response static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 68E7	305 KB 80 KB	30ms 10ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25BE%25D0%25BC-%25D0%259C%25D0%25B5%25D1%2587%25D1%2582%25D1%258B%2F537753859574998&width=300&height=258&colorscheme=light&show_faces=true&border_color=%23ffffff&stream=false&header=false&appId=393578777370513 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 992c5e398f3092e2be5c546c589c4c5d91c20490e78d2f215f76fe2fc48ef592 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:18 GMT content-encoding br x-content-type-options nosniff content-md5 qLXsFV/3MWcOco6vl8TBow== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 81761 x-fb-rlafr 0 x-fb-debug h7l3cY/rVk5Ofh6Z4KPvZ4mOIz0ydxTMqomvUAZjHtDwm1q5UMXhwbaefj/fpc1DsCcCcgKfmSehgoIsiI7tLw== x-fb-trip-id 1679558926 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable timing-allow-origin * expires Tue, 23 Apr 2024 18:25:26 GMT
GET H2	200	r4a3QRhOoun.js Show response static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 68E7	5 KB 2 KB	48ms 28ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/r4a3QRhOoun.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25BE%25D0%25BC-%25D0%259C%25D0%25B5%25D1%2587%25D1%2582%25D1%258B%2F537753859574998&width=300&height=258&colorscheme=light&show_faces=true&border_color=%23ffffff&stream=false&header=false&appId=393578777370513 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e9e69e15d6ef8ea1c7a0590b19efa29323f4ba40f3af0bcfc665f1c35ca50c8d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:18 GMT content-encoding br x-content-type-options nosniff content-md5 7Z5vEhjBpZ5QNJQY63PI5A== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1755 x-fb-rlafr 0 x-fb-debug QUoUtzR27/6R60P9oPqfrHOtfakq9TrEy6tcWHn0suJGJDOSeso0v9j3QY2WiKUZ+e1Smd9jPTVSoiq7jDjGKA== x-fb-trip-id 1679558926 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable timing-allow-origin * expires Tue, 16 Apr 2024 19:01:17 GMT
GET H2	200	RQfORQ1J0bX.js Show response static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 68E7	57 KB 18 KB	48ms 29ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/RQfORQ1J0bX.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25BE%25D0%25BC-%25D0%259C%25D0%25B5%25D1%2587%25D1%2582%25D1%258B%2F537753859574998&width=300&height=258&colorscheme=light&show_faces=true&border_color=%23ffffff&stream=false&header=false&appId=393578777370513 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6cfbd2099728d1c7d9bcad2e546ac0c9f98fb133209cd064d968eaab7d66c0dd Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:18 GMT content-encoding br x-content-type-options nosniff content-md5 /p690gXlQ1beFu4KEOcmEA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 17967 x-fb-rlafr 0 x-fb-debug ANOks7QjeXoxzxN/txIBMYZcFaL27+iEyh0vkWfHGcAX1rAMCXQGwvznN2IOXg9rz7r8yZR504DZFzIiA89COA== x-fb-trip-id 1679558926 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sat, 27 Apr 2024 20:41:22 GMT
GET H2	200	q55PMpzZgkW.js Show response static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 68E7	55 KB 17 KB	48ms 29ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/q55PMpzZgkW.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25BE%25D0%25BC-%25D0%259C%25D0%25B5%25D1%2587%25D1%2582%25D1%258B%2F537753859574998&width=300&height=258&colorscheme=light&show_faces=true&border_color=%23ffffff&stream=false&header=false&appId=393578777370513 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f7cf499374cfb2383a6986a2195b4167801dc98421d3fecfb4a86fdd08734a2e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:18 GMT content-encoding br x-content-type-options nosniff content-md5 4bPG9qP7lYdgXiSXb3qODg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 17489 x-fb-rlafr 0 x-fb-debug cqoyhLTJsnxjQntQCu6qUxgDjpLcP6EGCDQ1bFEYQMFfB4qvYWv2MSC7IxYBRSsmbyJ6m560WrAmbIYL6KtnSQ== x-fb-trip-id 1679558926 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable timing-allow-origin * expires Thu, 18 Apr 2024 00:33:16 GMT
GET H2	200	LjXa-m7E06v.js Show response static.xx.fbcdn.net/rsrc.php/v3iAxA4/yC/l/de_DE/ Frame 68E7	74 KB 22 KB	48ms 29ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yC/l/de_DE/LjXa-m7E06v.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25BE%25D0%25BC-%25D0%259C%25D0%25B5%25D1%2587%25D1%2582%25D1%258B%2F537753859574998&width=300&height=258&colorscheme=light&show_faces=true&border_color=%23ffffff&stream=false&header=false&appId=393578777370513 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d52570ea835e8f939f9ec41c32cea454373c14b98f8305fb8ef22b5381854f3f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:18 GMT content-encoding br x-content-type-options nosniff content-md5 zoWBYzqZBHGp1E1fwezTEQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 22189 x-fb-rlafr 0 x-fb-debug siYHege7IqoLsU5CAk3NLCLTltg6huegVpMLnBhCdlTb6cVErYd4uebi307phlrNXdnbvc+Z/U3vPiszv2WEZg== x-fb-trip-id 1679558926 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable timing-allow-origin * expires Sat, 27 Apr 2024 16:29:06 GMT
GET H2	200	p55HfXW__mM.js Show response static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 68E7	507 B 487 B	48ms 29ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25BE%25D0%25BC-%25D0%259C%25D0%25B5%25D1%2587%25D1%2582%25D1%258B%2F537753859574998&width=300&height=258&colorscheme=light&show_faces=true&border_color=%23ffffff&stream=false&header=false&appId=393578777370513 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:18 GMT content-encoding br x-content-type-options nosniff content-md5 L5E9gSgR735vyjAzTFly4g== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 293 x-fb-rlafr 0 x-fb-debug IyGmtne6nKTFjJkyhJrSIqUo1JcRcVVTbZEWouwKyyFynluu3ACxB04xGHj7AB11OSdVRkqeykfIOkR0TA+t2A== x-fb-trip-id 1679558926 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com origin-agent-cluster ?0 cache-control public,max-age=31536000,immutable timing-allow-origin * expires Wed, 24 Apr 2024 04:02:18 GMT
GET H2	200	300004431_171480725439479_5796759568764736437_n.jpg scontent-fra3-1.xx.fbcdn.net/v/t39.30808-6/ Frame 68E7	13 KB 13 KB	35ms 7ms	Image image/jpeg	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://scontent-fra3-1.xx.fbcdn.net/v/t39.30808-6/300004431_171480725439479_5796759568764736437_n.jpg?stp=dst-jpg_p75x225&_nc_cat=101&ccb=1-7&_nc_sid=dd9801&_nc_ohc=7uV4unPPzDUAX-AKREe&_nc_ht=scontent-fra3-1.xx&edm=AEDRbFQEAAAA&oh=00_AfAl2mFe_1fac08cAAzpyW6bfDY8_j3o-DkMWvhGYunl4Q&oe=6452CEDD Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25BE%25D0%25BC-%25D0%259C%25D0%25B5%25D1%2587%25D1%2582%25D1%258B%2F537753859574998&width=300&height=258&colorscheme=light&show_faces=true&border_color=%23ffffff&stream=false&header=false&appId=393578777370513 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 273abfd17cfa4de4307feb4bfc5ca99433fb3da4b3ea5277cd35bd92b444d1b3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:18 GMT x-fb-trip-id 1679558926 x-storage-error-category dfs:none;sc_p:200:WSE_NOT_SET last-modified Fri, 26 Aug 2022 03:14:34 GMT content-type image/jpeg access-control-allow-origin * content-digest adler32=1725741532 cache-control max-age=1209600, no-transform cross-origin-resource-policy cross-origin x-needle-checksum 4149964622 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=86400 content-length 13353
GET H2	200	299875645_171480728772812_420709770928574174_n.jpg scontent-fra3-1.xx.fbcdn.net/v/t39.30808-1/ Frame 68E7	2 KB 2 KB	37ms 12ms	Image image/jpeg	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://scontent-fra3-1.xx.fbcdn.net/v/t39.30808-1/299875645_171480728772812_420709770928574174_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=j8O4G-65gUwAX9XTJ2d&_nc_ht=scontent-fra3-1.xx&edm=AEDRbFQEAAAA&oh=00_AfD3EO-sy-3iHyKIfl4JDxVlOtiChfbivq2ZEkJKBCmXJQ&oe=6452278D Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%2594%25D0%25BE%25D0%25BC-%25D0%259C%25D0%25B5%25D1%2587%25D1%2582%25D1%258B%2F537753859574998&width=300&height=258&colorscheme=light&show_faces=true&border_color=%23ffffff&stream=false&header=false&appId=393578777370513 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b4685a59cecdb06fc463d3969460f2eb30554cf3338126d8c5227e5b2b86de4c Request headers accept-language de-DE,de;q=0.9 Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-haystack-needlechecksum 1888601670 date Sat, 29 Apr 2023 15:29:18 GMT x-fb-trip-id 1679558926 x-storage-error-category dfs:none;hs_p:200:HS_ESUCCESS last-modified Fri, 26 Aug 2022 03:14:34 GMT content-type image/jpeg access-control-allow-origin * content-digest adler32=715505208 cache-control max-age=1209600, no-transform cross-origin-resource-policy cross-origin x-needle-checksum 3881633421 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=86400 content-length 1931
GET H2	200	__utm.gif ssl.google-analytics.com/r/	35 B 197 B	45ms 45ms	Image image/gif	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=77499288&utmhn=dom-me4ty.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%7C%20%D0%94%D0%BE%D0%BC%20%D0%9C%D0%B5%D1%87%D1%82%D1%8B&utmhid=938112182&utmr=-&utmp=%2F&utmht=1682782158227&utmac=UA-29484964-17&utmcc=__utma%3D102311316.1579603687.1682782158.1682782158.1682782158.1%3B%2B__utmz%3D102311316.1682782158.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1847606053&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	UXtr_j2Fwe-.png static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 68E7	573 B 628 B	16ms 7ms	Image image/png	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/2jIL87R8lQo.css?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/2jIL87R8lQo.css?_nc_x=Ij3Wp8lg5Kz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:18 GMT x-content-type-options nosniff content-md5 07aG/2AEtDHVAZ5LUajMDQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 573 x-fb-rlafr 0 x-fb-debug X4NAYYsfHi9rROQHEX4qMdg4n8CBzXIyOmNYaFT1wCtdUxEcZ4bz7E7egjUx1+3lgmJbANoLaMmndanNCoFrHg== last-modified Mon, 01 Jan 2001 08:00:00 GMT content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Thu, 18 Apr 2024 03:19:53 GMT
GET H3	200	3BeWvtxhfdY.js Show response static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 68E7	26 KB 9 KB	9ms 9ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/3BeWvtxhfdY.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e08501b2902307464eb51e72034bc05d8fbb2a518eda8101b6b3c4f9a6752f1f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:18 GMT content-encoding br x-content-type-options nosniff content-md5 fEmVMSpCvymfj1vskrYy3A== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 8705 x-fb-rlafr 0 x-fb-debug IY6pJ9vZBnrS11CFFm5gS1VSr3qs6vqtz3WE2FZKMc/Q1J6ixsl1Dh6TyomRa8wEDaY2K1jOvQ/7jAFZH0gtzQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=1 expires Sat, 27 Apr 2024 16:23:40 GMT
GET H3	200	BW7a5tS7MH9.js Show response static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame 68E7	10 KB 3 KB	10ms 9ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/BW7a5tS7MH9.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: static.xx.fbcdn.net URL: https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/BWAw9Os-g2M.js?_nc_x=Ij3Wp8lg5Kz Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b4e8897f617acf8c561309a5d51674bc1cbef024b66acf21ceb35ddf76a0c16b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.facebook.com/ Origin https://www.facebook.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:18 GMT content-encoding br x-content-type-options nosniff content-md5 35ezpiND1KsgnE8MWEcrlA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3500 x-fb-rlafr 0 x-fb-debug SShzmDCTVaB3MJZg26ZNY/Zjv9CCsyMW8wGLuVVRkRjRXdQbs/msbRATuhTfbxqLEmg7j4DkeI4KWUltkEy4UA== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=1 expires Thu, 25 Apr 2024 15:47:54 GMT
GET H/1.1	200 OK	share_button Show response connect.mail.ru/ Frame E182	3 KB 2 KB	50ms 50ms	Document text/html	94.100.180.54 VK-AS
General Check archive.org Show headers Download Go to Full URL https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&vt=1&domain=dom-me4ty.ru&imageurl=http%3A%2F%2Fdom-me4ty.ru%2Fm.gif&url=http%3A%2F%2Fdom-me4ty.ru%2F&buttonID=5612163&faces_count=10&height=60&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=https%3A%2F%2Fdom-me4ty.ru&wid=1069275&type=insertable&app_id=-1&appid=-1 Requested by Host: my2.imgsmail.ru URL: https://my2.imgsmail.ru/mail/ru/images/js/connect/api/api_min.js?16 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 94.100.180.54 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS connect.mail.ru Software nginx / Resource Hash 977b5361c54ce094759887c2ce73b7cfb438bbcc8bb3c9831127dc917cc53a0e Request headers Referer https://dom-me4ty.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Sat, 29 Apr 2023 15:29:18 GMT Server nginx Transfer-Encoding chunked cache-control no-cache, no-store, must-revalidate, private content-encoding gzip expires Fri, 29 Apr 2022 15:29:18 GMT p3p policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA" pragma no-cache x-envoy-upstream-service-time 2 x-webkit-csp-report-only default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
GET H/1.1	200 OK	jquery.js Show response my1.imgsmail.ru/r/js/ru/jsCore/jquery/ Frame E182	214 KB 64 KB	353ms 98ms	Script application/javascript	185.5.137.202 VK-AS
General Check archive.org Show headers Download Go to Full URL https://my1.imgsmail.ru/r/js/ru/jsCore/jquery/jquery.js Requested by Host: connect.mail.ru URL: https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&vt=1&domain=dom-me4ty.ru&imageurl=http%3A%2F%2Fdom-me4ty.ru%2Fm.gif&url=http%3A%2F%2Fdom-me4ty.ru%2F&buttonID=5612163&faces_count=10&height=60&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=https%3A%2F%2Fdom-me4ty.ru&wid=1069275&type=insertable&app_id=-1&appid=-1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.5.137.202 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS mystatic2.i.mail.ru Software nginx / Resource Hash c915b48765a756aecea1bde59036e7d4db96e0a7f17c39e8fe4187026f5ccf59 Request headers accept-language de-DE,de;q=0.9 Referer https://connect.mail.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:18 GMT Content-Encoding gzip Last-Modified Tue, 18 Apr 2023 05:51:07 GMT Server nginx ETag W/"643e2fcb-35795" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin https://my.mail.ru Cache-Control max-age=315360000 Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	uber-share.js Show response my1.imgsmail.ru/r/js/connect/share/ Frame E182	45 KB 8 KB	304ms 49ms	Script application/javascript	185.5.137.202 VK-AS
General Check archive.org Show headers Download Go to Full URL https://my1.imgsmail.ru/r/js/connect/share/uber-share.js?1_2 Requested by Host: connect.mail.ru URL: https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&vt=1&domain=dom-me4ty.ru&imageurl=http%3A%2F%2Fdom-me4ty.ru%2Fm.gif&url=http%3A%2F%2Fdom-me4ty.ru%2F&buttonID=5612163&faces_count=10&height=60&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=https%3A%2F%2Fdom-me4ty.ru&wid=1069275&type=insertable&app_id=-1&appid=-1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.5.137.202 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS mystatic2.i.mail.ru Software nginx / Resource Hash ba7bc979694591a79dbf8a8894fdd972478d91be79c6386520bab30fa5213b85 Request headers accept-language de-DE,de;q=0.9 Referer https://connect.mail.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:18 GMT Content-Encoding gzip Last-Modified Tue, 18 Apr 2023 05:51:07 GMT Server nginx ETag W/"643e2fcb-b478" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin https://my.mail.ru Cache-Control max-age=315360000 Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	20.css my1.imgsmail.ru/mail/ru/css/new/share/compiled/ Frame E182	9 KB 2 KB	302ms 47ms	Stylesheet text/css	185.5.137.202 VK-AS
General Check archive.org Show headers Download Go to Full URL https://my1.imgsmail.ru/mail/ru/css/new/share/compiled/20.css?1_2 Requested by Host: connect.mail.ru URL: https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&vt=1&domain=dom-me4ty.ru&imageurl=http%3A%2F%2Fdom-me4ty.ru%2Fm.gif&url=http%3A%2F%2Fdom-me4ty.ru%2F&buttonID=5612163&faces_count=10&height=60&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=https%3A%2F%2Fdom-me4ty.ru&wid=1069275&type=insertable&app_id=-1&appid=-1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.5.137.202 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS mystatic2.i.mail.ru Software nginx / Resource Hash 7d2fc381aebbeca6bc929c34ff3af23c94352463c9233894221bb9120f030e63 Request headers accept-language de-DE,de;q=0.9 Referer https://connect.mail.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:18 GMT Content-Encoding gzip Last-Modified Tue, 18 Apr 2023 05:51:07 GMT Server nginx ETag W/"643e2fcb-2294" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=315360000 Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	css fonts.googleapis.com/ Frame D160	6 KB 1 KB	128ms 44ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1495272264946693&output=html&h=250&slotname=2243347748&adk=3396658608&adf=1455609843&pi=t.ma~as.2243347748&w=300&lmt=1682782157&url=https%3A%2F%2Fdom-me4ty.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682782157595&bpp=24&bdt=421&idt=238&shv=r20230426&mjsv=m202304250101&ptt=5&saldr=sa&abxe=1&correlator=3605199202256&frm=20&pv=2&ga_vid=1579603687.1682782158&ga_sid=1682782158&ga_hid=938112182&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=945&ady=157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1151737479327201&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nuViHdWw0g&p=https%3A//dom-me4ty.ru&dtd=257 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 29 Apr 2023 15:29:18 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 29 Apr 2023 13:35:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 29 Apr 2023 15:29:18 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame D160	2 KB 846 B	161ms 49ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1495272264946693&output=html&h=250&slotname=2243347748&adk=3396658608&adf=1455609843&pi=t.ma~as.2243347748&w=300&lmt=1682782157&url=https%3A%2F%2Fdom-me4ty.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682782157595&bpp=24&bdt=421&idt=238&shv=r20230426&mjsv=m202304250101&ptt=5&saldr=sa&abxe=1&correlator=3605199202256&frm=20&pv=2&ga_vid=1579603687.1682782158&ga_sid=1682782158&ga_hid=938112182&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=945&ady=157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1151737479327201&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nuViHdWw0g&p=https%3A//dom-me4ty.ru&dtd=257 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 20:09:05 GMT content-encoding br x-content-type-options nosniff age 69613 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 May 2023 20:09:05 GMT
GET H2	200	adview googleads.g.doubleclick.net/pagead/ Frame D160	0 0	86ms 84ms	Fetch text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=C0AvmzjdNZOfsAZ6NtOUPupqHmA3ezcHRb4bzoJjsEJ3k2r_NARABILfQ-htgleKQgqAHoAHWrrbZA8gBCakC99WXD798sj6oAwHIA8sEqgTFAU_QeEWiLBH634ZzH3-rNvuKbyGvLy4-hShcAKUEfeAdi7DOI_mKYLNbuLe4bLB-w0S075k7f21rg9ozR6qMhBUI5eaTGqqsaFLJlAmVanQL_-Hwh_t6QOSoyExFbTxOocqC2STmECC30oZq27PR3m7DRkXdJ7vO-Sh8FEDOeX88ZUuGL8qFOulxxToteb-DDJAwrTXqt9kRA-Wp5WwSKUp0JZVcFWNDQEiNpWo7M72RUYNQeLrvav-9k_K0mUIObubHIFD4wAS1mueqlASSBQQIBBgBkgUECAUYBKAGLoAHktHJJqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEM-vA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNDk1MjcyMjY0OTQ2NjkzGAA&sigh=obdtCAdiiEQ&uach_m=[UACH]&cid=CAQSGwBygQiDXWzq_vmvBI6YMRLvgoY-0Uax0H8Q8hgB&template_id=484 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1495272264946693&output=html&h=250&slotname=2243347748&adk=3396658608&adf=1455609843&pi=t.ma~as.2243347748&w=300&lmt=1682782157&url=https%3A%2F%2Fdom-me4ty.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682782157595&bpp=24&bdt=421&idt=238&shv=r20230426&mjsv=m202304250101&ptt=5&saldr=sa&abxe=1&correlator=3605199202256&frm=20&pv=2&ga_vid=1579603687.1682782158&ga_sid=1682782158&ga_hid=938112182&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=945&ady=157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1151737479327201&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nuViHdWw0g&p=https%3A//dom-me4ty.ru&dtd=257 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1495272264946693&output=html&h=250&slotname=2243347748&adk=3396658608&adf=1455609843&pi=t.ma~as.2243347748&w=300&lmt=1682782157&url=https%3A%2F%2Fdom-me4ty.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682782157595&bpp=24&bdt=421&idt=238&shv=r20230426&mjsv=m202304250101&ptt=5&saldr=sa&abxe=1&correlator=3605199202256&frm=20&pv=2&ga_vid=1579603687.1682782158&ga_sid=1682782158&ga_hid=938112182&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=945&ady=157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1151737479327201&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nuViHdWw0g&p=https%3A//dom-me4ty.ru&dtd=257 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sat, 29 Apr 2023 15:29:18 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 29 Apr 2023 15:29:18 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame D160	22 KB 9 KB	126ms 38ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1495272264946693&output=html&h=250&slotname=2243347748&adk=3396658608&adf=1455609843&pi=t.ma~as.2243347748&w=300&lmt=1682782157&url=https%3A%2F%2Fdom-me4ty.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682782157595&bpp=24&bdt=421&idt=238&shv=r20230426&mjsv=m202304250101&ptt=5&saldr=sa&abxe=1&correlator=3605199202256&frm=20&pv=2&ga_vid=1579603687.1682782158&ga_sid=1682782158&ga_hid=938112182&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=945&ady=157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1151737479327201&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nuViHdWw0g&p=https%3A//dom-me4ty.ru&dtd=257 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 10:51:45 GMT content-encoding br x-content-type-options nosniff age 16653 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8751 x-xss-protection 0 server cafe etag 8024400250147624166 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 13 May 2023 10:51:45 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame D160	3 KB 1 KB	136ms 50ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1495272264946693&output=html&h=250&slotname=2243347748&adk=3396658608&adf=1455609843&pi=t.ma~as.2243347748&w=300&lmt=1682782157&url=https%3A%2F%2Fdom-me4ty.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682782157595&bpp=24&bdt=421&idt=238&shv=r20230426&mjsv=m202304250101&ptt=5&saldr=sa&abxe=1&correlator=3605199202256&frm=20&pv=2&ga_vid=1579603687.1682782158&ga_sid=1682782158&ga_hid=938112182&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=945&ady=157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1151737479327201&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nuViHdWw0g&p=https%3A//dom-me4ty.ru&dtd=257 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 19:20:44 GMT content-encoding br x-content-type-options nosniff age 72514 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 May 2023 19:20:44 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame D160	19 KB 8 KB	128ms 43ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1495272264946693&output=html&h=250&slotname=2243347748&adk=3396658608&adf=1455609843&pi=t.ma~as.2243347748&w=300&lmt=1682782157&url=https%3A%2F%2Fdom-me4ty.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682782157595&bpp=24&bdt=421&idt=238&shv=r20230426&mjsv=m202304250101&ptt=5&saldr=sa&abxe=1&correlator=3605199202256&frm=20&pv=2&ga_vid=1579603687.1682782158&ga_sid=1682782158&ga_hid=938112182&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=945&ady=157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1151737479327201&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nuViHdWw0g&p=https%3A//dom-me4ty.ru&dtd=257 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 02:01:09 GMT content-encoding br x-content-type-options nosniff age 48489 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7966 x-xss-protection 0 server cafe etag 10783182253924109600 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 13 May 2023 02:01:09 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D160	158 KB 49 KB	144ms 50ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1495272264946693&output=html&h=250&slotname=2243347748&adk=3396658608&adf=1455609843&pi=t.ma~as.2243347748&w=300&lmt=1682782157&url=https%3A%2F%2Fdom-me4ty.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682782157595&bpp=24&bdt=421&idt=238&shv=r20230426&mjsv=m202304250101&ptt=5&saldr=sa&abxe=1&correlator=3605199202256&frm=20&pv=2&ga_vid=1579603687.1682782158&ga_sid=1682782158&ga_hid=938112182&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=945&ady=157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1151737479327201&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nuViHdWw0g&p=https%3A//dom-me4ty.ru&dtd=257 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:18 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49538 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1682508732222081" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 29 Apr 2023 15:29:18 GMT
GET H2	200	db111240cbe1512809aeaf9cc183cd4f.js Show response www.gstatic.com/mysidia/ Frame D160	32 KB 14 KB	123ms 35ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/db111240cbe1512809aeaf9cc183cd4f.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1495272264946693&output=html&h=250&slotname=2243347748&adk=3396658608&adf=1455609843&pi=t.ma~as.2243347748&w=300&lmt=1682782157&url=https%3A%2F%2Fdom-me4ty.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682782157595&bpp=24&bdt=421&idt=238&shv=r20230426&mjsv=m202304250101&ptt=5&saldr=sa&abxe=1&correlator=3605199202256&frm=20&pv=2&ga_vid=1579603687.1682782158&ga_sid=1682782158&ga_hid=938112182&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=945&ady=157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1151737479327201&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nuViHdWw0g&p=https%3A//dom-me4ty.ru&dtd=257 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e92fede4d39999580183bcdff0c1cfca8a193d7058b7abf0a826ae9c365986d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 17:56:12 GMT content-encoding gzip x-content-type-options nosniff age 77586 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13598 x-xss-protection 0 last-modified Fri, 28 Apr 2023 17:44:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 27 Jul 2023 17:56:12 GMT
GET H2	200	2076313506083323656 tpc.googlesyndication.com/simgad/16481602980022318006/ Frame D160	60 KB 60 KB	149ms 68ms	Image image/jpeg	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/16481602980022318006/2076313506083323656 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1495272264946693&output=html&h=250&slotname=2243347748&adk=3396658608&adf=1455609843&pi=t.ma~as.2243347748&w=300&lmt=1682782157&url=https%3A%2F%2Fdom-me4ty.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682782157595&bpp=24&bdt=421&idt=238&shv=r20230426&mjsv=m202304250101&ptt=5&saldr=sa&abxe=1&correlator=3605199202256&frm=20&pv=2&ga_vid=1579603687.1682782158&ga_sid=1682782158&ga_hid=938112182&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=945&ady=157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1151737479327201&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nuViHdWw0g&p=https%3A//dom-me4ty.ru&dtd=257 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 385a78f7ad9010bd83e59a5541d5367fcde1c3eaf9df4dc39c7ed91875a229f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 23 Apr 2023 12:47:29 GMT x-content-type-options nosniff age 528109 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61470 x-xss-protection 0 last-modified Thu, 11 Aug 2022 11:46:25 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 22 Apr 2024 12:47:29 GMT
GET DATA	200 OK	truncated / Frame D160	218 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 54accb1b5bf42c17f1acef2eb872709554212e7731ecf2060ab5ca1698825a0e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame D160	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9c2155dc82b5dc324ea0f710a663631a4cbb6eb2c2f96f282329f38b7ed16c49 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame D160	15 KB 16 KB	125ms 38ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 06:10:15 GMT x-content-type-options nosniff age 33543 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Apr 2024 06:10:15 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame D160	15 KB 16 KB	131ms 48ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 06:22:44 GMT x-content-type-options nosniff age 32794 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Apr 2024 06:22:44 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame D160	15 KB 15 KB	161ms 80ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 23:14:12 GMT x-content-type-options nosniff age 58506 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 27 Apr 2024 23:14:12 GMT
GET H/1.1	200 OK	vertical-pointer-sprite.png my1.imgsmail.ru/mail/ru/images/my/app/connect/share/ Frame E182	1 KB 1 KB	47ms 47ms	Image image/png	185.5.137.202 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://my1.imgsmail.ru/mail/ru/images/my/app/connect/share/vertical-pointer-sprite.png Requested by Host: my1.imgsmail.ru URL: https://my1.imgsmail.ru/mail/ru/css/new/share/compiled/20.css?1_2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.5.137.202 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS mystatic2.i.mail.ru Software nginx / Resource Hash 57341149ee8f495d9b0fbe9dfa6b92640ce857fca056c2af513987c27aaeb7ee Request headers accept-language de-DE,de;q=0.9 Referer https://my1.imgsmail.ru/mail/ru/css/new/share/compiled/20.css?1_2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:18 GMT Last-Modified Wed, 01 Mar 2017 10:05:24 GMT Server nginx ETag "58b69ce4-48e" Content-Type image/png Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 1166 Expires Sat, 06 May 2023 15:29:18 GMT
GET H/1.1	200 OK	mm-rounded.png my1.imgsmail.ru/mail/ru/images/my/app/connect/share/presets/20/ Frame E182	5 KB 5 KB	48ms 47ms	Image image/png	185.5.137.202 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://my1.imgsmail.ru/mail/ru/images/my/app/connect/share/presets/20/mm-rounded.png Requested by Host: my1.imgsmail.ru URL: https://my1.imgsmail.ru/mail/ru/css/new/share/compiled/20.css?1_2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.5.137.202 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS mystatic2.i.mail.ru Software nginx / Resource Hash b5bef9a7cc2af6198410cba7edfa844dd6419c800b5a518587c4b0d7d7dce29d Request headers accept-language de-DE,de;q=0.9 Referer https://my1.imgsmail.ru/mail/ru/css/new/share/compiled/20.css?1_2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:18 GMT Last-Modified Wed, 01 Mar 2017 10:05:24 GMT Server nginx ETag "58b69ce4-1411" Content-Type image/png Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 5137 Expires Sat, 06 May 2023 15:29:18 GMT
GET H/1.1	200 OK	grstat my.mail.ru/ Frame E182	43 B 609 B	53ms 52ms	Image image/gif	94.100.180.38 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://my.mail.ru/grstat?name=shows&connect=1 Requested by Host: connect.mail.ru URL: https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&vt=1&domain=dom-me4ty.ru&imageurl=http%3A%2F%2Fdom-me4ty.ru%2Fm.gif&url=http%3A%2F%2Fdom-me4ty.ru%2F&buttonID=5612163&faces_count=10&height=60&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=https%3A%2F%2Fdom-me4ty.ru&wid=1069275&type=insertable&app_id=-1&appid=-1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 94.100.180.38 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS my.mail.ru Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers accept-language de-DE,de;q=0.9 Referer https://connect.mail.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:18 GMT X-Content-Type-Options nosniff Server nginx X-WebKit-CSP-Report-Only default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript: X-Frame-Options DENY Content-Type image/gif P3P policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA" Cache-Control no-cache, no-store, must-revalidate, private Connection keep-alive Content-Length 43 X-XSS-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H/1.1	200 OK	d525461.gif rs.mail.ru/ Frame E182	43 B 451 B	260ms 48ms	Image image/gif	2a00:1148:db00::17 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://rs.mail.ru/d525461.gif?0.7843739302276271 Requested by Host: connect.mail.ru URL: https://connect.mail.ru/share_button?cm=1&ck=3&sz=20&st=2&vt=1&domain=dom-me4ty.ru&imageurl=http%3A%2F%2Fdom-me4ty.ru%2Fm.gif&url=http%3A%2F%2Fdom-me4ty.ru%2F&buttonID=5612163&faces_count=10&height=60&width=100%25&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=https%3A%2F%2Fdom-me4ty.ru&wid=1069275&type=insertable&app_id=-1&appid=-1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://connect.mail.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sat, 29 Apr 2023 15:29:19 GMT Server nginx P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT" Content-Type image/gif Cache-Control private, no-cache, no-store Connection keep-alive Timing-Allow-Origin * Content-Length 43
GET H3	200	hnY7PzTjWh4XksTeMflqXiPWVUSZPNkbpYPulxtDGE8.js Show response pagead2.googlesyndication.com/bg/ Frame 76F6	36 KB 14 KB	36ms 36ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hnY7PzTjWh4XksTeMflqXiPWVUSZPNkbpYPulxtDGE8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1495272264946693&output=html&h=250&slotname=2243347748&adk=3396658608&adf=1455609843&pi=t.ma~as.2243347748&w=300&lmt=1682782157&url=https%3A%2F%2Fdom-me4ty.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682782157595&bpp=24&bdt=421&idt=238&shv=r20230426&mjsv=m202304250101&ptt=5&saldr=sa&abxe=1&correlator=3605199202256&frm=20&pv=2&ga_vid=1579603687.1682782158&ga_sid=1682782158&ga_hid=938112182&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=945&ady=157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1151737479327201&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cle%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nuViHdWw0g&p=https%3A//dom-me4ty.ru&dtd=257 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 86763b3f34e35a1e1792c4de31f96a5e23d65544993cd91ba583ee971b43184f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 26 Apr 2023 20:31:22 GMT content-encoding br x-content-type-options nosniff age 241077 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14132 x-xss-protection 0 last-modified Tue, 25 Apr 2023 09:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 25 Apr 2024 20:31:22 GMT
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	137 KB 46 KB	98ms 98ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b12f3674679e236c5c382f00c3b66d5228456dcc79922d13a49658078b906263 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47365 x-xss-protection 0 server cafe etag 8300093542938806357 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sat, 29 Apr 2023 15:29:19 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	155ms 84ms	XHR application/json	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230426&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f6d20924f06dc51d79ebfea3e422db8a96ea97b8a2defc404a888860ff26db5b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:19 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11145 x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/ Frame 43BD	10 KB 4 KB	36ms 35ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dom-me4ty.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 61287 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 28 Apr 2023 22:27:52 GMT etag 2378337311435320485 expires Fri, 12 May 2023 22:27:52 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	45ms 43ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=dom-me4ty.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:19 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	47ms 45ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=dom-me4ty.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:19 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame D5B0	436 KB 86 KB	1605ms 1604ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1495272264946693&output=html&adk=1812271804&adf=3025194257&lmt=1682782159&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fdom-me4ty.ru%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682782159312&bpp=4&bdt=2138&idt=4&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbf6d9be73f9536be-224463dc7cdf00c1%3AT%3D1682782157%3ART%3D1682782157%3AS%3DALNI_MYAbTr20Zrt3TZ-PrxXm4oytmlMCg&gpic=UID%3D00000be678898c60%3AT%3D1682782157%3ART%3D1682782157%3AS%3DALNI_MaTlzvsEONwd0D457JM1FmrCqUYRA&prev_slotnames=2243347748&nras=1&correlator=3605199202256&frm=20&pv=1&ga_vid=1579603687.1682782158&ga_sid=1682782158&ga_hid=938112182&ga_fc=1&ga_wpids=UA-29484964-17&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCviurvWObYtW3pK80PsIpQVLs8t0nhNXT0UfGW-bAlDBhtKndAGgD395Dfjlr_rUzorHf6rhk5uisIzV8x2im3iKcA&pvsid=1151737479327201&tmod=197657399&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=47 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d3c9b9171c0029b74a3aa6e0ae77fbaebc90a7ec81e4718258c3c8ffc119da0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dom-me4ty.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 88213 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 29 Apr 2023 15:29:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	48ms 47ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 29 Apr 2023 15:29:19 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1271	13 KB 5 KB	39ms 38ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dom-me4ty.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 72467 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 28 Apr 2023 19:21:32 GMT expires Sat, 27 Apr 2024 19:21:32 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 878A	783 B 1 KB	139ms 47ms	Document text/html	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 98b559b7124e5c5afc4b3807133a46938adcfd3c293fe846ad930a82737125ea Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-GFaBBA8DdBAQjiGDHRixMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://dom-me4ty.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 513 content-security-policy script-src 'report-sample' 'nonce-GFaBBA8DdBAQjiGDHRixMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 29 Apr 2023 15:29:19 GMT expires Sat, 29 Apr 2023 15:29:19 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	hnY7PzTjWh4XksTeMflqXiPWVUSZPNkbpYPulxtDGE8.js Show response pagead2.googlesyndication.com/bg/ Frame 1271	36 KB 14 KB	36ms 35ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hnY7PzTjWh4XksTeMflqXiPWVUSZPNkbpYPulxtDGE8.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 86763b3f34e35a1e1792c4de31f96a5e23d65544993cd91ba583ee971b43184f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 26 Apr 2023 20:31:22 GMT content-encoding br x-content-type-options nosniff age 241077 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14132 x-xss-protection 0 last-modified Tue, 25 Apr 2023 09:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 25 Apr 2024 20:31:22 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 878A	0 0	136ms 136ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230426&jk=1151737479327201&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 1271	0 10 B	37ms 37ms	Image text/plain	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?Fdc6_w Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:19 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame D160	42 B 64 B	143ms 141ms	Fetch image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJnpOHV-DXfOlZev0s2n6iI0DZNLS6OWMqrl-ZEgn3OapKbPgGEkHWmvkWcBAarwVzpkrp5m-0ba6pmV_pOKkNEmxy4yxBzQwBhnpP690yrOgX2IW79V2AXwU_uaTu3--H-6VUSg&sai=AMfl-YTJ_VkyduLV7yb0dCu_qPL8PWH-1r6-qSJFopuhNHXCjP4QjgjD1fBDpCegjU_k6rUD04CYqC-bVIrX&sig=Cg0ArKJSzDwqYI2DxgahEAE&cid=CAQSGwBygQiDXWzq_vmvBI6YMRLvgoY-0Uax0H8Q8hgB&id=lidar2&mcvt=1004&p=0,0,250,300&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3396658608&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682782157854&rpt=1185&met=mue&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:20 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	141ms 141ms	Image text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230426&jk=1151737479327201&bg=!DA-lD1vNAAb9Sbh13Uk7ADkAdvg8WrQ-xHz0VuG_rT2esXlmazOrV5gZdh_wiivmwwszx6I12SckKMmz2wB2hhFdAcj17mo2xY4CAAAAbFIAAAADaAEHmQLiSBXZ0d99qHdzHWZYQwloHjT-S6X7d7E7tEkhJ7Kdtx9jyohctkabMI7GtpBosFGkXcCzUQsPmG1Cw6z4kMdtWMzAGTUjWfdbcHZ0ev7VYz9YMkTrTfNTb6BZwERHVOkEdbgbpq1pSyB0Z2UqFgEnmdjlaqvZHT6CeRs3TQF774oLfEQlXgryjwn4xRAy1ApKsC8zIZYnbXZwtSXGrfk4XVPhnaDtPbJDoz35dNoJT29sHG3Fv-Q4qh5psbkPftxg4Tc2xA4cJmH7F0istS0bTQvC1FE6wWcskytojsuLJF-1sFIfbC6JdbbgjZ8akkQzBas3RMH40QJ9XNLYlBElDR-PP0M7F8kTqcXXCT-yBFw7Fz0CsCYNkqek5DJk-fq_lp8zJHQ2QItZZN_RmKI4ABsDIx8yovfpB0qjzjKfrVZShzDD0_oTFmnjZR5HxHtU3KBhvmsWfG6xHDtUWBEgTE_zKV7NaudcOGwZq0R9_WoaqlhLFZzydQoalxr-Gtpi9L_Afa_BUEsEoejyOniCc8TtU1SqtPxFGau8TbcL6HGdxNwfg3fTMWmKfZcsGJUpAE9JDMZ-akomLS0HNAp5jnhh549ZrFON-bJSt81S5TKutnz1sVr-5sxEj9cy4Q7ETA4RZM3gp204B6hOzZyECC30yAtkzz8jJYLYkrYfYzuIXWAEjwA8LgI0ol_jN22iqqnutXF3DpjOCXk94HvpFDG6oxHvMKkc3O84uGjLnb3jJfCLBj7G2-QAt4GEibTYOxTrtJg2qms-RjFI40m9DxRTyDvCqtxsb3DzODoktZ9MdC3XheM6iOvK9JUSd6nE8YOXUA8QhtzWn5OnRZ9fzySIiSLlLULJGTrOCNpGmpLyXiYhklC8Hu7oGIr-ZcxhMM4cd1GMJ96OrkKVOE7nzOlslFra0eOWAmUDlK8W3dJyOSsnxm8j-IPg6EqfxIEAoQ8nPL21F_-RMt44qHJS0_6m Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/	148 KB 50 KB	122ms 121ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7a4bfd8726e59be42f1f7c086b3f7e2bf95ac3a630e947fe0ac239f300fe5fad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51478 x-xss-protection 0 server cafe etag 2966671645455809422 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sat, 29 Apr 2023 15:29:21 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	46ms 45ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=dom-me4ty.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	46ms 46ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=dom-me4ty.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dom-me4ty.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame 5AD1	10 KB 4 KB	36ms 36ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dom-me4ty.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 25467 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 29 Apr 2023 08:24:54 GMT etag 2378337311435320485 expires Sat, 13 May 2023 08:24:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame 13C9	10 KB 4 KB	37ms 36ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dom-me4ty.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 25467 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 29 Apr 2023 08:24:54 GMT etag 2378337311435320485 expires Sat, 13 May 2023 08:24:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame 7B2B	10 KB 4 KB	37ms 35ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dom-me4ty.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 25467 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 29 Apr 2023 08:24:54 GMT etag 2378337311435320485 expires Sat, 13 May 2023 08:24:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame B405	10 KB 4 KB	37ms 36ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1495272264946693&plah=dom-me4ty.ru Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dom-me4ty.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 25467 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 29 Apr 2023 08:24:54 GMT etag 2378337311435320485 expires Sat, 13 May 2023 08:24:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	css2 fonts.googleapis.com/ Frame 5AD1	5 KB 755 B	45ms 44ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 29 Apr 2023 13:33:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 29 Apr 2023 15:29:21 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 5AD1	205 B 295 B	38ms 36ms	Image image/png	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 12:27:18 GMT x-content-type-options nosniff age 10923 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 28 Apr 2024 12:27:18 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 5AD1	604 B 918 B	37ms 36ms	Image image/png	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 14:19:14 GMT x-content-type-options nosniff age 4207 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 28 Apr 2024 14:19:14 GMT
GET H3	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 5AD1	12 KB 5 KB	40ms 39ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8beabe16b2d22cfd6e99cf22b11e1cc4c8e09a2d1d48c3ada8602eb387e7713 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 13:59:23 GMT content-encoding br x-content-type-options nosniff age 5398 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5511 x-xss-protection 0 server cafe etag 9409473563932297666 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 13 May 2023 13:59:23 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 5AD1	19 KB 8 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 20:31:57 GMT content-encoding br x-content-type-options nosniff age 68244 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8031 x-xss-protection 0 server cafe etag 4566461469134147509 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 May 2023 20:31:57 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 13C9	2 KB 765 B	37ms 37ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 20:09:05 GMT content-encoding br x-content-type-options nosniff age 69616 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 May 2023 20:09:05 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 13C9	22 KB 9 KB	37ms 37ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 10:51:45 GMT content-encoding br x-content-type-options nosniff age 16656 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8751 x-xss-protection 0 server cafe etag 8024400250147624166 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 13 May 2023 10:51:45 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 13C9	3 KB 1 KB	70ms 70ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 19:20:44 GMT content-encoding br x-content-type-options nosniff age 72517 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 May 2023 19:20:44 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 13C9	19 KB 8 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 02:01:09 GMT content-encoding br x-content-type-options nosniff age 48492 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7966 x-xss-protection 0 server cafe etag 10783182253924109600 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 13 May 2023 02:01:09 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 13C9	0 0	47ms 46ms	Image text/html	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjugbLqe9ynbjWRKg1AcGw4c2ZfqCmUE3bVLZujRtOEarjnSrrqJEdytdjhMETp-bav4Iy5Cdchzoonn2zn55kjJ9_ew Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 13C9	158 KB 49 KB	71ms 69ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49538 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1682508732222081" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 29 Apr 2023 15:29:21 GMT
GET H2	200	dc885651c24f3a38cf2b2dda4c5c7197.js Show response www.gstatic.com/mysidia/ Frame 13C9	32 KB 13 KB	36ms 35ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 12:11:33 GMT content-encoding gzip x-content-type-options nosniff age 357468 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13586 x-xss-protection 0 last-modified Tue, 25 Apr 2023 00:18:33 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 24 Jul 2023 12:11:33 GMT
GET H2	200	css fonts.googleapis.com/ Frame 7B2B	4 KB 696 B	46ms 46ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a03f258426163fc558514ba89ecd54a6279d8e17cf9a28ea7ed63689fff54c9f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 29 Apr 2023 14:31:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 29 Apr 2023 15:29:21 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 7B2B	2 KB 765 B	64ms 64ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 20:09:05 GMT content-encoding br x-content-type-options nosniff age 69616 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 May 2023 20:09:05 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 7B2B	22 KB 9 KB	42ms 42ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 10:51:45 GMT content-encoding br x-content-type-options nosniff age 16656 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8751 x-xss-protection 0 server cafe etag 8024400250147624166 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 13 May 2023 10:51:45 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 7B2B	3 KB 1 KB	63ms 62ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 19:20:44 GMT content-encoding br x-content-type-options nosniff age 72517 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 May 2023 19:20:44 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 7B2B	19 KB 8 KB	47ms 46ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 02:01:09 GMT content-encoding br x-content-type-options nosniff age 48492 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7966 x-xss-protection 0 server cafe etag 10783182253924109600 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 13 May 2023 02:01:09 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 7B2B	0 0	46ms 45ms	Image text/html	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCuD14VBc2tQXnjWmRpOP9ntdnnQmAvzxWUQLqQZLm_791SNwXRs00aWFJBX14dVcIU3XML_YreXutnPMQeQNn1OqlBw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H2	200	dc885651c24f3a38cf2b2dda4c5c7197.js Show response www.gstatic.com/mysidia/ Frame 7B2B	32 KB 13 KB	36ms 35ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 12:11:33 GMT content-encoding gzip x-content-type-options nosniff age 357468 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13586 x-xss-protection 0 last-modified Tue, 25 Apr 2023 00:18:33 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 24 Jul 2023 12:11:33 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame B405	0 0	80ms 79ms	Fetch text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=C15EJzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS6AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69_rUKZDO4B3aTBUjMdVlpYcuOnB68_T90uMaaZsoT2TTa6pyvCCv4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTQ5NTI3MjI2NDk0NjY5MxgA&sigh=S6qlHGtAMrk&uach_m=[UACH]&cid=CAQSPABygQiDc5in8kj_a7xH6JlOGma5GY5oyhNHoztBqB9sOlcwsxBIsd82vdWyrdCJ9xAaEDJVhDJKU5Cl4xgB Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sat, 29 Apr 2023 15:29:21 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	notify rtb.nl3.eu.criteo.com/google/auction/ Frame B405	0 0	45ms 15ms	Fetch	2a02:2638:3::9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kqW_EMz6RO0HfJ2DYgICAAAAtxPOueIpdJIYgOtsEM83TWQ2nB7xDQN2a--1AAASAAAKCkFRVUJBUUVCQVE&wp=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; server-processing-duration-in-ticks 177642 server Kestrel content-length 0
GET H2	200	afr.php Show response ads.eu.criteo.com/delivery/r/ Frame 8C68	178 KB 55 KB	132ms 97ms	Document text/html	2a02:2638:3::12 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash ba8bca4539d8eef03de9075238b1e1307be8bd4955a85d47499388813a337e75 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Sat, 29 Apr 2023 15:29:20 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=jMpexkBDeL3TAhznpoO2SgJtrmTpwnTCSyNgoFWHBUHSDgcEI4tEl6Ae9qB7qtERMuID9LQ6I6HsRZQ4hHK5G7QIIzWXfs-f5nrlL7wtD76yfn1BJ8_PO8Y9u_p75m57cgLcbalkXjcNI-LLBQHoDpI1-RbQcrNSNUH1ryvwxLGdz3BpDaoht51E3GJ4Qy3UPInbnJMP6y0I0A178RZETnd-b6KzhJg-6Wyy7kRDquOzppjuodslQmcLOrQRgqmQqhc6JQ"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 76294168 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame B405	3 KB 1 KB	55ms 55ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 19:20:44 GMT content-encoding br x-content-type-options nosniff age 72517 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 May 2023 19:20:44 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 9924	1 KB 643 B	37ms 37ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 73736 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 28 Apr 2023 19:00:25 GMT etag 48472445140208031 expires Sat, 29 Apr 2023 19:00:25 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame B405	19 KB 8 KB	42ms 41ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 02:01:09 GMT content-encoding br x-content-type-options nosniff age 48492 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7966 x-xss-protection 0 server cafe etag 10783182253924109600 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 13 May 2023 02:01:09 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame B405	0 0	46ms 45ms	Image text/html	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFxQ1RD9LCMbOVct3zd02g9ySoedNMiQ2wHF0e4jxmCbepTLRhEiPerQ2-pkTCJe5PcEUZWQDkWEy4uxi0_Cx_1ht_hA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B405	158 KB 48 KB	73ms 72ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49538 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1682508732222081" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 29 Apr 2023 15:29:21 GMT
GET H2	200	css fonts.googleapis.com/ Frame 184D	9 KB 994 B	47ms 46ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 29 Apr 2023 13:35:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 29 Apr 2023 15:29:21 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 184D	2 KB 765 B	42ms 40ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 20:09:05 GMT content-encoding br x-content-type-options nosniff age 69616 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 May 2023 20:09:05 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 184D	22 KB 9 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 10:51:45 GMT content-encoding br x-content-type-options nosniff age 16656 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8751 x-xss-protection 0 server cafe etag 8024400250147624166 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 13 May 2023 10:51:45 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 184D	3 KB 1 KB	48ms 47ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 28 Apr 2023 19:20:44 GMT content-encoding br x-content-type-options nosniff age 72517 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 May 2023 19:20:44 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 184D	19 KB 8 KB	46ms 45ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 02:01:09 GMT content-encoding br x-content-type-options nosniff age 48492 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7966 x-xss-protection 0 server cafe etag 10783182253924109600 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 13 May 2023 02:01:09 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 184D	0 0	47ms 46ms	Image text/html	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSds4uhlsyJniotecYY6bUsFH5JvR7qeNFNBabmOkQKyB3AKMWr6_V1jo11CFYJysOAtZbeGmBE-0bM-NF2jDpGUUl-hQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 184D	158 KB 48 KB	65ms 64ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49538 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1682508732222081" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 29 Apr 2023 15:29:21 GMT
GET H2	200	dc885651c24f3a38cf2b2dda4c5c7197.js Show response www.gstatic.com/mysidia/ Frame 184D	32 KB 13 KB	37ms 36ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 25 Apr 2023 12:11:33 GMT content-encoding gzip x-content-type-options nosniff age 357468 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13586 x-xss-protection 0 last-modified Tue, 25 Apr 2023 00:18:33 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 24 Jul 2023 12:11:33 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 5F5C	1 KB 643 B	36ms 35ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 73736 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 28 Apr 2023 19:00:25 GMT etag 48472445140208031 expires Sat, 29 Apr 2023 19:00:25 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame F60F	1 KB 643 B	40ms 35ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 73736 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 28 Apr 2023 19:00:25 GMT etag 48472445140208031 expires Sat, 29 Apr 2023 19:00:25 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9924 Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESED7P1SyGTqKplNtW7wxEl_w&google_cver=1&google_push=ATf1kGML3_Ag8vyQlYbQmubxCOw0KdHq7tSSduuJvgVFRl7b27QtNbW2wpPqFdTcDbWaRudDRPqoCX77s9xsIkJRfTfzGKxnrCjPkA https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY1Njc3OTI1MjYwOTk0ODg2MA==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED7P1SyGTqKplNtW7wxEl_w&google_cver=1	43 B 398 B	94ms 15ms	Image image/gif	2001:678:cb4:bbbb::11 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED7P1SyGTqKplNtW7wxEl_w&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Server 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED7P1SyGTqKplNtW7wxEl_w&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame 9924	35 B 465 B	35ms 8ms	Image image/gif	2620:116:800d:21:93ca:31d8:d86e:38f6 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPqxxrtgqB0FvFCZwi2syNY&google_cver=1&google_push=ATf1kGMG9RBxfnCqaLLhy2wFCZ4fzy6WY4OBMDW22rGmrMm1b8ZXQNPSU9hYJHsGews2c2gDJ0Y7hxW5MqFQZ-VeZLyY_CEclJhDKw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	204	current dclk-match.dotomi.com/match/bounce/ Frame 9924	0 104 B	138ms 67ms	Image text/plain	2a02:fa8:8806:13::1370 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIMx8PAthqLtUe3HSZ7zDY0&google_cver=1&google_push=ATf1kGPaxeyXAaBMYW3TWmSTUuTeWpttCt0vI_iT5tcoz_AvtVWTSZr7tHysSdW5F8KVfiX-c3pd5Ik_HVehoqzTh01WDngQIRnYpg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9924 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEG37veuRalEabTinokK8Vc4&google_cver=1&google_push=ATf1kGN6Q1DdsKR_CN5lwMmlTIG8m2wbhjnz8KKEK8kjXCIFzD4GwNXRv0CE53mq0SFBD1IIfEm22-aMUOQcXsxQ... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGN6Q1DdsKR_CN5lwMmlTIG8m2wbhjnz8KKEK8kjXCIFzD4GwNXRv0CE53mq0SFBD1IIfEm22-aMUOQcXsxQWgKdcXY5zcgt	170 B 329 B	46ms 45ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGN6Q1DdsKR_CN5lwMmlTIG8m2wbhjnz8KKEK8kjXCIFzD4GwNXRv0CE53mq0SFBD1IIfEm22-aMUOQcXsxQWgKdcXY5zcgt Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sat, 29 Apr 2023 15:29:21 GMT Server MT3 830 785530e master zrh-pixel-x27 config_version:"unknown" Content-Type image/gif Access-Control-Allow-Origin * location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGN6Q1DdsKR_CN5lwMmlTIG8m2wbhjnz8KKEK8kjXCIFzD4GwNXRv0CE53mq0SFBD1IIfEm22-aMUOQcXsxQWgKdcXY5zcgt P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Sat, 29 Apr 2023 15:29:20 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame 9924	70 B 265 B	111ms 31ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESELwamBKOLzRPtShZf2pVDgE&google_cver=1&google_push=ATf1kGOI4Ls5Gntq8fQ4gBZ-bSwztVXpbmoYEU0hJUzDPO6fBQgMhL7C8ssfwsUwKersgYhn9CXpf3BnaApA9gF23GnCfCo651VmcQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9924 Redirect Chain https://d.agkn.com/pixel/2175/?google_gid=CAESEK70Pa5lhLhrefCi4be0bDo&google_cver=1&google_push=ATf1kGPq8ypmb6lqqNp_WO4cUk7MFDyb4Z8bGU98M2MB7CD4aNhLRlh-yBA4v0Msy3XsXpJAkUMnuwf_W_PcU4lcNCluNXs77rlHTA https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGPq8ypmb6lqqNp_WO4cUk7MFDyb4Z8bGU98M2MB7CD4aNhLRlh-yBA4v0Msy3XsXpJAkUMnuwf_W_PcU4lcNCluNXs77rlHTA&google_hm=Q0FFU0VLNzBQYTVsaEx...	170 B 232 B	47ms 46ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGPq8ypmb6lqqNp_WO4cUk7MFDyb4Z8bGU98M2MB7CD4aNhLRlh-yBA4v0Msy3XsXpJAkUMnuwf_W_PcU4lcNCluNXs77rlHTA&google_hm=Q0FFU0VLNzBQYTVsaExocmVmQ2k0YmUwYkRv Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sat, 29 Apr 2023 15:29:21 GMT P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGPq8ypmb6lqqNp_WO4cUk7MFDyb4Z8bGU98M2MB7CD4aNhLRlh-yBA4v0Msy3XsXpJAkUMnuwf_W_PcU4lcNCluNXs77rlHTA&google_hm=Q0FFU0VLNzBQYTVsaExocmVmQ2k0YmUwYkRv Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9924 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEARJyxUIlYEBz04DqQGrtk8&google_cver=1&google_push=ATf1kGOqvEM4M3jljWBfYft_upHFtFsEkrqkLQr8cFYMKxk4mbuNxYPdcs1tapcaZihW5BssAavnxwY9... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEARJyxUIlYEBz04DqQGrtk8&google_cver=1&google_push=ATf1kGOqvEM4M3jljWBfYft_upHFtFsEkrqkLQr8cFYMKxk4mbuNxYPdcs1tapcaZihW5BssAav... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEzMTA0MDg1OTAzMjA3OTk5MA&google_push=ATf1kGOqvEM4M3jljWBfYft_upHFtFsEkrqkLQr8cFYMKxk4mbuNxYPdcs1tapcaZihW5BssAavnxw...	170 B 188 B	45ms 45ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEzMTA0MDg1OTAzMjA3OTk5MA&google_push=ATf1kGOqvEM4M3jljWBfYft_upHFtFsEkrqkLQr8cFYMKxk4mbuNxYPdcs1tapcaZihW5BssAavnxwY9_mTyK0oTrfYhVfnrrSh30g Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEzMTA0MDg1OTAzMjA3OTk5MA&google_push=ATf1kGOqvEM4M3jljWBfYft_upHFtFsEkrqkLQr8cFYMKxk4mbuNxYPdcs1tapcaZihW5BssAavnxwY9_mTyK0oTrfYhVfnrrSh30g access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 9924	0 139 B	131ms 43ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KsmdtOuViNEV5XcI9fUIp6t7D1lkM4DjaMDbif_Y8bTE3F2m5VpdIwK1KBum9cpCoRuLie Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET DATA	200 OK	truncated / Frame B405	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1875715576adf136fa4d6b1e1e1c46cd626d8d9ba4f46bdab850069944d9e056 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame D475	143 B 166 B	36ms 35ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1189 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 29 Apr 2023 15:09:32 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame DD33	1 KB 643 B	36ms 35ms	Document text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 73736 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 28 Apr 2023 19:00:25 GMT etag 48472445140208031 expires Sat, 29 Apr 2023 19:00:25 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame 8C68	2 KB 1 KB	50ms 17ms	Image image/svg+xml	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 23 Apr 2024 15:29:21 GMT
GET H2	200	adchoices_de.svg static.criteo.net/flash/icon/ Frame 8C68	2 KB 1 KB	50ms 16ms	Image image/svg+xml	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_de.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-763" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 23 Apr 2024 15:29:21 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame 8C68	308 B 636 B	25ms 23ms	Image image/svg+xml	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Tue, 23 Apr 2024 15:29:21 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame 8C68	293 B 621 B	20ms 19ms	Image image/svg+xml	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Tue, 23 Apr 2024 15:29:21 GMT
GET H2	200	lg.php cat.nl3.eu.criteo.com/delivery/ Frame 8C68	43 B 348 B	152ms 16ms	Image image/gif	178.250.1.6 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ba-8JnsnO68UYrYiDu2RaQt1qcxVtZGL1kb9tPAqqI5AI6gjPJ8bPANpPExPEwESFjJao6VNiK0tvxOyZNaSSy5lErdfd4HdNiZ_YXhCKT3Ibl9sFyonEbo1uhFWkUg39RsBnyElBqMSeXxow12tB3Ocecsg4ET2URNg3S-bSI_p8iSvfI5R9wQxWapp_ZppUVxrOqNHqOVCulEF1PI96YgIPe9pTPHhbbXq-gQTs6JHYuLkR0LWVhD2FBXujiwhftsVMYRHfAeCkjB_inUyLEsJ3YFpcg7RCF-GxLKkBa5dhNi2meI4mX8fHUypw98hv6U550Z5WNyXABAbbwlob_pWUUeEPKIFZWIXOPdjnC6nz103bxbptA_fr3oWj0EI5LEeLL8cX83ofnOdr022W3dSrD2l1K9-kV-YlscLU5J2BW5i Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1812562 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	webfontloader.js Show response cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8C68	12 KB 5 KB	36ms 19ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 161233 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4420 last-modified Mon, 04 May 2020 16:17:52 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb04030-30d9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5yQETZe8shtEwvGlJuxcYv%2FL57CVRzTC6hqtYse8qMGVbLaJS%2B4rsnatx9xAI7e1qKw5TBtz%2Bcboq3MEzZY8nWPIOccv53PI3NDwNEHkN2SnwgcsEm8BeSVG47L8Li1AdpMRttHP25fAFjv47p7fH%2Fi"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7bf8947e7bef383a-FRA expires Thu, 18 Apr 2024 15:29:21 GMT
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame 8C68	12 KB 6 KB	19ms 19ms	Script text/javascript	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 23 Apr 2024 15:29:21 GMT
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5F5C Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESED7P1SyGTqKplNtW7wxEl_w&google_cver=1&google_push=ATf1kGNhCxYEHo8TapIQ62xSWz9altKnx7dbOwb4sV6bQ8do7htmmicCX_S12x8S7NyQx0v8Sf08yoy_XhpIbcwN8TD7v78yuk9OK... https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY1Njc3OTI1MjYwOTk0ODg2MA==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED7P1SyGTqKplNtW7wxEl_w&google_cver=1	43 B 398 B	54ms 14ms	Image image/gif	2001:678:cb4:bbbb::11 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED7P1SyGTqKplNtW7wxEl_w&google_cver=1 Protocol H2 Server 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESED7P1SyGTqKplNtW7wxEl_w&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame 5F5C Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEMrL7DWxc-cgUEBSou_j5Jk&google_cver=1&google_push=ATf1kGM_RPCsbEtlB6wGwqkp8UpFbAN49Jkm1LDBv4HX6OSl2JueGiFXw9QgNThMsYM5qU1FsSX3Y_FkJfWAe5E9TLfXtGH7FVk6K... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMrL7DWxc-cgUEBSou_j5Jk&google_cver=1&google_push=ATf1kGM_RPCsbEtlB6wGwqkp8UpFbAN49Jkm1LDBv4HX6OSl2JueGiFXw9QgNThMsYM5qU1FsSX3Y_FkJfWAe5E9TLfXtGH7FVk...	43 B 449 B	179ms 163ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMrL7DWxc-cgUEBSou_j5Jk&google_cver=1&google_push=ATf1kGM_RPCsbEtlB6wGwqkp8UpFbAN49Jkm1LDBv4HX6OSl2JueGiFXw9QgNThMsYM5qU1FsSX3Y_FkJfWAe5E9TLfXtGH7FVk6KmAXnx22xTk48xmuFlZAJ6V7WP4Y-0xsHW2VgR1jM0ojeYhPKzHkZAZ5GCE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGM_RPCsbEtlB6wGwqkp8UpFbAN49Jkm1LDBv4HX6OSl2JueGiFXw9QgNThMsYM5qU1FsSX3Y_FkJfWAe5E9TLfXtGH7FVk6KmAXnx22xTk48xmuFlZAJ6V7WP4Y-0xsHW2VgR1jM0ojeYhPKzHkZAZ5GCE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Protocol H2 Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:22 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7bf894805db59b8e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 88 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMrL7DWxc-cgUEBSou_j5Jk&google_cver=1&google_push=ATf1kGM_RPCsbEtlB6wGwqkp8UpFbAN49Jkm1LDBv4HX6OSl2JueGiFXw9QgNThMsYM5qU1FsSX3Y_FkJfWAe5E9TLfXtGH7FVk6KmAXnx22xTk48xmuFlZAJ6V7WP4Y-0xsHW2VgR1jM0ojeYhPKzHkZAZ5GCE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGM_RPCsbEtlB6wGwqkp8UpFbAN49Jkm1LDBv4HX6OSl2JueGiFXw9QgNThMsYM5qU1FsSX3Y_FkJfWAe5E9TLfXtGH7FVk6KmAXnx22xTk48xmuFlZAJ6V7WP4Y-0xsHW2VgR1jM0ojeYhPKzHkZAZ5GCE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7bf8947e9b4c9b8e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame 5F5C	70 B 264 B	33ms 31ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESELwamBKOLzRPtShZf2pVDgE&google_cver=1&google_push=ATf1kGO1McsZIDXjFrsVJwrmwP13gkAprlHR3U7HNEpmvZsuCdODzPSuPib_Z5emxCciQICiBt3YPDpW_ahKBndv1GxpDSu3P9uXM0SRVdGJ2KMSGAFgyEmrwZZ3LQXXDq08kCF9rw2ZY2gcQV4_R5TbCjBK28o Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5F5C Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEARJyxUIlYEBz04DqQGrtk8&google_cver=1&google_push=ATf1kGPYh0Zlfp9pm_dSPUZk2iECQbc1WSLhpskeZqGIdYHsvgiW5CjOSlcetPPZwV5jD_JqD373kdZN... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQxNzk0NTEwOTc1Mjg2NjM1NQ&google_push=ATf1kGPYh0Zlfp9pm_dSPUZk2iECQbc1WSLhpskeZqGIdYHsvgiW5CjOSlcetPPZwV5jD_JqD373kd...	170 B 188 B	49ms 49ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQxNzk0NTEwOTc1Mjg2NjM1NQ&google_push=ATf1kGPYh0Zlfp9pm_dSPUZk2iECQbc1WSLhpskeZqGIdYHsvgiW5CjOSlcetPPZwV5jD_JqD373kdZNlmydxkj-2u5dtAb3udLLb-UEWWJ1b4FrmG1V0QgwO4oz53Egc76c3akRIeLnbnnXb6aiKa_-XZYGCw8 Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQxNzk0NTEwOTc1Mjg2NjM1NQ&google_push=ATf1kGPYh0Zlfp9pm_dSPUZk2iECQbc1WSLhpskeZqGIdYHsvgiW5CjOSlcetPPZwV5jD_JqD373kdZNlmydxkj-2u5dtAb3udLLb-UEWWJ1b4FrmG1V0QgwO4oz53Egc76c3akRIeLnbnnXb6aiKa_-XZYGCw8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	dds rtb.openx.net/sync/ Frame 5F5C	43 B 350 B	97ms 21ms	Image image/gif	35.227.252.103 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.openx.net/sync/dds?google_gid=CAESECoXYzP9got64UC-zZZLMow&google_cver=1&google_push=ATf1kGMoxqCRRQul-yCFR5_J5wpQjMB_KARRx8U315e73b6xlcLzFtFGykUzvUKTg8za7gN-Y1psQ_A4PvJr9auIav4CNdrG4MDAIHjN6_nRnqHs8covkI8uu04Dwka8Uuzh6eZ-AudM_X6uTCv_pWSrFq5lAEk Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 103.252.227.35.bc.googleusercontent.com Software Cowboy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-request-id 9i112ha1626ekuor15d5cg779r62eat6
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5F5C Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMZsMhcaFnEjHaH1vn2jHeg&google_cver=1&google_push=ATf1kGNBns6oB4SVmLlX6vz3lqHRimesehQvHCAO6w-lv0bv5qG4YMgJ1DiY6wOKmEvzEKQykyT... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyNTFVMkYtMVctNVZKWQ==&google_push=ATf1kGNBns6oB4SVmLlX6vz3lqHRimesehQvHCAO6w-lv0bv5qG4YMgJ1DiY6wOKmEvzEKQykyTo9RWOrbR4pQckcy61c-tPQvqxR...	170 B 188 B	47ms 46ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyNTFVMkYtMVctNVZKWQ==&google_push=ATf1kGNBns6oB4SVmLlX6vz3lqHRimesehQvHCAO6w-lv0bv5qG4YMgJ1DiY6wOKmEvzEKQykyTo9RWOrbR4pQckcy61c-tPQvqxRWu1tPCbZc6FR64H3AXUw6V63YgqDyozWafpEDZE71VoEZq0Rlr6P0bnJFU Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyNTFVMkYtMVctNVZKWQ==&google_push=ATf1kGNBns6oB4SVmLlX6vz3lqHRimesehQvHCAO6w-lv0bv5qG4YMgJ1DiY6wOKmEvzEKQykyTo9RWOrbR4pQckcy61c-tPQvqxRWu1tPCbZc6FR64H3AXUw6V63YgqDyozWafpEDZE71VoEZq0Rlr6P0bnJFU Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost c1913d0f161dfd12bb229b87994a2d1d Expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5F5C Redirect Chain https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJprHZ9PG4WA9u3ogzXcfvQ&google_cver=1&google_push=ATf1kGPjfqDWlAlUA8xIgqhe4OPi3KEvF-mRRoZv_s8izd3rpIgCTNtCnIT80sJfPJ... https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGPjfqDWlAlUA8xIgqhe4OPi3KEvF-mRRoZv_s8izd3rpIgCTNtCnIT80sJfPJP3DInw8TJCE3kEB-x3lP8UwcLtYJ9AAW_CMYElfRgyhsgG8N...	170 B 188 B	45ms 45ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGPjfqDWlAlUA8xIgqhe4OPi3KEvF-mRRoZv_s8izd3rpIgCTNtCnIT80sJfPJP3DInw8TJCE3kEB-x3lP8UwcLtYJ9AAW_CMYElfRgyhsgG8Nq4u-N1e6EwCj9ioj5vEb-DESh3uvXTTHsFwu_CNoXc0o33&google_hm=wQ-pAoWNRMiNJ7dLS2YUxa4 Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 29 Apr 2023 15:29:20 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGPjfqDWlAlUA8xIgqhe4OPi3KEvF-mRRoZv_s8izd3rpIgCTNtCnIT80sJfPJP3DInw8TJCE3kEB-x3lP8UwcLtYJ9AAW_CMYElfRgyhsgG8Nq4u-N1e6EwCj9ioj5vEb-DESh3uvXTTHsFwu_CNoXc0o33&google_hm=wQ-pAoWNRMiNJ7dLS2YUxa4 content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 5F5C	0 49 B	44ms 43ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jj9KrmynSmdJHRjo5zOg_2YTULTj0SXjFUH7oA9K6OhWkExN3uS2UxwkOv-MMgv8N0e4wl3A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	15269075886195852096 tpc.googlesyndication.com/daca_images/simgad/ Frame 13C9	25 KB 26 KB	124ms 123ms	Image image/jpeg	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/daca_images/simgad/15269075886195852096?w=360&h=640 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 70e298a1c0b5968518972b618df703874ac94a2ba5a7b4ee808c86c0f4f5de1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26087 x-xss-protection 0 last-modified Thu, 27 Apr 2023 21:54:51 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 06 May 2023 15:29:21 GMT
GET DATA	200 OK	truncated / Frame 13C9	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b2f5d8a46c29d199908d1ffcf54ee5c729d5c641c69433505cadd37680ba286a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H3	200	pixel cm.g.doubleclick.net/ Frame F60F Redirect Chain https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPqxxrtgqB0FvFCZwi2syNY&google_cver=1&google_push=ATf1kGMbWp-LPma-wPzmarwy-YgAABctxuTBe3XTmAS8rVnrFjGMdGNua0... https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGMbWp-LPma-wPzmarwy-YgAABctxuTBe3XTmAS8rVnrFjGMdGNua0ivWVbKBlICPedoYsCzDxPKMeMEA6SUxPT7xZAi2Rae&google_hm=URtEJw8vWl6h...	170 B 188 B	50ms 49ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGMbWp-LPma-wPzmarwy-YgAABctxuTBe3XTmAS8rVnrFjGMdGNua0ivWVbKBlICPedoYsCzDxPKMeMEA6SUxPT7xZAi2Rae&google_hm=URtEJw8vWl6hSIMmTMdReQ Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGMbWp-LPma-wPzmarwy-YgAABctxuTBe3XTmAS8rVnrFjGMdGNua0ivWVbKBlICPedoYsCzDxPKMeMEA6SUxPT7xZAi2Rae&google_hm=URtEJw8vWl6hSIMmTMdReQ pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT cache-control private, no-cache, no-store, proxy-revalidate strict-transport-security max-age=86400 content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame F60F Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEMrL7DWxc-cgUEBSou_j5Jk&google_cver=1&google_push=ATf1kGPHI_Z_9qSsvwtZCxpMJZ_CKFASfjgqC6WLQ5uizCV15WYY3UgAUy3q19tZWiaGB1i0doAszJmZTS9P0_9UQ4rO3BsRyckhW... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMrL7DWxc-cgUEBSou_j5Jk&google_cver=1&google_push=ATf1kGPHI_Z_9qSsvwtZCxpMJZ_CKFASfjgqC6WLQ5uizCV15WYY3UgAUy3q19tZWiaGB1i0doAszJmZTS9P0_9UQ4rO3BsRyck...	43 B 389 B	168ms 167ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMrL7DWxc-cgUEBSou_j5Jk&google_cver=1&google_push=ATf1kGPHI_Z_9qSsvwtZCxpMJZ_CKFASfjgqC6WLQ5uizCV15WYY3UgAUy3q19tZWiaGB1i0doAszJmZTS9P0_9UQ4rO3BsRyckhWA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPHI_Z_9qSsvwtZCxpMJZ_CKFASfjgqC6WLQ5uizCV15WYY3UgAUy3q19tZWiaGB1i0doAszJmZTS9P0_9UQ4rO3BsRyckhWA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Protocol H2 Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:22 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7bf89482582a9b8e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Sat, 29 Apr 2023 15:29:22 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 223 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMrL7DWxc-cgUEBSou_j5Jk&google_cver=1&google_push=ATf1kGPHI_Z_9qSsvwtZCxpMJZ_CKFASfjgqC6WLQ5uizCV15WYY3UgAUy3q19tZWiaGB1i0doAszJmZTS9P0_9UQ4rO3BsRyckhWA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPHI_Z_9qSsvwtZCxpMJZ_CKFASfjgqC6WLQ5uizCV15WYY3UgAUy3q19tZWiaGB1i0doAszJmZTS9P0_9UQ4rO3BsRyckhWA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7bf8947e9b4d9b8e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame F60F Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEEZC4x4FnywlJTpzo-y8MBQ&google_cver=1&google_push=ATf1kGNF6-LbifGNjAa5e7kiymIACNyIPdjU33YqMYl3iJn7QAucKEGeJpwfdHUND0nELquk8i2UfQmuJsWQJgJ5dVR7fgRLlK0k https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=44E68DECD42E44D0A4287041486D0A66&google_push=ATf1kGNF6-LbifGNjAa5e7kiymIACNyIPdjU33YqMYl3iJn7QAucKEGeJpwfdHUND0nELquk8i2UfQmuJsWQJgJ...	170 B 188 B	47ms 47ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=44E68DECD42E44D0A4287041486D0A66&google_push=ATf1kGNF6-LbifGNjAa5e7kiymIACNyIPdjU33YqMYl3iJn7QAucKEGeJpwfdHUND0nELquk8i2UfQmuJsWQJgJ5dVR7fgRLlK0k Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=44E68DECD42E44D0A4287041486D0A66&google_push=ATf1kGNF6-LbifGNjAa5e7kiymIACNyIPdjU33YqMYl3iJn7QAucKEGeJpwfdHUND0nELquk8i2UfQmuJsWQJgJ5dVR7fgRLlK0k access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 28 Apr 2023 15:29:21 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame F60F	70 B 264 B	32ms 31ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESELwamBKOLzRPtShZf2pVDgE&google_cver=1&google_push=ATf1kGNxasGYu4zcpGG7O0ObdtUjoBBro9AsSvSVjIjVu8spIGqggv4AiSaj9Y4r_m_YdP89IyOOX8IJUIYicB3xqV8g59OTXFRIKg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H3	200	pixel cm.g.doubleclick.net/ Frame F60F Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOdaK5tNAe5GUPAaSCSPu3A&google_cver=1&google_push=ATf1kGMqQG5EkRFr5oV21MIFSgCY0No93_gaTPqOJQcceaL1Fxy8SACNMM0EI-k0hlwgwaxIUIZPfN5xJl1vcSor_ESuPRH... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMqQG5EkRFr5oV21MIFSgCY0No93_gaTPqOJQcceaL1Fxy8SACNMM0EI-k0hlwgwaxIUIZPfN5xJl1vcSor_ESuPRHnqD2Ahg&google_hm=eS1EOHN6Q085RTJwR3J6...	170 B 188 B	46ms 46ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMqQG5EkRFr5oV21MIFSgCY0No93_gaTPqOJQcceaL1Fxy8SACNMM0EI-k0hlwgwaxIUIZPfN5xJl1vcSor_ESuPRHnqD2Ahg&google_hm=eS1EOHN6Q085RTJwR3J6Z0RMbDlOaExFYzN0bmxrLnhydX5B Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMqQG5EkRFr5oV21MIFSgCY0No93_gaTPqOJQcceaL1Fxy8SACNMM0EI-k0hlwgwaxIUIZPfN5xJl1vcSor_ESuPRHnqD2Ahg&google_hm=eS1EOHN6Q085RTJwR3J6Z0RMbDlOaExFYzN0bmxrLnhydX5B content-length 0
GET		googleredir googlecm.hit.gemius.pl/ Frame F60F	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame F60F Redirect Chain https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJprHZ9PG4WA9u3ogzXcfvQ&google_cver=1&google_push=ATf1kGMhm6qMs0l5p3CGEk-ujrY9Rz2riLDKkExY652HfPFTC0PTxj2i9MTULZzbpn... https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGMhm6qMs0l5p3CGEk-ujrY9Rz2riLDKkExY652HfPFTC0PTxj2i9MTULZzbpnh043R5ZZlTSJ4KARJqZZNKb10ICkp21dXotQ&google_hm=9...	170 B 188 B	48ms 48ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGMhm6qMs0l5p3CGEk-ujrY9Rz2riLDKkExY652HfPFTC0PTxj2i9MTULZzbpnh043R5ZZlTSJ4KARJqZZNKb10ICkp21dXotQ&google_hm=91Gw-SbnTYy16piV3xvyYK4 Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 29 Apr 2023 15:29:20 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGMhm6qMs0l5p3CGEk-ujrY9Rz2riLDKkExY652HfPFTC0PTxj2i9MTULZzbpnh043R5ZZlTSJ4KARJqZZNKb10ICkp21dXotQ&google_hm=91Gw-SbnTYy16piV3xvyYK4 content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame F60F	0 40 B	44ms 43ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IoSgw3O3UlSvx_UlIAY-uNUdgX4UJrBZAPeosAi_HSaxtz-DSOtrCVL0hblJq-7BPttAEfk6c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	shopping encrypted-tbn0.gstatic.com/ Frame 7B2B	46 KB 46 KB	128ms 36ms	Image image/jpeg	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR0BSLTILVPcGliPWZAV0Pns7a6kjMNnxLfvLgEpCcWSk3m14faJSdWfvo-_mQ&usqp=CAI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c0dd7721a0bb0b2d6fc81c7ffdf9269ed73c6aeb21cc0bf981d9518ec572d5b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 22 Apr 2023 22:33:49 GMT x-content-type-options nosniff age 579332 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46648 x-xss-protection 0 last-modified Fri, 01 Oct 2021 11:11:33 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Sun, 21 Apr 2024 22:33:49 GMT
GET DATA	200 OK	truncated / Frame 7B2B	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9c1e30f6eff991e56c6bb89d8057b61d7b75bd2aceefb3ed06552f6d9417017f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff static.criteo.net/design/dt/ Frame 8C68	46 KB 46 KB	50ms 17ms	Font application/octet-stream	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ Origin https://ads.eu.criteo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 02 Oct 2018 14:57:25 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5bb38755-b778" content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 23 Apr 2024 15:29:21 GMT
GET H2	200	0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff static.criteo.net/design/dt/ Frame 8C68	38 KB 38 KB	69ms 37ms	Font application/octet-stream	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ Origin https://ads.eu.criteo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Tue, 02 Oct 2018 14:57:25 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5bb38755-97a8" content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 23 Apr 2024 15:29:21 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	3 KB 4 KB	94ms 55ms	Image image/png	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9764%2F230413%2Fb8a0d8b433a241a9a4040de9c279f11d_logo_n_horizontal_4.png&v=3&w=196&s=cSnGdoDJMFET_glyV8wkWIQ9 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash c239f25cc0dd9c52307c39af6ff09742b27dc765f8e5693c1bf70b42462fa5d6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/png cache-control public, max-age=31104000 content-length 3486 expires Sun, 07 Apr 2024 13:26:32 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	59 KB 59 KB	75ms 37ms	Image image/webp	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9764%2F230413%2F242cee3bd67c48b3b7d4eeb5606437f9_img_horizontal_1.jpg&v=3&w=1200&s=EzjVbNuiqfcdYNafqx_5Na3j Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash a6aa3fc50401f434cb70bf68c36f865b6eb8947cc7681e4840da98e13aab1f5d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=31104000 content-length 60640 expires Sun, 07 Apr 2024 13:29:39 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	16 KB 16 KB	68ms 30ms	Image image/webp	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21162365-yrNmQ9w0.jpg&v=3&w=400&s=6t1maaou8A9NZFKX2B3R43T1&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 494ef9e4b95925188824b7a179ac999ce5584b5099e6fc77d111a315f2b28c78 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=604800 content-length 16544 expires Wed, 03 May 2023 19:02:55 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	11 KB 11 KB	105ms 67ms	Image image/webp	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1647506498%2F22048097-5msWjpp7.jpg&v=3&w=400&s=l48n26a2Z4jDdKGm8gPT-1Cc&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash ca4dcd447e5ade19863ed0bb6002c8914e2032a5c77904c87d82defcbc399894 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=604800 content-length 11246 expires Thu, 04 May 2023 06:07:02 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	23 KB 23 KB	93ms 56ms	Image image/webp	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22053646-zjIwJThV.jpg&v=3&w=400&s=5vBvuRFjcbo7IUwMiLo0p0QF&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash dfd723abf14651c6e34321f5366ad813b349fda8475708e4f8b75899991aeca3 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:20 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=604800 content-length 23398 expires Wed, 03 May 2023 07:10:29 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	41 KB 41 KB	105ms 68ms	Image image/webp	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1673384405%2F22263227-iTm90aPX.jpg&v=3&w=400&s=dYkugXFkfiTy8v0wZGnh-WlQ&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash cb1614c6c261f3a653a07408382857b6ff064dff5f6039cc9365839b4f30d539 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=604800 content-length 41968 expires Wed, 03 May 2023 14:54:16 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	16 KB 16 KB	55ms 54ms	Image image/webp	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17030991-ze8e3BwJ.jpg&v=3&w=400&s=1PDxVg78VP7zLv6XO7qitp1b&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash ae0e167e3a1df2df68548cdd1513f36e5c2c9e7dd9f90f81b6d8aa70ba1bb9d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=604800 content-length 16526 expires Wed, 03 May 2023 15:59:59 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	8 KB 8 KB	64ms 63ms	Image image/webp	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22104666-Ys5iqi9m.jpg&v=3&w=400&s=6F5oQog4V6HrUA_vTaBqTgPe&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash c2c6d1275da015436cc86e9f25add26f2aede5ac2f1c520e206e2c5bbd1d2642 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=604800 content-length 8160 expires Fri, 05 May 2023 08:20:51 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	23 KB 24 KB	59ms 58ms	Image image/webp	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1675803601%2F23019073-k1cWSMa2.jpg&v=3&w=400&s=LKDmdg2q8YK6D-ogTksEHRIV&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 813632fb6e6b1d042292fc838a96cce6e5b3ab3fea07afca4df54f0fffc8ead6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:20 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=604800 content-length 23964 expires Sat, 06 May 2023 05:47:53 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	10 KB 11 KB	57ms 56ms	Image image/webp	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1643728715%2F22021102-t51XVg7n.jpg&v=3&w=400&s=mB1OYxVmyBPnbkVkvyBCl4TR&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash e89deeefb29af7810404fc1a6345f094c87788afd9c233f5076a5082e09bb1f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=604800 content-length 10594 expires Wed, 03 May 2023 16:14:13 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	11 KB 11 KB	58ms 57ms	Image image/webp	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1680078345%2F23040092-LHo61Gnt.jpg&v=3&w=400&s=3PQyRYQjy8-AaV-SU6fJEJfU&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash a956c5bf0fb8afa32be0651e2c6195651d676d7a4a74c8c58de727df47fc9dc2 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=604800 content-length 11320 expires Fri, 05 May 2023 09:17:16 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	16 KB 16 KB	61ms 60ms	Image image/webp	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22030245-EAvDhmpo.jpg&v=3&w=400&s=Isj1jfDKZl12JaGS-MZGzlw4&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 7d2e2fe670b26521a71b90e96c21fa97307316fdc732a4152cfad3d9613b4596 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=604800 content-length 16688 expires Wed, 03 May 2023 13:37:24 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	11 KB 11 KB	65ms 64ms	Image image/webp	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20075406-Meqsn9DS.jpg&v=3&w=400&s=PqRq7E6w26TXlhItDu3N3keS&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 7e55a8d4fe1a85d45a9c047086f7abd26e36aa2cbd068303ea4252e82c1340ef Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=604800 content-length 11002 expires Thu, 04 May 2023 16:16:01 GMT
GET H2	200	img imageproxy.eu.criteo.net/img/ Frame 8C68	12 KB 12 KB	67ms 66ms	Image image/webp	2a02:2638:d::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23060011-aEoE8XKS.jpg&v=3&w=400&s=Zex-_a49E4I-iK8b2T9IzBsG&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4b79505bcb724660396f36565e75e09a045c4566331fadeaf9e2978ebebd90ce Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; preload; last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel content-type image/webp cache-control public, max-age=604800 content-length 12090 expires Fri, 05 May 2023 06:12:10 GMT
POST H2	200	all csm.eu.criteo.net/ Frame 8C68	0 128 B	50ms 15ms	Ping text/plain	2a02:2638:3::1a ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=jMpexkBDeL3TAhznpoO2SgJtrmTpwnTCSyNgoFWHBUHSDgcEI4tEl6Ae9qB7qtERMuID9LQ6I6HsRZQ4hHK5G7QIIzWXfs-f5nrlL7wtD76yfn1BJ8_PO8Y9u_p75m57cgLcbalkXjcNI-LLBQHoDpI1-RbQcrNSNUH1ryvwxLGdz3BpDaoht51E3GJ4Qy3UPInbnJMP6y0I0A178RZETnd-b6KzhJg-6Wyy7kRDquOzppjuodslQmcLOrQRgqmQqhc6JQ&sds=2&rev=86118&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sat, 29 Apr 2023 15:29:20 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame 8C68	2 KB 1 KB	16ms 16ms	Image image/svg+xml	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 23 Apr 2024 15:29:21 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame 8C68	2 KB 1 KB	17ms 17ms	Image image/svg+xml	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Tue, 23 Apr 2024 15:29:21 GMT
GET H3	200	hnY7PzTjWh4XksTeMflqXiPWVUSZPNkbpYPulxtDGE8.js Show response pagead2.googlesyndication.com/bg/ Frame EA33	36 KB 14 KB	36ms 35ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hnY7PzTjWh4XksTeMflqXiPWVUSZPNkbpYPulxtDGE8.js Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 86763b3f34e35a1e1792c4de31f96a5e23d65544993cd91ba583ee971b43184f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 26 Apr 2023 20:31:22 GMT content-encoding br x-content-type-options nosniff age 241079 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14132 x-xss-protection 0 last-modified Tue, 25 Apr 2023 09:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 25 Apr 2024 20:31:22 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame DD33 Redirect Chain https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPqxxrtgqB0FvFCZwi2syNY&google_cver=1&google_push=ATf1kGMzp7Bg5dXieZIfU0tIUzbQuL_NEKQ8nNLSX5Kk9PraPT6wPfsM-w... https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGMzp7Bg5dXieZIfU0tIUzbQuL_NEKQ8nNLSX5Kk9PraPT6wPfsM-wPYq4Ij0i1TJAYu_D7WJn0eXSlTo-wNhuyD8OCB9RG7NQ&google_hm=URtEJw8vWl...	170 B 188 B	51ms 51ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGMzp7Bg5dXieZIfU0tIUzbQuL_NEKQ8nNLSX5Kk9PraPT6wPfsM-wPYq4Ij0i1TJAYu_D7WJn0eXSlTo-wNhuyD8OCB9RG7NQ&google_hm=URtEJw8vWl6hSIMmTMdReQ Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGMzp7Bg5dXieZIfU0tIUzbQuL_NEKQ8nNLSX5Kk9PraPT6wPfsM-wPYq4Ij0i1TJAYu_D7WJn0eXSlTo-wNhuyD8OCB9RG7NQ&google_hm=URtEJw8vWl6hSIMmTMdReQ pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT cache-control private, no-cache, no-store, proxy-revalidate strict-transport-security max-age=86400 content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	204	current dclk-match.dotomi.com/match/bounce/ Frame DD33	0 103 B	17ms 14ms	Image text/plain	2a02:fa8:8806:13::1370 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIMx8PAthqLtUe3HSZ7zDY0&google_cver=1&google_push=ATf1kGMqmmftEO0aUSx5p7IX4S5mXP3DzOG_zpTcc_vXXnAyzaOZk1vFvheksd8XruRFUfH0HgfY1_c7nn8eEqly0CJf3DviwlGnqg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame DD33 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBpecqK1jS-ChvS4_FJNEGE&google_push=ATf1kGOJjZLznEQToWAkSg9IXsnue9I89zAAbIyyUXVCw8d18mnz-_JyaI...	170 B 188 B	46ms 46ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBpecqK1jS-ChvS4_FJNEGE&google_push=ATf1kGOJjZLznEQToWAkSg9IXsnue9I89zAAbIyyUXVCw8d18mnz-_JyaIbhzGPiUtZUXElC_aZwD8jcm7C2j7TNhHNzxrlSKndHqQ Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-fra-eddf8230072-FRA pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1682782162.804369,VS0,VE93 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBpecqK1jS-ChvS4_FJNEGE&google_push=ATf1kGOJjZLznEQToWAkSg9IXsnue9I89zAAbIyyUXVCw8d18mnz-_JyaIbhzGPiUtZUXElC_aZwD8jcm7C2j7TNhHNzxrlSKndHqQ cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame DD33 Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEEZC4x4FnywlJTpzo-y8MBQ&google_cver=1&google_push=ATf1kGM8gyEAknWDvWk5DCKPaoJxO52T2PDex0EJdl6fhEKAkWveIWNdOCE-3E1XY3AoKDRuH7aT8A7V7Lk8s7m67MDaGr02aO5c-A https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=44E68DECD42E44D0A4287041486D0A66&google_push=ATf1kGM8gyEAknWDvWk5DCKPaoJxO52T2PDex0EJdl6fhEKAkWveIWNdOCE-3E1XY3AoKDRuH7aT8A7V7Lk8s7m...	170 B 188 B	53ms 53ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=44E68DECD42E44D0A4287041486D0A66&google_push=ATf1kGM8gyEAknWDvWk5DCKPaoJxO52T2PDex0EJdl6fhEKAkWveIWNdOCE-3E1XY3AoKDRuH7aT8A7V7Lk8s7m67MDaGr02aO5c-A Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=44E68DECD42E44D0A4287041486D0A66&google_push=ATf1kGM8gyEAknWDvWk5DCKPaoJxO52T2PDex0EJdl6fhEKAkWveIWNdOCE-3E1XY3AoKDRuH7aT8A7V7Lk8s7m67MDaGr02aO5c-A access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Fri, 28 Apr 2023 15:29:21 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame DD33 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOdaK5tNAe5GUPAaSCSPu3A&google_cver=1&google_push=ATf1kGNq-s9RsgjajWFnqEUz_WWMOWtiTaL9ogbIi7LTDIwh0_sySsCMpGhm-v1ALgQM8oXPfWXjPVMR-1su5eRahvr0Xk8... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNq-s9RsgjajWFnqEUz_WWMOWtiTaL9ogbIi7LTDIwh0_sySsCMpGhm-v1ALgQM8oXPfWXjPVMR-1su5eRahvr0Xk8Nr4nqvQ&google_hm=eS1KcG80X0pwRTJwRzBw...	170 B 188 B	46ms 45ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNq-s9RsgjajWFnqEUz_WWMOWtiTaL9ogbIi7LTDIwh0_sySsCMpGhm-v1ALgQM8oXPfWXjPVMR-1su5eRahvr0Xk8Nr4nqvQ&google_hm=eS1KcG80X0pwRTJwRzBwZzJ0NnQ5YnFqZXF1S0lMdFEuUH5B Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNq-s9RsgjajWFnqEUz_WWMOWtiTaL9ogbIi7LTDIwh0_sySsCMpGhm-v1ALgQM8oXPfWXjPVMR-1su5eRahvr0Xk8Nr4nqvQ&google_hm=eS1KcG80X0pwRTJwRzBwZzJ0NnQ5YnFqZXF1S0lMdFEuUH5B content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame DD33 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEARJyxUIlYEBz04DqQGrtk8&google_cver=1&google_push=ATf1kGObeepDYZa5kAsr--vm9-v5etOPKVAMk20kbvZNbNzYI67ceMUV01F0D6ZuICWzlv9jdKzRHPyf... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQxNzk0NTEwOTc1Mjg2NjM1NQ&google_push=ATf1kGObeepDYZa5kAsr--vm9-v5etOPKVAMk20kbvZNbNzYI67ceMUV01F0D6ZuICWzlv9jdKzRHP...	170 B 188 B	46ms 46ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQxNzk0NTEwOTc1Mjg2NjM1NQ&google_push=ATf1kGObeepDYZa5kAsr--vm9-v5etOPKVAMk20kbvZNbNzYI67ceMUV01F0D6ZuICWzlv9jdKzRHPyfyhrNGrk-3JsIDm7kbne1BA Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQxNzk0NTEwOTc1Mjg2NjM1NQ&google_push=ATf1kGObeepDYZa5kAsr--vm9-v5etOPKVAMk20kbvZNbNzYI67ceMUV01F0D6ZuICWzlv9jdKzRHPyfyhrNGrk-3JsIDm7kbne1BA access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	dds rtb.openx.net/sync/ Frame DD33	43 B 135 B	26ms 23ms	Image image/gif	35.227.252.103 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.openx.net/sync/dds?google_gid=CAESECoXYzP9got64UC-zZZLMow&google_cver=1&google_push=ATf1kGP_P0Lw3oxHpUMNEjzZv74suINRqtjs0zl6wbFWi6QQXqpOBjgbMvXtRUZgQgvy70Ir4IWvSLat4Yt5hNDTXTvs_zEIAwSm Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 103.252.227.35.bc.googleusercontent.com Software Cowboy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:21 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-request-id k4n9idfsjcphbhmk2pum0chdk20feuff
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame DD33	0 12 B	45ms 42ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTpjg1Bm78lMNDzH1VNzIV47PVadYc1DcThM8Pw74kuaf5jll-dqBRS4B1L3DiYsoRiLEx Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 15:29:21 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 13C9	0 19 B	81ms 80ms	Image text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=C4iOTzzdNZLzDHObTtOUPwPWP4Aur64_wb--W6LvkEWQQASC30PobYJXikIKgB6ABqLHf9gHIAQGpAvfVlw-_fLI-qAMByAPLBKoE3wFP0Lu63fvVOsqt2-RG-YUygQTq7vCODPbYqCxdds1iOQXZacfC9AunPOC6QeAk94IlCKlF1lhm2mCA5qEQpAjUeZmuYTlnPQ8g2AWOGapSMRx2_wA6Y-iBFxYqWD032Zh4JYLTod3z--qISQ2jGX6eHWt77kUx18ktm_PwooZ-dsKUOVBygG_AwYzZtXM7tROdumgXUoX_fZ5iHUKZksf8yRqMF00i9ZJC_jgrMqu_cc2llv9TwIyHMMObDy9OMy9TkVOGg4ufdGkQgLNd3-Nemo3IRTjueKLos6L3iX5YwASGmuvDoASSBQQIBBgBkgUECAUYBKAGAoAHwM6giQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCTkBbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi0xNDk1MjcyMjY0OTQ2NjkzGAA&sigh=b1CBY6feQlQ&uach_m=[UACH]&cid=CAQSPABygQiDc5in8kj_a7xH6JlOGma5GY5oyhNHoztBqB9sOlcwsxBIsd82vdWyrdCJ9xAaEDJVhDJKU5Cl4xgB&vis=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sat, 29 Apr 2023 15:29:21 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 7B2B	0 19 B	84ms 84ms	Image text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CaviYzzdNZL3DHObTtOUPwPWP4Auf76KdcL_0haOWEdzpxvfyORABILfQ-htgleKQgqAHoAG_6dbMA8gBBqkC_I2n-WEVtT6oAwHIAwKqBM8BT9Bu2LuRJzYeihLLxyMDdUgpL1QJlJrqmiDvCx-1M3hMN4w_5PGbfa3Wi22GyCnuvTdtfP5_zdX2awejP-4A5-UjBg5ilpm6fIIkdldRw3ZQD2LETCo8Tuhw7J5s0KHoHI0JHqOPVcEi182nbosECCTBkif6Mkvou4-rziO6bwEdeLP_oSzOWOxgJjYSXykDqWgfJTefQHfM7LkxO-XTZzgAHVM92PweKwQeB0rH-oAdybsNQwwXUPVg7aH15UJsxpRLSo4LRQSZ0cIEwfxqwASiwYbzmgSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHveKr4AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQyJ4N0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGYDLzbiNGMBMITBhi_6dbMA9gTDtAVAYAXAbIXHAoaCAASFHB1Yi0xNDk1MjcyMjY0OTQ2NjkzGAA&sigh=FiRWENmOq3I&uach_m=[UACH]&cid=CAQSPABygQiDc5in8kj_a7xH6JlOGma5GY5oyhNHoztBqB9sOlcwsxBIsd82vdWyrdCJ9xAaEDJVhDJKU5Cl4xgB&template_id=493&vis=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sat, 29 Apr 2023 15:29:21 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame D475 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	52ms 51ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 29 Apr 2023 15:29:21 GMT expires Sat, 29 Apr 2023 15:29:21 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 29 Apr 2023 15:29:21 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	hnY7PzTjWh4XksTeMflqXiPWVUSZPNkbpYPulxtDGE8.js Show response pagead2.googlesyndication.com/bg/ Frame D6C7	36 KB 14 KB	37ms 37ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hnY7PzTjWh4XksTeMflqXiPWVUSZPNkbpYPulxtDGE8.js Requested by Host: dom-me4ty.ru URL: https://dom-me4ty.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 86763b3f34e35a1e1792c4de31f96a5e23d65544993cd91ba583ee971b43184f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 26 Apr 2023 20:31:22 GMT content-encoding br x-content-type-options nosniff age 241079 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14132 x-xss-protection 0 last-modified Tue, 25 Apr 2023 09:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 25 Apr 2024 20:31:22 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B405	42 B 64 B	136ms 136ms	Fetch image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzMyXaErj5v-O663PX18hGeXidJSK_bkyjtFC6IcnNcpqx9I80-dxFQJfMgRYghWiKj4xMILWxKFP7aMf8wn3OM7Q&sig=Cg0ArKJSzI2pMSa6r-qnEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=152,750,1000,1110,1110&tos=152,598,250,110,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682782161299&rpt=285&met=ie&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:22 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 13C9	42 B 64 B	150ms 150ms	Fetch image/gif	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8XBvwqvsj7X9MaM2fBoxa4BVPunxHdbR494xmeRIS2_VaVg4QKlhnneut1NSNeK1Mo96nmQ2cr97wHLg9krSl5U7_Ei5iYTApY-aTiSS7voDCqcZNw2nNpPteZ5-naT7bFX33xg&sai=AMfl-YRWhcc4KoAkjTEUU5M-5wKrQwD_PbmDd0qTk2xrysfg-48U8Oy3YjEOuHKLh_ABZc9Zj1nnsgZQz9kiNvb3JxWCW2oW7mhTDqmsaxRImXRz74GqHtp2rk3SJdGj&sig=Cg0ArKJSzAbG3qnkb2QKEAE&cid=CAQSPABygQiDc5in8kj_a7xH6JlOGma5GY5oyhNHoztBqB9sOlcwsxBIsd82vdWyrdCJ9xAaEDJVhDJKU5Cl4xgB&id=lidar2&mcvt=1000&p=-72,0,428,200&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682782161286&rpt=394&met=mue&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sat, 29 Apr 2023 15:29:22 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	all csm.eu.criteo.net/ Frame 8C68	0 127 B	14ms 14ms	Ping text/plain	2a02:2638:3::1a ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=jMpexkBDeL3TAhznpoO2SgJtrmTpwnTCSyNgoFWHBUHSDgcEI4tEl6Ae9qB7qtERMuID9LQ6I6HsRZQ4hHK5G7QIIzWXfs-f5nrlL7wtD76yfn1BJ8_PO8Y9u_p75m57cgLcbalkXjcNI-LLBQHoDpI1-RbQcrNSNUH1ryvwxLGdz3BpDaoht51E3GJ4Qy3UPInbnJMP6y0I0A178RZETnd-b6KzhJg-6Wyy7kRDquOzppjuodslQmcLOrQRgqmQqhc6JQ&sds=2&rev=86118&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZE03zwAHIb4GrSnmAAP6wNULPdbwa1SJwpW9rg&u=%7CNVz14cE6DYteAmTWDpvufWM84Ekrq6gjL1V%2BtNYMIKU%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6w-T3sW2Y1gQIySgVGJjM1l6zQmmyPJDmFB0yJoNdddLfYOtNLYQx6iagR539bhRhKZG0yPTrMzMD-OsNrfL6WbgfhexJeYTiFicscJWXE-LQKfVpeo1PfeLQISJ46srx0h5KO2Z85lBdVHzLDjYoGO45GGpcyyuusyvdmZZtDlFbvKUW0oxo_tTfIM6Y3lx71mi_yb4RYLvKDh_vRVBdgfCbqNjGlT8zY6iTUsNl4F2IwSYQERvQGZuY-JVFpS5HR_np6l6rrMNrqwI9YU8sdtWvqG21XVPwMVMbTLI1pWWJ075XXfPh-leAb7FrGHxoTFNg4puRQO6k0oAgj_Idurjk8mtff4wdyzyHTDYpiv1lQeN0KHwfkZwjcdGWto51n68ed2BI1zFvEnwh_Qj261pGMr9rzqql-Dbvb39UvO8MOl3F_1NpPObCmw7NEDPvbEiNqM6gZToP9ed6CibnH3aePSiTqAhqwT_YEd-dTN5sgSinMn_A4PV0I7ADSA0jkiwPq930ZhOTixo2Jcdxpa-iVRNbl9ByQtUZAMfTc0E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz9spzzdNZL7DHObTtOUPwPWP4AvJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTE0OTUyNzIyNjQ5NDY2OTPIAQmpAvfVlw-_fLI-qAMBqgS9AU_QF3vrrTfoJM3aJipzpGXhJNjaeq2lKafnAQHH2xyR1o8uwrYv_Z5jEswUFgCnn_CuuKZjNRPOxLuSoKXIrPKZWCJeBiOHJq8Tr9rHXVMs4vpXeR6jeYpa22D3ZalVykvP2vaXMuSj0xuh8IyibDS-1yim2M103SjLX-Wzk8A-lqfzh3az4T-HW-DmrjSQ4bsP69-pUofRvA_reo_ImGSFqzDksf3LXcX978k4oZvKU4KNYbYsYHSRAIG29oAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Diw_R-eOzfH3iomNSOncCrRm8JQ%26client%3Dca-pub-1495272264946693%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Sat, 29 Apr 2023 15:29:22 GMT strict-transport-security max-age=31536000; preload; cross-origin-resource-policy cross-origin server Finatra content-length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

googlecm.hit.gemius.pl

URL

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIbugt_w02GdrtJl4wyl20g&google_cver=1&google_push=ATf1kGPIkwIXcTYvI4BV5qUHVEPO-i84o-2h2FDWPo8W2mjVHYlYtIIgebphXtbJfKRNS1ROe15eoiWh2_5QNlg2ntLQSFBunfUc7Lk