urlscan.io logo urlscan.io
SecurityTrails logo

xn--80atb.net Open in urlscan Pro Puny
как.net IDN
79.98.104.13  Public Scan

Go To Rescan Add Verdict Report
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1...
Submission: On December 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 35 HTTP transactions. The main IP is 79.98.104.13, located in Sofia, Bulgaria and belongs to DELTA-BG-AS Delta HighTech Ltd., BG. The main domain is xn--80atb.net.
TLS certificate: Issued by R11 on December 8th 2024. Valid for: 3 months.
This is the only time xn--80atb.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    79.98.104.13 (Sofia, Bulgaria)

ASN8860 (DELTA-BG-AS Delta HighTech Ltd., BG)
PTR: jump10.jump.bg
xn--80atb.net
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    2606:4700:20::681a:e5c (United States)

ASN13335 (CLOUDFLARENET, US)
d.plerdy.com
a.plerdy.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
4    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 xn--80atb.net
xn--80atb.net
318 KB
9 plerdy.com
d.plerdy.com — Cisco Umbrella Rank: 87189
a.plerdy.com — Cisco Umbrella Rank: 55963
106 KB
4 gstatic.com
fonts.gstatic.com
146 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
138 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
249 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
6 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
105 KB
35 9
Domain Requested by
12 xn--80atb.net 1 redirects xn--80atb.net
6 a.plerdy.com d.plerdy.com
a.plerdy.com
4 fonts.gstatic.com xn--80atb.net
fonts.googleapis.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 d.plerdy.com xn--80atb.net
a.plerdy.com
3 pagead2.googlesyndication.com xn--80atb.net
pagead2.googlesyndication.com
1 lh3.googleusercontent.com xn--80atb.net
1 fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com xn--80atb.net
35 10

This site contains links to these domains. Also see Links.

Domain
ots.mon.bg
Subject Issuer Validity Valid
autodiscover.xn--80atb.net
R11		 2024-12-08 -
2025-03-08		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
plerdy.com
WE1		 2024-10-22 -
2025-01-20		 3 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Frame ID: E4465397D7360A49D21880A8FE365D6E
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Как се пише молба за отсъствия по семейни причини?

Page URL History Show full URLs

  1. https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d... HTTP 301
    https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

35
Requests

100 %
HTTPS

89 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

1073 kB
Transfer

3255 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f HTTP 301
    https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Redirect Chain
  • https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f
  • https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
58 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.13 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS Delta HighTech Ltd., BG),
Reverse DNS
jump10.jump.bg
Software
LiteSpeed / PHP/8.0.30
Resource Hash
f6d473dca399220a898c53787b158b4f4f5f49b2bbb3b48bbd5fcdcf148ef9d0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 Dec 2024 09:04:00 GMT
last-modified
Thu, 12 Dec 2024 16:49:06 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
wpo-cache-status
cached
x-powered-by
PHP/8.0.30

Redirect headers

cache-control
private, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 13 Dec 2024 09:04:00 GMT
location
https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
server
LiteSpeed
vary
User-Agent
x-pingback
https://xn--80atb.net/xmlrpc.php
x-powered-by
PHP/8.0.30
x-redirect-by
WordPress
ratemypost.ttf
xn--80atb.net/wp-content/plugins/rate-my-post/public/css/fonts/ 		5 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xn--80atb.net/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.13 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS Delta HighTech Ltd., BG),
Reverse DNS
jump10.jump.bg
Software
LiteSpeed /
Resource Hash
40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xn--80atb.net
Referer
https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
expires
Sat, 13 Dec 2025 09:04:00 GMT
accept-ranges
bytes
content-length
2996
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
font/ttf
last-modified
Mon, 12 Aug 2024 12:02:01 GMT
vary
Accept-Encoding,User-Agent
server
LiteSpeed
wpo-minify-header-3b3a50bb.min.css
xn--80atb.net/wp-content/cache/wpo-minify/1731506058/assets/ 		203 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn--80atb.net/wp-content/cache/wpo-minify/1731506058/assets/wpo-minify-header-3b3a50bb.min.css
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.13 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS Delta HighTech Ltd., BG),
Reverse DNS
jump10.jump.bg
Software
LiteSpeed /
Resource Hash
0952dd64fe574b97b3a9b4b9bb2c0ad46547efd14ae8eec1c14c20cd6b286e07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/

Response headers

cache-control
public
content-encoding
br
expires
Fri, 10 Jan 2025 09:04:00 GMT
accept-ranges
bytes
content-length
28356
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 14:37:17 GMT
vary
Accept-Encoding,User-Agent
server
LiteSpeed
wpo-minify-header-c614136f.min.js
xn--80atb.net/wp-content/cache/wpo-minify/1731506058/assets/ 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--80atb.net/wp-content/cache/wpo-minify/1731506058/assets/wpo-minify-header-c614136f.min.js
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.13 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS Delta HighTech Ltd., BG),
Reverse DNS
jump10.jump.bg
Software
LiteSpeed /
Resource Hash
f937757f256c1c71199b8b291c41a42529c85710f6a6bf698c7febc2aaced1e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/

Response headers

cache-control
private
content-encoding
br
expires
Fri, 10 Jan 2025 09:04:00 GMT
accept-ranges
bytes
content-length
34502
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 13:54:45 GMT
vary
Accept-Encoding,User-Agent
server
LiteSpeed
js
www.googletagmanager.com/gtag/ 		310 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8EXRVRK6GL
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83092b42a49339b17616c3fdbd15a41859a8df7b1a1ca7ac9de62e5198ba7a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 13 Dec 2024 09:04:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107028
x-xss-protection
0
server
Google Tag Manager
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4356309995287631&host=ca-host-pub-2644536267352236
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
854f2e19b9eee120b6f15de81a6a7ffd3a4eb1a48297a101e7df26b72fbf8e6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xn--80atb.net
Referer
https://xn--80atb.net/

Response headers

content-encoding
br
etag
13442764517647431087
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 09:04:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53769
x-xss-protection
0
server
cafe
%D0%BA%D0%B0%D0%BA-%D1%81%D0%B5-%D0%BF%D0%B8%D1%88%D0%B5-%D0%BC%D0%BE%D0%BB%D0%B1%D0%B0-%D0%B7%D0%B0-%D0%BE%D1%82%D1%81%D1%8A%D1%81%D1%82%D0%B2%D0%B8%D1%8F-%D0%BF%D0%BE-%D1%81%D0%B5%D0%BC%D0%B5%D0%...
xn--80atb.net/wp-content/uploads/2021/11/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--80atb.net/wp-content/uploads/2021/11/%D0%BA%D0%B0%D0%BA-%D1%81%D0%B5-%D0%BF%D0%B8%D1%88%D0%B5-%D0%BC%D0%BE%D0%BB%D0%B1%D0%B0-%D0%B7%D0%B0-%D0%BE%D1%82%D1%81%D1%8A%D1%81%D1%82%D0%B2%D0%B8%D1%8F-%D0%BF%D0%BE-%D1%81%D0%B5%D0%BC%D0%B5%D0%B9%D0%BD%D0%B8-%D0%BF%D1%80%D0%B8%D1%87%D0%B8%D0%BD%D0%B8.jpg
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.13 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS Delta HighTech Ltd., BG),
Reverse DNS
jump10.jump.bg
Software
LiteSpeed /
Resource Hash
f2e21b8e79e842adf80a3a6d45c51018ca4abcedc9e91dc8db25886cf8881c50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/

Response headers

cache-control
public
expires
Fri, 10 Jan 2025 09:04:00 GMT
accept-ranges
bytes
content-length
115648
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
image/jpeg
last-modified
Thu, 19 Jan 2023 13:45:39 GMT
server
LiteSpeed
vary
User-Agent
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4356309995287631
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e6d3f4e540097c155e2f12f4c0af8537705ff6016173768993b49b0f3d307f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xn--80atb.net
Referer
https://xn--80atb.net/

Response headers

content-encoding
br
etag
18241470178334782466
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 09:04:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53771
x-xss-protection
0
server
cafe
wpo-minify-footer-c46159ee.min.js
xn--80atb.net/wp-content/cache/wpo-minify/1731506058/assets/ 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--80atb.net/wp-content/cache/wpo-minify/1731506058/assets/wpo-minify-footer-c46159ee.min.js
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.13 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS Delta HighTech Ltd., BG),
Reverse DNS
jump10.jump.bg
Software
LiteSpeed /
Resource Hash
3d5a52512ea507f078243d9b0687176ffa4d5964bfa29f1f9e5c8595146734f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/

Response headers

cache-control
private
content-encoding
br
expires
Fri, 10 Jan 2025 09:04:00 GMT
accept-ranges
bytes
content-length
22852
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 13:54:45 GMT
vary
Accept-Encoding,User-Agent
server
LiteSpeed
genericons-neue.svg
xn--80atb.net/wp-content/themes/donovan/assets/icons/ 		27 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xn--80atb.net/wp-content/themes/donovan/assets/icons/genericons-neue.svg
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.13 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS Delta HighTech Ltd., BG),
Reverse DNS
jump10.jump.bg
Software
LiteSpeed /
Resource Hash
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
expires
Sat, 13 Dec 2025 09:04:00 GMT
accept-ranges
bytes
content-length
7800
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
image/svg+xml
last-modified
Thu, 19 Jan 2023 14:04:46 GMT
vary
Accept-Encoding,User-Agent
server
LiteSpeed
main.js
d.plerdy.com/public/js/click/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.plerdy.com/public/js/click/main.js?v=0.36175111832817564
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da60fd09fa9fa5756db050bcd2f2eb54248f905a32a43d434abb4349cb4a0230

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"67557688-2014"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m4PoDv%2BBWGueVJOWEEtThA18ZxVPcMAkqsUg7QUnu%2Bcdu4Z3MqiDiyQ3VkbfX7UfxdyhZ4Cr7kj%2BPJM68nXiHkBmeAid5EuvopJqQJ077hnIn2ANinSo4hDVUhqBvPFiIerHqVEMEgtWkw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22521&min_rtt=22516&rtt_var=8453&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4248&recv_bytes=4196&delivery_rate=137965&cwnd=12000&unsent_bytes=0&cid=ca1ab3f710ce0386&ts=46&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sun, 08 Dec 2024 10:35:52 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f14c8c3aaa3d3c2-FRA
access-control-allow-origin
*
server
cloudflare
1Ptug8zYS_SKggPNyC0ITw.woff2
xn--80atb.net/wp-content/fonts/raleway/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xn--80atb.net/wp-content/fonts/raleway/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/wp-content/cache/wpo-minify/1731506058/assets/wpo-minify-header-3b3a50bb.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.13 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS Delta HighTech Ltd., BG),
Reverse DNS
jump10.jump.bg
Software
LiteSpeed /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xn--80atb.net
Referer
https://xn--80atb.net/wp-content/cache/wpo-minify/1731506058/assets/wpo-minify-header-3b3a50bb.min.css

Response headers

cache-control
public, max-age=31536000
expires
Sat, 13 Dec 2025 09:04:00 GMT
accept-ranges
bytes
content-length
46524
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
font/woff2
last-modified
Thu, 19 Jan 2023 14:25:45 GMT
server
LiteSpeed
vary
User-Agent
1Ptug8zYS_SKggPNyCkIT5lu.woff2
xn--80atb.net/wp-content/fonts/raleway/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xn--80atb.net/wp-content/fonts/raleway/1Ptug8zYS_SKggPNyCkIT5lu.woff2
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/wp-content/cache/wpo-minify/1731506058/assets/wpo-minify-header-3b3a50bb.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.13 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS Delta HighTech Ltd., BG),
Reverse DNS
jump10.jump.bg
Software
LiteSpeed /
Resource Hash
3aaa08d1c1434c3dd80f3ae7b73884fd1570ddc777b9bc2beaeeb1648373cffd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xn--80atb.net
Referer
https://xn--80atb.net/wp-content/cache/wpo-minify/1731506058/assets/wpo-minify-header-3b3a50bb.min.css

Response headers

cache-control
public, max-age=31536000
expires
Sat, 13 Dec 2025 09:04:00 GMT
accept-ranges
bytes
content-length
25640
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
font/woff2
last-modified
Thu, 19 Jan 2023 14:25:45 GMT
server
LiteSpeed
vary
User-Agent
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
xn--80atb.net/wp-content/fonts/quicksand/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xn--80atb.net/wp-content/fonts/quicksand/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/wp-content/cache/wpo-minify/1731506058/assets/wpo-minify-header-3b3a50bb.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.13 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS Delta HighTech Ltd., BG),
Reverse DNS
jump10.jump.bg
Software
LiteSpeed /
Resource Hash
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xn--80atb.net
Referer
https://xn--80atb.net/wp-content/cache/wpo-minify/1731506058/assets/wpo-minify-header-3b3a50bb.min.css

Response headers

cache-control
public, max-age=31536000
expires
Sat, 13 Dec 2025 09:04:00 GMT
accept-ranges
bytes
content-length
25672
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
font/woff2
last-modified
Thu, 19 Jan 2023 14:25:45 GMT
server
LiteSpeed
vary
User-Agent
detector.js
a.plerdy.com/public/js/click/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.plerdy.com/public/js/click/detector.js?v=33
Requested by
Host: d.plerdy.com
URL: https://d.plerdy.com/public/js/click/main.js?v=0.36175111832817564
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
905332be34a82c1dc3b14447e564fd01a76adb59550ab052d50b3e9b4980a7b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67557684-5137"
age
72635
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qT%2FIzp6ipBe3HFZOusZWt%2FUv%2FJ4FFHh%2FYk1gNyymMZhaB174VlD84EsRZ3QLJhyAyzwM4u1DADOz2GJEPgaE0WUNUvVwv5jrQf3i861YYNIBAPRDy7x7YwgKb%2Fu5GT1fZ0zZsLwoAKSV4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22977&min_rtt=22071&rtt_var=3120&sent=17&recv=12&lost=0&retrans=0&sent_bytes=8359&recv_bytes=4653&delivery_rate=115633&cwnd=12000&unsent_bytes=0&cid=ca1ab3f710ce0386&ts=93&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sun, 08 Dec 2024 10:35:48 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f14c8c3fb98d3c2-FRA
access-control-allow-origin
*
server
cloudflare
main2.js
a.plerdy.com/public/js/click/ 		474 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.plerdy.com/public/js/click/main2.js?v=33
Requested by
Host: d.plerdy.com
URL: https://d.plerdy.com/public/js/click/main.js?v=0.36175111832817564
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a91b68f39a27311600454a82acb6b2ed0148ded8677fe8c7f999623d0b6a92e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6751f571-76707"
age
72635
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QiCeow68UI%2BwldCMEDG9zsXa06E%2BRynJsGknwScI3jpPwGrXlQ8k6HR0rQHOlM0XdFxpKPhM2YQlyYy7bmtm0zEfZoxEyjKPI5ww8dWwx3NJot8BnOQFS97nC1DvtITeAlo8FuE2T9wKTw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25019&min_rtt=22071&rtt_var=4391&sent=24&recv=17&lost=0&retrans=0&sent_bytes=15252&recv_bytes=5343&delivery_rate=236116&cwnd=12000&unsent_bytes=0&cid=ca1ab3f710ce0386&ts=128&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 05 Dec 2024 18:48:17 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f14c8c43c2ed3c2-FRA
access-control-allow-origin
*
server
cloudflare
iframe.js
a.plerdy.com/public/screens/34849/ 		10 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.plerdy.com/public/screens/34849/iframe.js?v=0.5606982219087375
Requested by
Host: d.plerdy.com
URL: https://d.plerdy.com/public/js/click/main.js?v=0.36175111832817564
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74dedadd1c31079cca05a54fcbc46bb19085511125088abaf39ec818daec126

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

cf-cache-status
MISS
etag
"671b7c0e-a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CskToUVzAguVVhQH%2Bo9%2FO3hLKlBEs0pFdrQmgWCLbfBIS7wy26SKslHn8dtBpWyJ7864fikoiAgnv8ro8uzYEhj60QJ4U20pvsNhA2JNubzQzMAuyPWb3Th3J9d%2B7UU72I7IHwEKOKqXJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25019&min_rtt=22071&rtt_var=4391&sent=34&recv=17&lost=0&retrans=0&sent_bytes=27252&recv_bytes=5343&delivery_rate=236116&cwnd=12000&unsent_bytes=0&cid=ca1ab3f710ce0386&ts=135&x=1", cfExtPri, cfHdrFlush;dur=15
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 25 Oct 2024 11:07:58 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f14c8c43c33d3c2-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
10
server
cloudflare
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4356309995287631&plah=xn--80atb.net&bust=31089297
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4356309995287631&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43ba69c061232e090712caa902a2757eb73a1a91751d5ea54fe6bf3614f6a494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

content-encoding
br
etag
14188570431950062657
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 09:04:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147712
x-xss-protection
0
server
cafe
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8EXRVRK6GL&gtm=45je4cb0v872014755za200&_p=1734080640533&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&gdid=dZTNiMT&cid=177094893.1734080641&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734080640&sct=1&seg=0&dl=https%3A%2F%2Fxn--80atb.net%2F%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B5%2F%D0%BC%D0%BE%D0%BB%D0%B1%D0%B0-%D0%B7%D0%B0-%D0%BE%D1%82%D1%81%D1%8A%D1%81%D1%82%D0%B2%D0%B8%D1%8F%2F&dt=%D0%9A%D0%B0%D0%BA%20%D1%81%D0%B5%20%D0%BF%D0%B8%D1%88%D0%B5%20%D0%BC%D0%BE%D0%BB%D0%B1%D0%B0%20%D0%B7%D0%B0%20%D0%BE%D1%82%D1%81%D1%8A%D1%81%D1%82%D0%B2%D0%B8%D1%8F%20%D0%BF%D0%BE%20%D1%81%D0%B5%D0%BC%D0%B5%D0%B9%D0%BD%D0%B8%20%D0%BF%D1%80%D0%B8%D1%87%D0%B8%D0%BD%D0%B8%3F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=8830
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8EXRVRK6GL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://xn--80atb.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
text/plain
server
Golfe2
save_statistic
d.plerdy.com/click/admin/ 		202 B
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.plerdy.com/click/admin/save_statistic
Requested by
Host: a.plerdy.com
URL: https://a.plerdy.com/public/js/click/main2.js?v=33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da7e7a5ca5a917a7c3e6aa6c4b3023262cc01bc687b2284b460c0e08d06f31a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://xn--80atb.net/

Response headers

cache-control
max-age=0, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mP8YnX%2Ban%2BBUviWS0SRnAJWYtdBV%2Fx%2Bp8KO%2FkY75hZ4ym2XOOSX9Q1vnc4chF3WIzdZW57v9j6Vgci3a523FfetzGvoM0OJKDF8kCUZJmCY9h3E2iDi41uaDWwwLnkYXmda1d0%2FdzLwRrw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f14c8c55b99bbec-FRA
expires
Fri, 13 Dec 2024 09:04:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22030&min_rtt=21819&rtt_var=3591&sent=12&recv=10&lost=0&retrans=0&sent_bytes=2707&recv_bytes=6245&delivery_rate=6013&cwnd=12000&unsent_bytes=0&cid=f97c27f42046d4e2&ts=69&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i
ca-pub-4356309995287631
fundingchoicesmessages.google.com/i/ 		197 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4356309995287631?href=https%3A%2F%2Fxn--80atb.net%2F%25d0%25bf%25d0%25b8%25d1%2581%25d0%25b0%25d0%25bd%25d0%25b5%2F%25d0%25bc%25d0%25be%25d0%25bb%25d0%25b1%25d0%25b0-%25d0%25b7%25d0%25b0-%25d0%25be%25d1%2582%25d1%2581%25d1%258a%25d1%2581%25d1%2582%25d0%25b2%25d0%25b8%25d1%258f&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412040102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4356309995287631&plah=xn--80atb.net&bust=31089297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b80a515f42f1aee36b58239791bfa54ee51ac07bea72dcc0136f8ee908eb8e4
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-NxmrfilbABSPLZWrMR_d4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 09:04:01 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC3FzNH58v4tNYMXBXgkljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MjQwM9A6P4AiMAPXVE_w"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-NxmrfilbABSPLZWrMR_d4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
plerdy_seo_rules.js
a.plerdy.com/public/screens/34849/ 		26 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.plerdy.com/public/screens/34849/plerdy_seo_rules.js?v=0.8242304542027463
Requested by
Host: a.plerdy.com
URL: https://a.plerdy.com/public/js/click/main2.js?v=33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a2154dcdbc3b983dfc718e54c8838bda689957f9e230588c17a6b6016fd9fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"65f41fe2-1a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rks5%2FEL158oNge7QLukCYOHIAxDawpXxFhFASAz5ABq5YuLvlyfT6fFeWNzEijntwsbPB3dsYm%2Bzj7QRAv1jAsJnOnuZytc4LLZshyAde4Hd%2BTaH5JQJ385dHcmMZeIz1QOWAEktUZ3aSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22507&min_rtt=21916&rtt_var=460&sent=106&recv=60&lost=0&retrans=0&sent_bytes=109991&recv_bytes=7986&delivery_rate=1873942&cwnd=64800&unsent_bytes=0&cid=ca1ab3f710ce0386&ts=387&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 15 Mar 2024 10:16:02 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f14c8c5cff2d3c2-FRA
access-control-allow-origin
*
server
cloudflare
plerdy_ga_events.js
a.plerdy.com/public/screens/34849/ 		913 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.plerdy.com/public/screens/34849/plerdy_ga_events.js?v=0.8280510807558936
Requested by
Host: a.plerdy.com
URL: https://a.plerdy.com/public/js/click/main2.js?v=33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d120c29b61014a44ff32cf9137adf241862fd4cbeea82c4692ea698410f4b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"66d6e1e5-391"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DAa3zpvkXSqLF9%2FSaordacnjDNGQquTdYlos9hTTu%2BXSGolfANMGgbSmSvgkyGaDIR6kJYKxHC8umrALeD4toh0AHV%2BmI0nXFtVdcnCmFFnWtskz0XRJ%2FzxIsOiKodNNtyHQ9Sjq2ld4yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22507&min_rtt=21916&rtt_var=460&sent=107&recv=60&lost=0&retrans=0&sent_bytes=110801&recv_bytes=7986&delivery_rate=1873942&cwnd=64800&unsent_bytes=0&cid=ca1ab3f710ce0386&ts=391&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 03 Sep 2024 10:16:05 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f14c8c5cff5d3c2-FRA
access-control-allow-origin
*
server
cloudflare
data_plerdy_form.js
a.plerdy.com/public/screens/34849/data/ 		918 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.plerdy.com/public/screens/34849/data/data_plerdy_form.js?v=0.51269513543979
Requested by
Host: a.plerdy.com
URL: https://a.plerdy.com/public/js/click/main2.js?v=33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7505f0522661385a66c99e56986f9ee204ea7fb99454ae9d14a7e195ed071d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"66fe5f66-396"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KoxpBguSraFVlHxH4c93rtM1RcxJV1nQLuSd40GRS5c3hNbgpeTwUvq15ko70BuNSs8GijgOeTvXUvpYm%2BAOh9ewBbgc9ztOwXEZCIgtEuoncisdt84KWJqpTWbhT5G1eM0%2FEMQkBZSU%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22507&min_rtt=21916&rtt_var=460&sent=109&recv=60&lost=0&retrans=0&sent_bytes=112161&recv_bytes=7986&delivery_rate=1873942&cwnd=64800&unsent_bytes=0&cid=ca1ab3f710ce0386&ts=392&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 09:04:00 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 03 Oct 2024 09:09:58 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f14c8c5cff9d3c2-FRA
access-control-allow-origin
*
server
cloudflare
ip
d.plerdy.com/click/ 		60 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.plerdy.com/click/ip?params=%7B%0A%20%20%22site_url%22%3A%20%22xn--80atb.net%22%2C%0A%20%20%22ip_visitor%22%3A%20%22%22%2C%0A%20%20%22position%22%3A%20%5B%5D%2C%0A%20%20%22page_url%22%3A%20%22https%3A%2F%2Fxn--80atb.net%2F%25d0%25bf%25d0%25b8%25d1%2581%25d0%25b0%25d0%25bd%25d0%25b5%2F%25d0%25bc%25d0%25be%25d0%25bb%25d0%25b1%25d0%25b0-%25d0%25b7%25d0%25b0-%25d0%25be%25d1%2582%25d1%2581%25d1%258a%25d1%2581%25d1%2582%25d0%25b2%25d0%25b8%25d1%258f%2F%22%2C%0A%20%20%22user_hash%22%3A%20%229c642f31dbc32efa4332f810216677b0%22%2C%0A%20%20%22suid%22%3A%2034849%2C%0A%20%20%22plerdy_url%22%3A%20%22https%3A%2F%2Fd.plerdy.com%2Fclick%2F%22%2C%0A%20%20%22device%22%3A%20%22desktop%22%2C%0A%20%20%22cookie_form%22%3A%20%22%22%2C%0A%20%20%22doingrequest%22%3A%200%2C%0A%20%20%22tag_name%22%3A%20%5B%5D%2C%0A%20%20%22el_on_click%22%3A%20%5B%5D%2C%0A%20%20%22class_name%22%3A%20%5B%5D%2C%0A%20%20%22node_number%22%3A%20%5B%5D%2C%0A%20%20%22click_number%22%3A%20%5B%5D%2C%0A%20%20%22reserve_selector%22%3A%20%5B%5D%2C%0A%20%20%22class_list%22%3A%20%5B%5D%2C%0A%20%20%22id_list%22%3A%20%5B%5D%2C%0A%20%20%22hash_tag%22%3A%20%5B%5D%2C%0A%20%20%22page_title%22%3A%20%22%D0%9A%D0%B0%D0%BA%20%D1%81%D0%B5%20%D0%BF%D0%B8%D1%88%D0%B5%20%D0%BC%D0%BE%D0%BB%D0%B1%D0%B0%20%D0%B7%D0%B0%20%D0%BE%D1%82%D1%81%D1%8A%D1%81%D1%82%D0%B2%D0%B8%D1%8F%20%D0%BF%D0%BE%20%D1%81%D0%B5%D0%BC%D0%B5%D0%B9%D0%BD%D0%B8%20%D0%BF%D1%80%D0%B8%D1%87%D0%B8%D0%BD%D0%B8%3F%22%2C%0A%20%20%22plerdy_url0%22%3A%20%22https%3A%2F%2Fd.plerdy.com%2F%22%2C%0A%20%20%22plerdy_url_live%22%3A%20%22https%3A%2F%2Fd.plerdy.com%2F%22%2C%0A%20%20%22plerdy_url_save%22%3A%20%22https%3A%2F%2Fd.plerdy.com%2Fclick%2F%22%2C%0A%20%20%22plerdy_url_save_test%22%3A%20%22https%3A%2F%2Fd.plerdy.com%2Fclick_test%2F%22%2C%0A%20%20%22traffic_source%22%3A%20%22direct%22%2C%0A%20%20%22id_page%22%3A%207%2C%0A%20%20%22country_code%22%3A%20%22DE%22%0A%7D&cooki=%5B%5D&ip_a=1
Requested by
Host: a.plerdy.com
URL: https://a.plerdy.com/public/js/click/main2.js?v=33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f29f57d6a6940c6387d02e0b3a942025392dcda8721c1db2512b9eea2788f5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ExAgzrwxLn6rtRvPYQ2QH%2FxEud0W3%2F4uyx3%2FaOeYDLheiFN0jWLGH4R4TKQGT0Htl7jzh3irP9iuxi9kxB1pzBiIoqSegStM9%2Bzh3fbZA3Ai%2BMMuldcuMNbjEo77h0izUSB5Hb4V7tICQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 09:04:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21990&min_rtt=21711&rtt_var=2773&sent=14&recv=13&lost=0&retrans=0&sent_bytes=3630&recv_bytes=7973&delivery_rate=21269&cwnd=12000&unsent_bytes=0&cid=f97c27f42046d4e2&ts=247&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 09:04:01 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=31536000;
cache-control
max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f14c8c66c6abbec-FRA
access-control-allow-origin
*
server
cloudflare
cf-apo-via
origin,host
AGSKWxUZVYNbmOv8Hu8Txl3_P5aDIWmGRhqbLNvaQoFX5y_d4l0ZrcwXHkedYNOxndrMCn4mz8F6Gv6XE0qSVT87WQdUzKYA8fkmMZLjPqzR5A_c7Y6vHJI-1-rz0mo7_3mk2ocZetWLKA==
fundingchoicesmessages.google.com/f/ 		542 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUZVYNbmOv8Hu8Txl3_P5aDIWmGRhqbLNvaQoFX5y_d4l0ZrcwXHkedYNOxndrMCn4mz8F6Gv6XE0qSVT87WQdUzKYA8fkmMZLjPqzR5A_c7Y6vHJI-1-rz0mo7_3mk2ocZetWLKA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0MDgwNjQxLDEyODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly94bi0tODBhdGIubmV0LyVEMCVCRiVEMCVCOCVEMSU4MSVEMCVCMCVEMCVCRCVEMCVCNS8lRDAlQkMlRDAlQkUlRDAlQkIlRDAlQjElRDAlQjAtJUQwJUI3JUQwJUIwLSVEMCVCRSVEMSU4MiVEMSU4MSVEMSU4QSVEMSU4MSVEMSU4MiVEMCVCMiVEMCVCOCVEMSU4Ri8iLG51bGwsW1s4LCJoQXYwWWpBVjItcyJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.hAv0YjAV2-s.es5.O/am=DAY/d=1/rs=AJlcJMwDyDBYWg4bYynORH3saXN3pDMmSA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2970093b1884facefb2ab151aa6e2d5ae8fbf0312185aa0eb50ea732e21ce5b9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VxhVLZBDNmGai_jlMDiCoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 09:04:01 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0pBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC3FzNH58v4tN4MCXDelKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoZGhgZ6BkbxBUYAZkxFyQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VxhVLZBDNmGai_jlMDiCoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		114 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.hAv0YjAV2-s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyCwjK2D0Zb2E9k9uXk5WArO5sNAA/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 09:04:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 09:04:01 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 13 Dec 2024 09:04:01 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
wgFp4ypy2s9c2yIbOf_rJq4ueVOx4_n4Ln4x4Ld-qPMjj5xqJObDfzzpHcURxiYPsHJc-9dP-L2IdVq34GAIaSzdh5ytCgQmyypl-YsVvNty1xbDTHMCEA=h60
lh3.googleusercontent.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/wgFp4ypy2s9c2yIbOf_rJq4ueVOx4_n4Ln4x4Ld-qPMjj5xqJObDfzzpHcURxiYPsHJc-9dP-L2IdVq34GAIaSzdh5ytCgQmyypl-YsVvNty1xbDTHMCEA=h60
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5613f93469cfcaac5cfd6588c5c2db9a278a9b5467e0451d5ffc37f4d6d12d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
10104
x-content-type-options
nosniff
expires
Sat, 14 Dec 2024 06:15:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 06:15:37 GMT
content-disposition
inline;filename="unnamed.png"
content-type
image/png
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
5041
x-xss-protection
0
server
fife
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xn--80atb.net
Referer
https://xn--80atb.net/

Response headers

age
286620
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 01:27:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 01:27:01 GMT
last-modified
Thu, 14 Dec 2023 02:00:28 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
26736
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: xn--80atb.net
URL: https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xn--80atb.net
Referer
https://xn--80atb.net/

Response headers

age
258584
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:14:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:14:17 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxWTa2_5wh-dcxXVUDCQ2BE8qZcVkQ5fEGL6yn7-5vuI32hW--v-LQSxbfdr9bh3-_y8MsEchT1ZFM6NPcaFTYePlR9_pyFquQkJxwx07g1sn0eGBqLOItQUeMaUc9sDx28DGl_rwQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWTa2_5wh-dcxXVUDCQ2BE8qZcVkQ5fEGL6yn7-5vuI32hW--v-LQSxbfdr9bh3-_y8MsEchT1ZFM6NPcaFTYePlR9_pyFquQkJxwx07g1sn0eGBqLOItQUeMaUc9sDx28DGl_rwQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.hAv0YjAV2-s.es5.O/am=DAY/d=1/rs=AJlcJMwDyDBYWg4bYynORH3saXN3pDMmSA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cZG7dNJi4qbg_PiIOdQc1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://xn--80atb.net/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 09:04:01 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIej8eP7XWwCL548Xsqo5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQwN9QzM4wsMADWtK6Q"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cZG7dNJi4qbg_PiIOdQc1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://xn--80atb.net
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWTa2_5wh-dcxXVUDCQ2BE8qZcVkQ5fEGL6yn7-5vuI32hW--v-LQSxbfdr9bh3-_y8MsEchT1ZFM6NPcaFTYePlR9_pyFquQkJxwx07g1sn0eGBqLOItQUeMaUc9sDx28DGl_rwQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWTa2_5wh-dcxXVUDCQ2BE8qZcVkQ5fEGL6yn7-5vuI32hW--v-LQSxbfdr9bh3-_y8MsEchT1ZFM6NPcaFTYePlR9_pyFquQkJxwx07g1sn0eGBqLOItQUeMaUc9sDx28DGl_rwQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.hAv0YjAV2-s.es5.O/am=DAY/d=1/rs=AJlcJMwDyDBYWg4bYynORH3saXN3pDMmSA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-miVj_h2Z2iM8gbHzbgxE_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://xn--80atb.net/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 09:04:01 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIej8eP7XWwCOx5M3sKo5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQwN9QzM4wsMABS9KzE"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-miVj_h2Z2iM8gbHzbgxE_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://xn--80atb.net
content-length
0
x-xss-protection
0
server
ESF
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xn--80atb.net
Referer
https://fonts.googleapis.com/

Response headers

age
39288
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 22:09:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 22:09:13 GMT
last-modified
Wed, 01 May 2024 20:31:48 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48336
x-xss-protection
0
server
sffe
1Ptug8zYS_SKggPNyCkIT5lu.woff2
fonts.gstatic.com/s/raleway/v34/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyCkIT5lu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9b71d672ab268b3853b6fb9dc99942f283a415d4ab271b8e4dc597f33e18f4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://xn--80atb.net
Referer
https://fonts.googleapis.com/

Response headers

age
193705
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 03:15:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 03:15:36 GMT
last-modified
Wed, 01 May 2024 20:31:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
25796
x-xss-protection
0
server
sffe
cropped-%D0%BA%D0%B0%D0%BA-net-favicon-32x32.png
xn--80atb.net/wp-content/uploads/2021/11/ 		773 B
882 B 		Other
General
Check archive.org
Download Go to
Full URL
https://xn--80atb.net/wp-content/uploads/2021/11/cropped-%D0%BA%D0%B0%D0%BA-net-favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
79.98.104.13 Sofia, Bulgaria, ASN8860 (DELTA-BG-AS Delta HighTech Ltd., BG),
Reverse DNS
jump10.jump.bg
Software
LiteSpeed /
Resource Hash
6a6990db045c106433018f2b538b3680986219d79b551b67e6eb2c1a88b3855f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--80atb.net/%d0%bf%d0%b8%d1%81%d0%b0%d0%bd%d0%b5/%d0%bc%d0%be%d0%bb%d0%b1%d0%b0-%d0%b7%d0%b0-%d0%be%d1%82%d1%81%d1%8a%d1%81%d1%82%d0%b2%d0%b8%d1%8f/

Response headers

cache-control
public
expires
Fri, 10 Jan 2025 09:04:01 GMT
accept-ranges
bytes
content-length
773
date
Fri, 13 Dec 2024 09:04:01 GMT
content-type
image/png
last-modified
Thu, 19 Jan 2023 13:45:27 GMT
server
LiteSpeed
vary
User-Agent

Verdicts & Comments Add Verdict or Comment

204 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| jQuery function| gtag object| dataLayer object| adsbygoogle string| _protocol string| _site_hash_code number| _suid object| plerdyScript object| wpcf7 object| rmp_frontend object| eztoc_smooth_local object| ezTOC object| donovanScreenReaderText object| mystickyside_name function| _0x2d152e function| _0x1e56 string| MAINPLERDYURL object| mainScriptPlerdy string| mainScriptPlerdy_host string| mainScriptPlerdy_host_tracker object| plerdy_config function| _0x4e7b object| rate_my_post object| wp function| sprintf function| vsprintf object| swv function| Cookies function| _0x33363a function| _0x5929 function| _0x5786 function| getPlerdy_PageUrl function| mobilecheck function| mobileAndTabletcheck function| plerdyGetOS function| plerdyGetBrouser object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| startSessionInPageTime string| initPlerdyUrlOriginal object| initPlerdyUrlOriginalO string| pageUrl object| parts object| object object| plerdyIframeDataHover function| plerdyReceiveMessage object| plEventsAll string| pageUrl2 number| plerdy_active_elements number| plerdy_inactive_elements object| position_array object| plerdy_real_elements object| previous_data object| selectors object| selectors_hovers number| corector object| allS object| plerdySelectorsArray number| intervalPlerdycycleStopVar number| maxCntSelectorsPlerdy_critical string| plerdySalasCurrency number| maxCntVlHovers function| plerdySourseBusterFunc string| plerdyVisitorId object| FingerprintJSPlerdy object| plerdySession string| sesNameP string| sesNamePuserSes object| cash_selectros_for_mouse_move object| plerdy_referrals function| plerdy_getHTML object| plerdy_scroll_cache object| plerdy_scroll_cache_send object| plerdy_scroll_dataOLD number| plerdy_scroll_data number| plerdy_on_off_send_scroll object| send_data function| init_click_count_plerdy function| checkUrlforBannersAkcia function| checkIprules function| unserialize function| checkUrlForHide function| checkUrl function| rtrim function| checkDevice function| fullPath function| sendDataForInitPlerdy function| setFormIframeStyles function| loadAddPlerdyScript function| hide_popupPlerdy function| plerdyAddMultipleListeners function| addPlerdyEvent1 function| on_plerdy function| addPlerdyStylesheetTag function| plerdyCheckElementAppear function| plerdyClearnUrlfunction function| addStyle_Plerdy function| createCORSRequest function| offset_pl function| selectDevise function| do_kostyl function| checkChildrenForAddDisplay function| plerdy_elem_over function| plerdy_elem_out function| inArray function| doWhenMouseOver function| addRemoveHeight function| plerdyClicksStyle function| sendToIframe function| getClassOrIdPlerdyEvent function| addEventCustomInCabinetPlerdy function| showHidePanel function| initFingerprintJSPlerdy function| plerdySessionFunctions function| plerdySeoAudit function| sendPlerdyDataToSeo function| sendSatistic_Before function| getCookiePlerdy function| plerdySerialize function| sendSatistic function| urlencode function| plerdy_currentDate function| plerdy_filterNone function| plerdy_getAllComments function| plerdyAverageValue function| proccesVideoData function| initGaEvents function| plerdysend function| plerdyCommerse function| proccesConverssionData function| doPlerdyConvStep function| validConverssionURL function| getTrafficsPlerdyArr function| getDevicePlerdyArr function| plerdySeoRulesCheck function| plerdyDetectIfAlloved function| sendConv_v2 function| plerdyClearnWords function| plerdyClearnString function| getForLua function| plerdyGetImagesWithMissingAlt function| PlerdyRobots function| sendDataScroll function| doSeo function| addInPage function| detect function| makrPlerdyReal function| showMarkedSeoNum function| plerdyUnMakrWords object| plerdy_tags_arr function| CssSelectorGenerator string| all_url string| seo_url function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate string| country_code_plerdy object| plerdy_seo_rules object| plerdy_seo_rules2 boolean| doSeoOrNot object| _0xc42e function| _0xe60c object| plerdy_form_data_params object| _0xc24e function| _0xe18c object| plerdy_ga_events object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YTZmZmQ1Y2NiMmRlYThkMWxvYWRlcl9qcw== string| YTZmZmQ1Y2NiMmRlYThkMWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| owl

2 Cookies

Domain/Path Name / Value
.xn--80atb.net/ Name: _ga_8EXRVRK6GL
Value: GS1.1.1734080640.1.0.1734080640.0.0.0
.xn--80atb.net/ Name: _ga
Value: GA1.1.177094893.1734080641

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.plerdy.com
d.plerdy.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
region1.google-analytics.com
www.googletagmanager.com
xn--80atb.net
2001:4860:4802:34::36
2606:4700:20::681a:e5c
2a00:1450:4001:803::2001
2a00:1450:4001:81d::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
79.98.104.13
08d120c29b61014a44ff32cf9137adf241862fd4cbeea82c4692ea698410f4b2
0952dd64fe574b97b3a9b4b9bb2c0ad46547efd14ae8eec1c14c20cd6b286e07
0f29f57d6a6940c6387d02e0b3a942025392dcda8721c1db2512b9eea2788f5e
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d
2970093b1884facefb2ab151aa6e2d5ae8fbf0312185aa0eb50ea732e21ce5b9
3aaa08d1c1434c3dd80f3ae7b73884fd1570ddc777b9bc2beaeeb1648373cffd
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d5a52512ea507f078243d9b0687176ffa4d5964bfa29f1f9e5c8595146734f6
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f
43ba69c061232e090712caa902a2757eb73a1a91751d5ea54fe6bf3614f6a494
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
5613f93469cfcaac5cfd6588c5c2db9a278a9b5467e0451d5ffc37f4d6d12d78
6a6990db045c106433018f2b538b3680986219d79b551b67e6eb2c1a88b3855f
83092b42a49339b17616c3fdbd15a41859a8df7b1a1ca7ac9de62e5198ba7a32
854f2e19b9eee120b6f15de81a6a7ffd3a4eb1a48297a101e7df26b72fbf8e6c
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
8da7e7a5ca5a917a7c3e6aa6c4b3023262cc01bc687b2284b460c0e08d06f31a
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
905332be34a82c1dc3b14447e564fd01a76adb59550ab052d50b3e9b4980a7b4
9b80a515f42f1aee36b58239791bfa54ee51ac07bea72dcc0136f8ee908eb8e4
9e6d3f4e540097c155e2f12f4c0af8537705ff6016173768993b49b0f3d307f4
a2a2154dcdbc3b983dfc718e54c8838bda689957f9e230588c17a6b6016fd9fc
a91b68f39a27311600454a82acb6b2ed0148ded8677fe8c7f999623d0b6a92e3
b74dedadd1c31079cca05a54fcbc46bb19085511125088abaf39ec818daec126
b9b71d672ab268b3853b6fb9dc99942f283a415d4ab271b8e4dc597f33e18f4d
da60fd09fa9fa5756db050bcd2f2eb54248f905a32a43d434abb4349cb4a0230
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7505f0522661385a66c99e56986f9ee204ea7fb99454ae9d14a7e195ed071d0
f2e21b8e79e842adf80a3a6d45c51018ca4abcedc9e91dc8db25886cf8881c50
f6d473dca399220a898c53787b158b4f4f5f49b2bbb3b48bbd5fcdcf148ef9d0
f937757f256c1c71199b8b291c41a42529c85710f6a6bf698c7febc2aaced1e7