goo.by Open in urlscan Pro
2606:4700:3030::6815:56e9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://goo.by/8Jio1
Effective URL:
https://goo.by/
Submission: On May 24 via manual (May 24th 2023, 8:44:49 am UTC) from IT — Scanned from DE

Summary HTTP 212 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 11 countries across 33 domains to perform 212 HTTP transactions. The main IP is 2606:4700:3030::6815:56e9, located in United States and belongs to CLOUDFLARENET, US. The main domain is goo.by.
TLS certificate: Issued by GTS CA 1P5 on March 26th 2023. Valid for: 3 months.

This is the only time goo.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	2606:4700:303... 2606:4700:3030::6815:56e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5 13	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
9 16	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 18	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3 3	18.185.196.61 18.185.196.61	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
9	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1 1	35.157.12.160 35.157.12.160	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:a4c6:9405:d858:453d	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:c16d:3d42:19c0:e699	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
212	28

17 2606:4700:3030::6815:56e9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

goo.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:6b8::1:119 (Moscow, Russian Federation) 9 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

p4-buarr4gsctl2o-l74kjnbxy63hqiek-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

p4-gfdbssi5grp7a-7ay4ufxdacfypzvh-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.196.61 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-196-61.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.12.160 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-12-160.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:a4c6:9405:d858:453d (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:c16d:3d42:19c0:e699 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	668 KB
43	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	225 KB
27	gstatic.com www.gstatic.com fonts.gstatic.com p4-buarr4gsctl2o-l74kjnbxy63hqiek-if-v6exp3-v4.metric.gstatic.com p4-gfdbssi5grp7a-7ay4ufxdacfypzvh-if-v6exp3-v4.metric.gstatic.com	559 KB
17	criteo.net static.criteo.net — Cisco Umbrella Rank: 639 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9070 csm.eu.criteo.net — Cisco Umbrella Rank: 8905	236 KB
17	goo.by 1 redirects goo.by	204 KB
15	google.com 5 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	50 KB
10	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	39 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	425 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9507	3 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	7 KB
5	yandex.ru 4 redirects mc.yandex.ru — Cisco Umbrella Rank: 3734	59 KB
4	yandex.by 2 redirects mc.yandex.by — Cisco Umbrella Rank: 220960	636 B
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	3 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
3	criteo.com rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16347 ads.eu.criteo.com — Cisco Umbrella Rank: 8856 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10084	47 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 562	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4789	653 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 729	776 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 315	1 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4604	749 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 306	531 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 812 r.turn.com — Cisco Umbrella Rank: 3335	869 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 9037	698 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423	752 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1470	631 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 482	920 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1546	298 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 669	732 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 607	187 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 606	546 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2889	105 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1172	246 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	602 B
212	33

	Domain	Requested by
38	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
25	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net goo.by
18	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net goo.by
18	pagead2.googlesyndication.com	goo.by pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
17	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
17	goo.by	1 redirects goo.by
13	www.google.com	5 redirects goo.by www.gstatic.com www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	cdnjs.cloudflare.com	goo.by ads.eu.criteo.com
9	static.criteo.net	ads.eu.criteo.com
8	www.googletagservices.com	googleads.g.doubleclick.net
7	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	mc.yandex.com	3 redirects goo.by
6	fonts.googleapis.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	www.google.com fonts.googleapis.com
5	mc.yandex.ru	4 redirects goo.by
4	mc.yandex.by	2 redirects goo.by
3	ssum-sec.casalemedia.com	3 redirects
3	x.bidswitch.net	3 redirects
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	onetag-sys.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	pool.admedo.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	p4-gfdbssi5grp7a-7ay4ufxdacfypzvh-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-gfdbssi5grp7a-7ay4ufxdacfypzvh-if-v6exp3-v4.metric.gstatic.com
2	p4-buarr4gsctl2o-l74kjnbxy63hqiek-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-buarr4gsctl2o-l74kjnbxy63hqiek-if-v6exp3-v4.metric.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync.mathtag.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.openx.net	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
212	44

This site contains no links.

Subject Issuer	Validity	Valid
*.goo.by GTS CA 1P5	`2023-03-26` - `2023-06-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2023-06-25`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-18` - `2023-08-18`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://goo.by/
Frame ID: 444E06DF43BDDBC081E90E5BE0809890
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html
Frame ID: 525A9EEA6B211C8724269736662C7D5E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=z6trh858i66n
Frame ID: ABA04EFF50144A2CF6E5D57824C983EE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&adk=293675617&adf=814277786&lmt=1684917883&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgoo.by%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917882705&bpp=6&bdt=493&idt=308&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1465404818372&frm=20&pv=2&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=328
Frame ID: F825ED77ED9CE1D683B7B5B0B97073F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1684917883&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917882711&bpp=3&bdt=499&idt=325&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pFgTloxszh&p=https%3A//goo.by&dtd=327
Frame ID: C163EECA3A3A3DD160119697D3B0B294
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DDDAEB334D95A9CBDEFFDFCF36CDE221
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2456&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280&nras=3&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sz4QBin043&p=https%3A//goo.by&dtd=16
Frame ID: 583F1B58DDA8185888274E2886667E17
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0mAUrimtn1&p=https%3A//goo.by&dtd=20
Frame ID: 81F5107418D909519D37609B8BA74D52
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Nk4CHN0Ent&p=https%3A//goo.by&dtd=24
Frame ID: BF298E9A2EF1A8BEA3B698C09B4E7E28
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Frame ID: DF572650F277932A18B6CE34C360455B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9BAD138DF5E52807B8E729DDAC43A021
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Frame ID: E841AE1E87C2F7D38FDEF58B0AB256E5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8E503D6574773F20B7F58B3206E4836F
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js
Frame ID: 6EBE50827CBC9E8C1BE40037D827D4F8
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A23263C009E1C870FDEC2C792B800D81
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ADF67EF584837A2F848B7BDCBD2460FC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6654F1D2AD56EA47681BCE8EB2D2136D
Requests: 2 HTTP requests in this frame

Frame: https://p4-buarr4gsctl2o-l74kjnbxy63hqiek-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: E0D8166D9C9BF83D18DEB8C2A8BA54BF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1B4B0CB3F5718F33EE520C8E18A63484
Requests: 2 HTTP requests in this frame

Frame: https://p4-gfdbssi5grp7a-7ay4ufxdacfypzvh-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 11464B4E97639F92FAFA1A2D17152B69
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js
Frame ID: 805A35606B9BED9B2CA25A814E248F9B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js
Frame ID: 48F0B8534084A9BBB219992634D0BDAF
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZG3OfAAMKxED5_d5AAU2m2-UgTFI5eLRPgp-LA&u=%7CG9pBjDUvafnJKMaqCHfR6mkDhYlUNa1sOM2Q4r48vXw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC863dcpp4WPN2RX0hwTGs7anyXQXhUgatak5OLskegNjrPKgiDwRHj9PDbmjwe_VvnsA28s_wMPaBI_mg6GDlO9bkFlJ691tPTj16CIfU5FEYxbO3R9A2UF7XmnoPybMsvvZd1a9wdi0Ey-L7VyURBzutIXBfXPrYN3vCCXftK85UCm9GJrkAKX6_KUEc1msluoCkld4EJIMvRr5GchpvwmlFLToWgL0lECyDyUmA9H3DCM_wgQfe03dkUlQTMc-ehPj0VUXhZ4El6VtsUFrHsABpl2_X7bTA-gG7GeMnm6Nv3kZz3C2ZlrH_JIuLY_-7sM-98-9MwdoXlpobKCILDNMAh2C2Tni90V6xjgaXioZlbjPRMsr25J4uW3Z9QDupvDCTdd6D-9i9DkvMjoyqq042i5Fv1eUqkvfdKaweucEISIDZdX4_cMB1ikPcIuJp_lbxaw1DmZIuopgAv5SpscD--Q5It-UFBdMSen7qoPNJuSErQrNkzczlZDPO4FeLjZuoHUK7puLrgnzjokrCz6iHrtok65hVoUesJvXDQPaf3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9mtFfM5tZJHWMPnun88Pm-2U2A_JntKxXL3plfdwwI23ARABIABglYKAgJAHggEXY2EtcHViLTg5MTc4MzAxODkxMDA3MjHIAQmpAuMucBVzE7I-qAMBqgS3AU_QMqWaBkuMJj0V38ot_QdqYXA5hDaBREj5J3LI2oTWPYhwsCYg3XpyWDXw5BltCXHvBeIeRulkvXSJ5Tm8f5Uvw15cfv8OpljhNMIX5U04-OIuX0QdqqYuZ07nxjF-vcVvzys9lrVZvFlCIEe4GTLrcVEzavFJsLyn3IptUCGQpuutdKLXLZDBR_iXM65sMuafy8DMhJJf_vh0q8WfBLCWCDNq1aQq-hyn5RlLAtlVNB5uryaCSYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3US-DQLXNiU9uUBRa3sYnAavdcGA%26client%3Dca-pub-8917830189100721%26adurl%3D
Frame ID: 888B3947D1C558CE426C82439DEA9C43
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3921629F9EB112D9B65BFB1C891EE682
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EFE02BDE066A07D915E2BD2086F32C97
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7E373852C6545042D6BF9B16A8E09EAA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js
Frame ID: 5E26F0F144F25754623530EE4DADE437
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0558E5CA8B0F15D73B41CBB3B25542D6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js
Frame ID: C55FC785F1BC5DE2A904EA5FB38DBF90
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B3BFA2B9CEF34D32E887EE13468808E4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 042E32E7DAA8EC10711047BE11DF393B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Goo.gl URL Shortener. Shorten URL Free!

Page URL History Show full URLs

https://goo.by/8Jio1 HTTP 301
https://goo.by/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery DevBridge Autocomplete (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/jquery\.devbridge-autocomplete/([0-9.]+)/jquery\.autocomplete(?:.min)?\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

212
Requests

91 %
HTTPS

51 %
IPv6

33
Domains

44
Subdomains

28
IPs

11
Countries

2521 kB
Transfer

6258 kB
Size

40
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://goo.by/8Jio1 HTTP 301
https://goo.by/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10013.H_BOfOKJWVQFkCQ1UlxZ1JHcZZpJPUqwLvBqHkBAEjTRvMrXV2m6rpCd137O7ltu.CXJJ3sTBTxLbzfAacFCMqGBBsRY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10013.NZoIy9imFCTlL2YUqTi6g8HdhkUPkYK89tsqjWWxyi9MZ8nWPHgxf3WbmQU3Cn2CebSkC8PL54Nm8pdQD7MZxgljFV2FreJXPJIrCTTAw60%2C.5QYms5BW1v_SMvfUWr-VMMTUpjY%2C

Request Chain 34

https://mc.yandex.by/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=10013.MJjGBPVCkPbgzxbsKEJ8ew5DEBxB_OZ13n4iyfdWbLkjQ-kvH1I6mldgnQ0swBCd.LEfMKXNXHDLumaSdBOPx3dBBsIQ%2C HTTP 302
https://mc.yandex.by/sync_cookie_image_decide?token=10013.k1VAILhFUY2eq8eP-HbKtrg6WCCtBet-ZGf7Vr-1eMyGusrro_S2rXldfrMx72cF4dELdyOXWNsHq1hVyH-oZ4_vgdUjIBeo24HJdt1S6Cw%2C.Qw2VqL2z5booM3L-IcKdilTdxtw%2C

Request Chain 47

https://mc.yandex.com/watch/45619767?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A23kgit37m13tapt71047vz3%3Afp%3A530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1042%3Acn%3A1%3Adp%3A0%3Als%3A509416283427%3Ahid%3A342687793%3Az%3A0%3Ai%3A20230524084443%3Aet%3A1684917883%3Ac%3A1%3Arn%3A869118702%3Arqn%3A1%3Au%3A1684917883905486824%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C92%2C2%2C212%2C%2C1%2C340%2C18%2C%2C%2C%2C647%3Aco%3A0%3Acpf%3A1%3Ans%3A1684917881905%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684917883%3At%3AGoo.gl%20URL%20Shortener.%20Shorten%20URL%20Free!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/45619767/1?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A23kgit37m13tapt71047vz3%3Afp%3A530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1042%3Acn%3A1%3Adp%3A0%3Als%3A509416283427%3Ahid%3A342687793%3Az%3A0%3Ai%3A20230524084443%3Aet%3A1684917883%3Ac%3A1%3Arn%3A869118702%3Arqn%3A1%3Au%3A1684917883905486824%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C92%2C2%2C212%2C%2C1%2C340%2C18%2C%2C%2C%2C647%3Aco%3A0%3Acpf%3A1%3Ans%3A1684917881905%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684917883%3At%3AGoo.gl%20URL%20Shortener.%20Shorten%20URL%20Free%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 48

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10013.fh8Z2E7y62doc8isAyTDhZlSZbWxKVYuzZl1usBSYaOIN7D8icfVDt236WXiX-Pg.JJgYFpqqiU7B_8nL1lsl5SOUnuc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10013.hHO9_BtSHKWwJfXuHBumio1alBIiDoFiQn-tqCJwkoObSYPdpn3aQ8O2OfVdpubVlEAl71pvbBAxiW2Q2imzJDmQKH6jEm_JVuMjWofIDhY%2C.pLK5HdAQtAlidEk9IjNJGsPuXT0%2C

Request Chain 49

https://mc.yandex.by/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.by&token=10013.MVZQzGJKDNMdDS8JJtzNck1tMjBGI1C4mbhTOzEJruiSh-9IZUN4LwwuI9d6OuMK.qopBXhqS--z_qS5MIt3DKEbVNxo%2C HTTP 302
https://mc.yandex.by/sync_cookie_image_decide_secondary?token=10013.ZXilH51ghfcOrVfKodSCOeQuSvBsOqi2KOk76icghuEAxw--9Bivg9RbC7tAvSO0sdOHRKUEgKzla3wnd41iDw%2C%2C.DTL0Q8TAxWUgB8EH3E9RtTNmq6o%2C

Request Chain 63

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 133

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHSsoiC8DoHA6bAW0PrhsIo&google_cver=1&google_push=ATf1kGNkTrNxV0eHszhIWnpkDkPM0H4ti1N8oS5n1Ak0xlNkvQ9kCylZcSYGfXV4ivRLNpNgxV1joSTSn9L1rjXFeybpj8re4bbalcLiUkKgcls4bNLNfrgi0UESHpOPk5Oo_pQy-1Uw7OtTFdOIv6sWLo5r-Go HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU1MzkyMTU2MTE5NTM2OTc0MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHSsoiC8DoHA6bAW0PrhsIo&google_cver=1

Request Chain 135

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGsBP5I1ejr0JhmIM5YBLLU&google_cver=1&google_push=ATf1kGNfiKYAO5KM6qlTpG9dUqsgRa2BLTp8zxzXZUHn8vXuEoXCcp8iPf0yTi6-Qwyd6NHm3YqclB-GxZNwSxGcron1u16_qYAwTX4MtDavEFox09SuNvfdi-T6Ua1TYrellgy1svKfrkQUS6PVs60B7FOso7Q HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGsBP5I1ejr0JhmIM5YBLLU&google_cver=1&google_push=ATf1kGNfiKYAO5KM6qlTpG9dUqsgRa2BLTp8zxzXZUHn8vXuEoXCcp8iPf0yTi6-Qwyd6NHm3YqclB-GxZNwSxGcron1u16_qYAwTX4MtDavEFox09SuNvfdi-T6Ua1TYrellgy1svKfrkQUS6PVs60B7FOso7Q HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=9a0d3519-a764-4026-a366-d079ad64bf92 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=9a0d3519-a764-4026-a366-d079ad64bf92 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d086492c-ca00-41ce-a002-05c5c9cce0d1&user_group=1&ssp=google&bsw_param=9a0d3519-a764-4026-a366-d079ad64bf92 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNfiKYAO5KM6qlTpG9dUqsgRa2BLTp8zxzXZUHn8vXuEoXCcp8iPf0yTi6-Qwyd6NHm3YqclB-GxZNwSxGcron1u16_qYAwTX4MtDavEFox09SuNvfdi-T6Ua1TYrellgy1svKfrkQUS6PVs60B7FOso7Q&google_hm=mg01GadkQCajZtB5rWS_kg==

Request Chain 137

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJNev1hcoGED-5Fhfm5L7dE&google_cver=1&google_push=ATf1kGP5iMy2Z1LssaJlbLFdhJkgh4sNrGmghVyLKKPvRAG3ya1Cr4KuYjcxk939_q-1Q13pgWGVFsq9xxYAuNxTP45QepVCsSm__h5e__sHjXr7e6GtwOVCSpaV-F4q3vxYoBxriVL8GLavb9LCR8GOS4SKCD4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxR0xUQUEtMVQtMk5VQQ==&google_push=ATf1kGP5iMy2Z1LssaJlbLFdhJkgh4sNrGmghVyLKKPvRAG3ya1Cr4KuYjcxk939_q-1Q13pgWGVFsq9xxYAuNxTP45QepVCsSm__h5e__sHjXr7e6GtwOVCSpaV-F4q3vxYoBxriVL8GLavb9LCR8GOS4SKCD4

Request Chain 138

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_cver=1&google_push=ATf1kGP4qNLzkkOENj2R9sXZamukxL3UTiavmamsS-CeMYpbfoAvzN9BoQ060snnpSvdsYCYO5ppzfaBmWKAD9OvTpMS_rgxOgGCRYc4Mz0Wj7dkBW0ssvozDkT4X3MKQ2NJaaZH_SLqtiGA5VVcVdSMOZ0pFCo HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_push=ATf1kGP4qNLzkkOENj2R9sXZamukxL3UTiavmamsS-CeMYpbfoAvzN9BoQ060snnpSvdsYCYO5ppzfaBmWKAD9OvTpMS_rgxOgGCRYc4Mz0Wj7dkBW0ssvozDkT4X3MKQ2NJaaZH_SLqtiGA5VVcVdSMOZ0pFCo&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_hm=ZG3OfXHlTPC-uw_zy1ayxQAAFAsAAAAB&google_nid=index&google_push=ATf1kGP4qNLzkkOENj2R9sXZamukxL3UTiavmamsS-CeMYpbfoAvzN9BoQ060snnpSvdsYCYO5ppzfaBmWKAD9OvTpMS_rgxOgGCRYc4Mz0Wj7dkBW0ssvozDkT4X3MKQ2NJaaZH_SLqtiGA5VVcVdSMOZ0pFCo

Request Chain 139

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIsVBjvvgqhfwreZQ23KoIk&google_cver=1&google_push=ATf1kGOHWeLouTDTlUAIN8I8xfdzQwFZP0a4G1lcezJjI3yFEZ17ofamqryhgtVTq5aApRxpYjrpw6gGeBnpXjLBu_zSUes5HSBbOp1h2s2yhaWXrhwaoC1oEqRjMd-4MXddLnYEbBo3uLgO_vrs3GprXEXbCQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOHWeLouTDTlUAIN8I8xfdzQwFZP0a4G1lcezJjI3yFEZ17ofamqryhgtVTq5aApRxpYjrpw6gGeBnpXjLBu_zSUes5HSBbOp1h2s2yhaWXrhwaoC1oEqRjMd-4MXddLnYEbBo3uLgO_vrs3GprXEXbCQ

Request Chain 173

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDXFcSFKekiZvsd9TfdNSLA&google_cver=1&google_push=ATf1kGN5ZwoTEtXizDfw9E4heARHa5PTyl_JkI4i_QQvIUF-bY861DwfeX2cwFBFn86h3-3Uktjh3V0SfFZzDQAAA2WvNb8WSijKdw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDXFcSFKekiZvsd9TfdNSLA&google_push=ATf1kGN5ZwoTEtXizDfw9E4heARHa5PTyl_JkI4i_QQvIUF-bY861DwfeX2cwFBFn86h3-3Uktjh3V0SfFZzDQAAA2WvNb8WSijKdw

Request Chain 176

https://d.agkn.com/pixel/2175/?google_gid=CAESEBx5eb8maKRNBPakWk86cG8&google_cver=1&google_push=ATf1kGOQu6gGSa-CrRxrOiZLlYVYPGVtRxXC2mMYVWOnWnvcqCCx9otedvP3AdTAaN8i7z-AtxGiTqWnrb2_wKriShpdFVimINKkCCY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGOQu6gGSa-CrRxrOiZLlYVYPGVtRxXC2mMYVWOnWnvcqCCx9otedvP3AdTAaN8i7z-AtxGiTqWnrb2_wKriShpdFVimINKkCCY&google_hm=Q0FFU0VCeDVlYjhtYUtSTkJQYWtXazg2Y0c4

Request Chain 177

https://d5p.de17a.com/cookies/google?google_gid=CAESEN6Gu_Eb-SpN3uIWcOKDQYg&google_cver=1&google_push=ATf1kGNqcHVRmKTKfk5pAHqUVCYGzj8BGBM0N7O3svP-t5qb0Wvj4UFUJX1htGTgbsKI0mhevBMIu8FIy3G3kHLhPHInT4bLH3aN80Q HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEN6Gu_Eb-SpN3uIWcOKDQYg&google_cver=1&google_push=ATf1kGNqcHVRmKTKfk5pAHqUVCYGzj8BGBM0N7O3svP-t5qb0Wvj4UFUJX1htGTgbsKI0mhevBMIu8FIy3G3kHLhPHInT4bLH3aN80Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNqcHVRmKTKfk5pAHqUVCYGzj8BGBM0N7O3svP-t5qb0Wvj4UFUJX1htGTgbsKI0mhevBMIu8FIy3G3kHLhPHInT4bLH3aN80Q

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 199

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPQ_dpLkq9OMR48-Zb9sWag&google_cver=1&google_push=ATf1kGOl-lFdWsflZn7D-kVC1nnteQ0JFyqEyQq5bDNMcDBtdNdrsqfiFuwgXrvOjuqRNMkPnY7iDTCqLLnnvJlHmlxErcIq4X4Qyavgm8FeZR0YcynrN0T_jmV4rAxBztljZ7meifcQlnrHKD8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOl-lFdWsflZn7D-kVC1nnteQ0JFyqEyQq5bDNMcDBtdNdrsqfiFuwgXrvOjuqRNMkPnY7iDTCqLLnnvJlHmlxErcIq4X4Qyavgm8FeZR0YcynrN0T_jmV4rAxBztljZ7meifcQlnrHKD8

Request Chain 200

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEFLZSb5q0FXtroFXC82KJw&google_cver=1&google_push=ATf1kGODymW3zWzR5_BmxwN-6pclerXRdi4KcjDMm8Dk_Iu5_7mPztDhK392eyC8XmnWjzOdASCJqWB9I4GVxXIs2Bo2YsD1btJZYeJ77ZwacE7dcOJbuTFhKpyl44_WMmR8xpkAwa_d2SyuVYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNjY2NzIxNjgyNjMzMzMzOQ%3D%3D&google_push=ATf1kGODymW3zWzR5_BmxwN-6pclerXRdi4KcjDMm8Dk_Iu5_7mPztDhK392eyC8XmnWjzOdASCJqWB9I4GVxXIs2Bo2YsD1btJZYeJ77ZwacE7dcOJbuTFhKpyl44_WMmR8xpkAwa_d2SyuVYY

Request Chain 201

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMw0ezUQKF1SEz8UnaK5LPM&google_cver=1&google_push=ATf1kGMl7NO3hiVXZ0nhdU0yPotJrGkL2Uauww5VKn91GYroPjg5iGpfR-4q9sohW-RAhM7X9Eat1XSeBB-eAhpiFwJldpzp4UpwPYXn4XyVXqJhJkiCObYRvMAC6TjwvKRBaoMnp82ee31TzGM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMl7NO3hiVXZ0nhdU0yPotJrGkL2Uauww5VKn91GYroPjg5iGpfR-4q9sohW-RAhM7X9Eat1XSeBB-eAhpiFwJldpzp4UpwPYXn4XyVXqJhJkiCObYRvMAC6TjwvKRBaoMnp82ee31TzGM&google_hm=eS1HbE4yTTFWRTJwR3dxRnZOT1VCZTFtUHFCTlRjYk4wan5B

Request Chain 202

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDIFSO7WKGt58CqTYQDjJpE&google_cver=1&google_push=ATf1kGOst_za0y_mMBSz5RH5d61sOUT2pBVLoetqrESKX15q2f54uzlTw5XDrecBsg4yD9I2Kl0YSJXzM0wBwHBweCk8goOPMzm8cCgeTHbJI2DSaKWp6zVqGdStmqQ6rjSGWOv2QHDdDv6oGKY HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDIFSO7WKGt58CqTYQDjJpE&google_cver=1&google_push=ATf1kGOst_za0y_mMBSz5RH5d61sOUT2pBVLoetqrESKX15q2f54uzlTw5XDrecBsg4yD9I2Kl0YSJXzM0wBwHBweCk8goOPMzm8cCgeTHbJI2DSaKWp6zVqGdStmqQ6rjSGWOv2QHDdDv6oGKY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ4MjczMDkxMjcwMzY4Njcy&google_push=ATf1kGOst_za0y_mMBSz5RH5d61sOUT2pBVLoetqrESKX15q2f54uzlTw5XDrecBsg4yD9I2Kl0YSJXzM0wBwHBweCk8goOPMzm8cCgeTHbJI2DSaKWp6zVqGdStmqQ6rjSGWOv2QHDdDv6oGKY

Request Chain 203

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJNev1hcoGED-5Fhfm5L7dE&google_cver=1&google_push=ATf1kGNJhamRWDHPXlAypsECglGlSUdNCTltnbwlqklVkZj83DS6OhNQ26B4rQS0xMvmsF-1X2bzKb7WvhWgSm6Y6MFOBIcM6KbUEdEceRkcc9Ca2wKntRE6FGfrFUPsnVyrR09xGJSQ6bmWCLk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxR0xUTzItMjctMlFBSQ==&google_push=ATf1kGNJhamRWDHPXlAypsECglGlSUdNCTltnbwlqklVkZj83DS6OhNQ26B4rQS0xMvmsF-1X2bzKb7WvhWgSm6Y6MFOBIcM6KbUEdEceRkcc9Ca2wKntRE6FGfrFUPsnVyrR09xGJSQ6bmWCLk

Request Chain 204

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_cver=1&google_push=ATf1kGNfDPabpnJZ7HmHH_PRloona_8ofwek8ZgNigjq8gS3u_PMsAqQ3DX5IwWanv7iWzFDn0uAyQ9Qjp-Kl_cyfNxJiOCN--ptvdMbNa_X8ADV7QiZIKd5bx-zzTPKDN_cwKLEtSltq7HqPw HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_hm=ZG3OfXHlTPC-uw_zy1ayxQAAFAsAAAAB&google_nid=index&google_push=ATf1kGNfDPabpnJZ7HmHH_PRloona_8ofwek8ZgNigjq8gS3u_PMsAqQ3DX5IwWanv7iWzFDn0uAyQ9Qjp-Kl_cyfNxJiOCN--ptvdMbNa_X8ADV7QiZIKd5bx-zzTPKDN_cwKLEtSltq7HqPw

Request Chain 205

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIsVBjvvgqhfwreZQ23KoIk&google_cver=1&google_push=ATf1kGN72Q_Ldj5tiZtvQI2gDDZUAyJf66wVGz6yw-Mo6mBOIyNheO_OXukbA8B366d8l45CEs-dzzrjn2gO0AQgcpseImgapYyLQ7zKkWZ4aWjugH9twaTKQnBJeCbqHP03UVnB1Gy0AIxncs0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN72Q_Ldj5tiZtvQI2gDDZUAyJf66wVGz6yw-Mo6mBOIyNheO_OXukbA8B366d8l45CEs-dzzrjn2gO0AQgcpseImgapYyLQ7zKkWZ4aWjugH9twaTKQnBJeCbqHP03UVnB1Gy0AIxncs0

212 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
goo.by/
Redirect Chain

https://goo.by/8Jio1
https://goo.by/

25 KB
8 KB

93ms
92ms

Document
text/html

2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58446cbabd044c73d3acf500f55f95be558c0675d8ddb298a70fc077c165b5cb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7cc4421b5ec130c9-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 May 2023 08:44:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgdQJDosawSLyTsq5WmbKRotT3xWhMJVnAM8xIGAja20NMVWSbqjJNbBXGcWQYQZti11LqslWAnkWUKjfz%2BDLt749MYDpBmsBfRpD0M%2B9kF9twSoqx64yuNwqOEPx1df2K3lVoI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7cc4421abdfd30c9-FRA
content-type: text/html; charset=UTF-8
date: Wed, 24 May 2023 08:44:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2aOfd%2FEb1LoBcWiuvoaAAq5qATytJvrh%2FVQFX6Di9eg04CmIfnLZJDgL23qzoiMsP8zwecNvU%2B6B%2F4lKLPtWKrzVlga0Kz4LSkw%2BS3pc%2Bs%2BznRczoeF6aAMvJt4LaCV9G26uuQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 bootstrap.min.css
goo.by/static/css/ 89 KB
16 KB 128ms
127ms Stylesheet
text/css 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/css/bootstrap.min.css
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1912ec9329c898b56073a8120eb94e72e0bb858b390443cbc65d18a494572215

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 05:41:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9288101
etag: W/"626b7a86-1631a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyTc0fZgfTFkh3mVZ4ihjPJ07kn6aXCyjfIUGKuOZArC%2BZmMOT2V1pPo0wbBGmwSJBzfQ9%2FAoVfP3IQA4go6AlHo%2BzYms%2FqjJZzhUZUNf1Dy81NdcKekJEPjtotFj5LjIcg6e6c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7cc4421becb5bbbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.css
goo.by/themes/spartan/ 69 KB
13 KB 48ms
46ms Stylesheet
text/css 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/themes/spartan/style.css
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c44313430f757e3a44c796394ad431ad413d363d4467dfbc6cf1867e560969c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9288101
cf-polished: origSize=84847
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 29 Apr 2022 05:41:48 GMT
server: cloudflare
etag: W/"626b7a9c-14b6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pnKj2CDlwxu%2FB4l58uUw4Glz7YC4TY30%2BvOZdXu%2BSP1%2F7QFsc9xOLblbXL%2F6Q2NqAr8Q1Buo1sq%2BdD9rpUnxpRQKwqJbsaSy02bl0teEgtMZEZBt%2B%2Fjq%2BrtW44kAb%2FHhbVSHho%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7cc4421becbebbbb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 components.min.css
goo.by/static/css/ 19 KB
3 KB 89ms
87ms Stylesheet
text/css 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/css/components.min.css
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 195ffe64f7501043f3700fdf9fbf2012d0b66fa26dcad328db4d5e8430fb520b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 05:41:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9288101
etag: W/"626b7a87-4b61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeysf8EG4T1i0xiPA5fEmnhYyyXC5iDNQhud7Lco40S7VlBWvy33KPNmJkhW8aE7WMwbumK3CYSnegjpixH0v7gTWtBkSBMx40%2FnemKDL7n%2Ffi4PCIuS9C6zlgQTBzWfaU9Tm9c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7cc4421becbfbbbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-all.min.css
goo.by/static/css/ 56 KB
13 KB 86ms
84ms Stylesheet
text/css 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/css/fa-all.min.css
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 05:41:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1945063
etag: W/"626b7a86-df5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyqPzTq4oPA7%2BvhJg3Obiz8XqnUgMDmWgilDzc%2BptBCl8DCPW94Z5nHti59PGOC8XoYGz577IzEgUh96DKD8vQ%2FCNTZ%2BwTuB23H%2BUSUX8zF5V3ahd9RtBt4zKiGkb6z%2FEYP6H8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7cc4421becc1bbbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.min.js Show response
goo.by/static/js/ 82 KB
30 KB 126ms
125ms Script
application/javascript 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/js/jquery.min.js
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 05:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9288101
etag: W/"626b7a93-14696"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwZzUYQ819NVJrEI8E58I8vOY2w%2BfmSQ%2B0EtNrK9z6A%2BMPmq%2B6nq2eZfAeyfvfjNtsqrYMcKXIQ4%2F4tKxT5ROz2Xs2VWlTrnlOvVDkgnurGPMoazgOVYAs5EL%2B5HqxGhY8xIoSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7cc4421becc2bbbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bootstrap.min.js Show response
goo.by/static/ 3 KB
2 KB 167ms
165ms Script
application/javascript 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/bootstrap.min.js
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c785dee6ed2b248070e51f80868e1b938665681c17188c4e579c9c509ae05d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 05:39:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1945063
etag: W/"626b7a28-d5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoUYBUmt8RYck6dHAcemHRNtlLX9%2BDBkmVjR8jPRcW7Y2OHUK3r67OAWQj7VnrNtIWo5jyJDsPO7bWehDQh6QPShvXd6BVYXz5a%2Bqof%2FvmMdWxoQ4wwiEY3wRQtEEexYIMiBNLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7cc4421becc4bbbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 application.fn.js Show response
goo.by/static/ 3 KB
2 KB 167ms
165ms Script
application/javascript 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/application.fn.js
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 877de2ffab95719d6ff1f1048fa912e70ee31879a2a31f868eb5b1770252d8fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9288101
cf-polished: origSize=4361
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 29 Apr 2022 05:39:52 GMT
server: cloudflare
etag: W/"626b7a28-1109"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRSJqPK7%2BbL1%2FKizQ1WyH0Ifuf9GcNDbnt9TeicSZn3kzVxZTd%2F%2B83A3H8C8dOtMT1bZvk2%2FoWHkftVwZb5%2B7C01ov8EVHmdYiHMEpgAQVLkWHqo6tht8BYhdbcyF3lq%2BsKYMNE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7cc4421becc6bbbb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 datepicker.min.js Show response
cdnjs.cloudflare.com/ajax/libs/datepicker/0.6.4/ 17 KB
5 KB 134ms
49ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/datepicker/0.6.4/datepicker.min.js?v=0.6.4

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43df0eac8cd04fe4184d857d79cb2b72f9c636dfbc7d3bc6555ce0aacf2f2c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1694645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5100
last-modified: Mon, 04 May 2020 16:09:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e33-4449"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8FiOubG3hAxToUZobsjb2KRUzOuglI2tAZZfE9s5iTv7Ehiw0Mgk3DS6c3ygaHOJejU8nmnuFDp08LShfjnfmAVRLy%2BTvCCUpwAtSAQqSzP5OHhwn%2Faf8SdYV3tCMs2Ojge%2BVa%2Bd5ZvgGnwbT2tYQxM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cc4421c7dea9028-FRA
expires: Mon, 13 May 2024 08:44:42 GMT

GET
H2 200 datepicker.min.css
cdnjs.cloudflare.com/ajax/libs/datepicker/0.6.4/ 3 KB
1 KB 140ms
54ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/datepicker/0.6.4/datepicker.min.css?v=0.6.4

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68decb9b04351770373306a7d4eef2a677b9f2541d790a42fc6f72e8cdcc7bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1948706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 720
last-modified: Mon, 04 May 2020 16:09:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e33-d76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZrQ02ZVoRcWTvEu%2FwfcMX3NzEMoNpqj3XArECoEMVGPLN37VtpGd4TRE7PKvhzJINiiPRdkK33asBekEG8t4LZUxPFcX0qmJTUJG6Hf3t7eG%2B4lyWGLZU6gN%2BIxn34zaj8jqbF8d2haclJq0Rg6nFio"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cc4421c7de89028-FRA
expires: Mon, 13 May 2024 08:44:42 GMT

GET
H2 200 chosen.jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/ 26 KB
6 KB 138ms
52ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 131282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5483
last-modified: Mon, 04 May 2020 16:09:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e23-6956"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=621OYNaUMM99r06Dj%2BHC%2BsDnRZoMg3n%2FMHrqHDqJ6dp2z8mrgSEqAJ8yniJNnBr%2B7lcdNZPpWd1WywrH4lLUfa6dK2z8EieEBjVkIEEdbLx6ZbFw2XWAFkWchrxzDqci5pzkTwotZL6ONfWDlAxMiwV9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cc4421c7dec9028-FRA
expires: Mon, 13 May 2024 08:44:42 GMT

GET
H2 200 icheck.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/ 4 KB
2 KB 132ms
47ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 401283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1911
last-modified: Mon, 04 May 2020 16:11:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9e-11a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0%2FYoMwUJGRX%2FTw6HHi1RYAC1NctwYM0Hifg4MjA74Kx7sklbvmt94ZFrOCOzcrR3QxjwVyD8313FXJUIqQeTrDsEsQSY8uwfFTCNkxYPzkdEMKRYx3PL%2BS330708bnUHrPHit1ZiA2dh1%2B83gxlfRbS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cc4421c7dee9028-FRA
expires: Mon, 13 May 2024 08:44:42 GMT

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/ 10 KB
3 KB 137ms
52ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/clipboard.min.js?v=1.5.15

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1139274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2906
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-2824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3xVlE0D9XOYxclxcVM8mItKTUppkNSk37qSMS55q8%2ByfLCG680LjEOJIA%2BW6CWLWi6ywYK1DwtyFgD2NBkD9m1daRyDCygtOwAJzm%2FohvJGWGULMxQ44I%2BT22JtegQda06pXnkXadrvv%2BVK8qF7097n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cc4421c7def9028-FRA
expires: Mon, 13 May 2024 08:44:42 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 131ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1948758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQgqO%2Bnw%2BsOHSNnWGR8dv%2FZJK58oxa%2FTuG4U%2BxMtHXq6uXxSphv2DNDOAaowP3zy3LuiKsARzwWjRpaEJzUanNCj02p3XAFViKgm5vAbvtEAUD8GP8%2FVBW%2B3fikURhzHSYWOtQlU24Oat%2Bryl3L%2BnrP9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cc4421c7df09028-FRA
expires: Mon, 13 May 2024 08:44:42 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 133ms
48ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1946704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 948
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmj62lxlcc6HSwIxuJpJdhG4jC9PgDIUnsyO80yvJNgQkDvgxrfnIB8i3iSUiMjgfPb538zpM0%2Fy0fvnwrHiNjyAbtUlcFf0ByJUvqKjn%2BYLWFjHr3fdirO53zoNnU5pCqNzq3eTNBp3Riy50UZQJ4Nc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cc4421c7de99028-FRA
expires: Mon, 13 May 2024 08:44:42 GMT

GET
H2 200 jquery.autocomplete.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/ 13 KB
4 KB 135ms
50ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/jquery.autocomplete.min.js?v=1.1.5

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 29436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3860
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-331b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yE5oDKNAi95AUwA6fbHn%2FA7cuDaLxTRRm28rR%2FvAhC5iORuUQIRqzt4ZVtVFnsc3Of6C4NTVyRn4uTbSXCd9aG1nu4%2BcmsegA2v2p746PBSEEP5Ir7pkqNlTeknLK2l4PaXVKt4PDc4iebbXI0TQpiCm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cc4421c7df19028-FRA
expires: Mon, 13 May 2024 08:44:42 GMT

GET
H2 200 pace.js Show response
cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/ 25 KB
5 KB 167ms
82ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 645531
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5158
last-modified: Mon, 04 May 2020 16:13:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f40-621b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7DMfzSGdRN18iqIxQobVLROrWyab%2B2ZOUptJ51bQJ8bdqyCu7ClIYf2ek5VBJpre6TJJ8u7N4AaUrzgJzyW%2FNrB%2F%2BK8%2BC3tn9FluWMckfcfcbdstgaRGD%2Bolp4lDyfoyRuwGHFbzST%2FYaZPA%2Bc8WxU0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cc4421cbe0f9028-FRA
expires: Mon, 13 May 2024 08:44:42 GMT

GET
H3 200 application.js Show response
goo.by/static/ 15 KB
5 KB 86ms
85ms Script
application/javascript 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/application.js
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 171ca22825d9d3284a7e20e85120854bc2bf6fb15b821ce6bed382f14ff51c29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1945063
cf-polished: origSize=19442
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 29 Apr 2022 05:39:51 GMT
server: cloudflare
etag: W/"626b7a27-4bf2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvMj0u36TTC6KdXnkh9RIUfgcftgBKbqnPIllG%2BgdXlABjbS4jPlUhe%2FAUTVln7OQnVNyIGguxsKSDmrxnA2CoqlhzWQoaF7FI3rj9DhEbeBUloXYUU%2FehvK7fj5A3N5WfQGjes%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7cc4421becc7bbbb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 server.js Show response
goo.by/static/ 8 KB
3 KB 168ms
167ms Script
application/javascript 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/server.js
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7c3e55eaa9ecaa4ca4a2ebffc199b1d3b5c4c568e832a107811ca61db66bcbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8090078
cf-polished: origSize=12112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 29 Apr 2022 05:39:52 GMT
server: cloudflare
etag: W/"626b7a28-2f50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUJAV7BosVcylDNcmJQwrJM0ln3qO0bMrp8W%2B9RnLoDSx93iufGQF7oZfMwD%2FCdePubqzjPZod2yz2i09ONPZHVGbX0u9C2s0pqK9ek%2FNQ%2F7L1QulGW6OCuUvAwlw3ZJ8Fe30jA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7cc4421becc8bbbb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 224ms
130ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ea674dcb540d02737561e4b79664ae44128ce757a2c919eca6fded2e85ce390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47448
x-xss-protection: 0
server: cafe
etag: 7339253131324403886
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 May 2023 08:44:42 GMT

GET
H3 200 auto_site_logo.png
goo.by/content/ 3 KB
4 KB 50ms
50ms Image
image/png 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goo.by/content/auto_site_logo.png
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6461e3d621bb44222b85c04e787c3a1bc2c296316d77bc175e682c177557fa76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8090078
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3400
last-modified: Sun, 08 May 2022 12:53:50 GMT
server: cloudflare
etag: "6277bd5e-d48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcnOR0HAh6DD9f7tWg7oagxqeIDLVOnbJE8hiiEgt6c2nrQIiL4jgw%2BfvvMnvL5qG58Loi7%2B5C4mLLd1cwHgYq30MIMOa7Euypp6Arp7WpqZpKDCHv1f%2FEDt0BG71Hu8PC70GJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cc4421d3e41bbbb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
907 B 141ms
53ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&render=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5590c34e6c1e3de21931ccd8182869af373dac2b7e666fc9aa2bde573555b0f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 1; mode=block
expires: Wed, 24 May 2023 08:44:42 GMT

GET
H3 200 landing.png
goo.by/themes/cleanex/assets/images/ 17 KB
17 KB 47ms
46ms Image
image/png 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goo.by/themes/cleanex/assets/images/landing.png
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e337c98d5ed7ed7e852c87ee65bf108bd1cf6377d585c9f7b595a9e54ad41fa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8090078
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17186
last-modified: Fri, 29 Apr 2022 05:44:07 GMT
server: cloudflare
etag: "626b7b27-4322"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNQlZsnE87114G5btnDphbg9YmIYODSBbLANU6ljKpmmXrZ6icG3J%2FPhYlm1XfkCXe12cGB4XOganuY1Kjz1MpXvQo%2Fr22PiGRmPyX2fh8HaSafYFvsSrIMym34s7tr9sw2Krtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cc4421d3e45bbbb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 profiles.png
goo.by/static/img/ 62 KB
63 KB 88ms
87ms Image
image/png 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goo.by/static/img/profiles.png
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d69ba2a3cb603ff3aba5f081ad98b683d0b0788524d62f5b4df4f240658b4c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 396615
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63985
last-modified: Fri, 29 Apr 2022 05:41:34 GMT
server: cloudflare
etag: "626b7a8e-f9f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NggBw33hhLJwPWv%2BHsFTILSL4fXktK%2BHH%2BydVfJdWpYsuyMlLN89AW3lqFj9hxpHAlpOmEOvv65ABMZXTMtpdRmCZc9RsiJODSKtLktdFSWqOupF4AFYKhQi%2Bdg6L5DkOsmzSk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cc4421d3e49bbbb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 main.js Show response
goo.by/themes/spartan/assets/js/ 794 B
723 B 45ms
45ms Script
application/javascript 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/themes/spartan/assets/js/main.js
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08ec63812b5c543fbc24b98cf05328d849347f0dc0b2cbdf9bc463435b5ad1f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8090078
cf-polished: origSize=869
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 29 Apr 2022 05:44:04 GMT
server: cloudflare
etag: W/"626b7b24-365"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJkzARcvNyUznaKTIWdT%2FicLvZO%2FwIYaGQmjJ2Ktrpz2hL6yKFasQm18k6p2AWZdmPzJ%2BGaQXUH6NG6kDbhQzpdiKwyOxFqH%2Fcq9LQKpmkKWO8ZwEupN0jiE8QpH7VnMqaAOVm8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7cc4421d2e30bbbb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 server.js Show response
goo.by/static/ 8 KB
3 KB 87ms
86ms Script
application/javascript 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/server.js?v=1.0
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7c3e55eaa9ecaa4ca4a2ebffc199b1d3b5c4c568e832a107811ca61db66bcbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8090078
cf-polished: origSize=12112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 29 Apr 2022 05:39:52 GMT
server: cloudflare
etag: W/"626b7a28-2f50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aF712b0J%2Fl2zwL4F7pP7xJejRWbvY3nJb0Cr2SR%2BypThc0rP8Xg%2FGmUCRuAZPp8WLHBDoq8eFG%2FgoAHfeFIXi36EfyGXRNBdHirH7rT7%2BVUsL6LXL%2B6do2puKCpRmMvjTSXnER4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7cc4421d3e3abbbb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 glyphicons-halflings-regular.woff
goo.by/static/fonts/ 23 KB
23 KB 46ms
45ms Font
font/woff 2606:4700:3030::6815:56e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/fonts/glyphicons-halflings-regular.woff
Requested by: Host: goo.by
URL: https://goo.by/static/css/bootstrap.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:56e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

Referer: https://goo.by/static/css/bootstrap.min.css
Origin: https://goo.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5865384
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23320
last-modified: Fri, 29 Apr 2022 05:41:25 GMT
server: cloudflare
etag: "626b7a85-5b18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RunH%2BSSBFHbNiK%2BAcGpV8qj4DmoN7RwOJfrzSw6SV8e5xLvzL%2B6VhOD2jyCfi2FJJMx5qQuuHeIeI%2B6sROZ1pZ%2FTUxHAGpTMD%2FeZNo2xcXL2TRLVIETe5ri78SoYxAmvLiaL%2FGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7cc4421d3e54bbbb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ 408 KB
163 KB 133ms
39ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Origin: https://goo.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166637
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 May 2024 08:35:01 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 164 KB
58 KB 348ms
156ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b28bb6c60fd6185bfa7e62f9fc502cec6d9d60e5b48443268ca73cbcc9065adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 22 May 2023 09:07:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "646b06a9-e5cc"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58828
expires: Wed, 24 May 2023 09:44:42 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ 354 KB
120 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9ad0243bfcfea8ef5de93bd04cf7d0fa885f5a4cad496b869bf3c2d852410c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122569
x-xss-protection: 0
server: cafe
etag: 2352519650360396235
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 24 May 2023 08:44:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/ Frame 525A 10 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 18:18:46 GMT
etag: 15057649708203361565
expires: Tue, 06 Jun 2023 18:18:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame ABA0 51 KB
29 KB 65ms
65ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=z6trh858i66n

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b6a164eff6f0efb5c929028b6430e4019769f33101ba5956ffc8b2212c1d9b1a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PC8vf31741f_YhMAUvlnTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28967
content-security-policy: script-src 'report-sample' 'nonce-PC8vf31741f_YhMAUvlnTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame ABA0 55 KB
24 KB 121ms
40ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=z6trh858i66n

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 07:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 May 2024 07:05:52 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/ Frame ABA0 408 KB
163 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166637
x-xss-protection: 0
last-modified: Mon, 15 May 2023 04:00:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 May 2024 08:35:01 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10013.H_BOfOKJWVQFkCQ1UlxZ1JHcZZpJPUqwLvBqHkBAEjTRvMrXV2m6rpCd137O7ltu.CXJJ3sTBTxLbzfAacFCMqGBBsRY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10013.NZoIy9imFCTlL2YUqTi6g8HdhkUPkYK89tsqjWWxyi9MZ8nWPHgxf3WbmQU3Cn2CebSkC8PL54Nm8pdQD7MZxgljFV2FreJXPJIrCTTAw60%2C.5QYms5BW1v_SMvfUWr-VMMTUpjY%2C

43 B
67 B

82ms
82ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10013.NZoIy9imFCTlL2YUqTi6g8HdhkUPkYK89tsqjWWxyi9MZ8nWPHgxf3WbmQU3Cn2CebSkC8PL54Nm8pdQD7MZxgljFV2FreJXPJIrCTTAw60%2C.5QYms5BW1v_SMvfUWr-VMMTUpjY%2C

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:43 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10013.NZoIy9imFCTlL2YUqTi6g8HdhkUPkYK89tsqjWWxyi9MZ8nWPHgxf3WbmQU3Cn2CebSkC8PL54Nm8pdQD7MZxgljFV2FreJXPJIrCTTAw60%2C.5QYms5BW1v_SMvfUWr-VMMTUpjY%2C
date: Wed, 24 May 2023 08:44:43 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

sync_cookie_image_decide
mc.yandex.by/
Redirect Chain

https://mc.yandex.by/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=10013.MJjGBPVCkPbgzxbsKEJ8ew5DEBxB_OZ13n4iyfdWbLkjQ-kvH1I6mldgnQ0swBCd.LEfMKXNXHDLumaSdBOPx3dBBsIQ%2C
https://mc.yandex.by/sync_cookie_image_decide?token=10013.k1VAILhFUY2eq8eP-HbKtrg6WCCtBet-ZGf7Vr-1eMyGusrro_S2rXldfrMx72cF4dELdyOXWNsHq1hVyH-oZ4_vgdUjIBeo24HJdt1S6Cw%2C.Qw2VqL2z5booM3L-IcKdilTdxtw%2C

43 B
67 B

78ms
78ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.by/sync_cookie_image_decide?token=10013.k1VAILhFUY2eq8eP-HbKtrg6WCCtBet-ZGf7Vr-1eMyGusrro_S2rXldfrMx72cF4dELdyOXWNsHq1hVyH-oZ4_vgdUjIBeo24HJdt1S6Cw%2C.Qw2VqL2z5booM3L-IcKdilTdxtw%2C

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:43 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.by/sync_cookie_image_decide?token=10013.k1VAILhFUY2eq8eP-HbKtrg6WCCtBet-ZGf7Vr-1eMyGusrro_S2rXldfrMx72cF4dELdyOXWNsHq1hVyH-oZ4_vgdUjIBeo24HJdt1S6Cw%2C.Qw2VqL2z5booM3L-IcKdilTdxtw%2C
date: Wed, 24 May 2023 08:44:43 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
138 B 78ms
78ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:43 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 22 May 2023 09:07:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "646b06a9-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 24 May 2023 09:44:43 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 379 B
602 B 138ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=goo.by&callback=_gfp_s_&client=ca-pub-8917830189100721

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=goo.by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cba61c9b9fa4ee66a556ae225d15d718abdb0986bff5648354d7b43f627f1b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
532 B 191ms
75ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=goo.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 141ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=goo.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=cc-window%20cc-floating%20cc-type-info%20cc-theme-classic%20cc-bottom%20cc-right%20cc-color-override-1971232268%20&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F825 503 KB
82 KB 1524ms
1524ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&adk=293675617&adf=814277786&lmt=1684917883&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgoo.by%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917882705&bpp=6&bdt=493&idt=308&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1465404818372&frm=20&pv=2&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=328

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbce5e3e69c8bd44de26117e5566a6d3bef2cd527035b883c8f5be718b646b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 84395
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:44 GMT
expires: Wed, 24 May 2023 08:44:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C163 102 KB
35 KB 1292ms
1292ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1684917883&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917882711&bpp=3&bdt=499&idt=325&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pFgTloxszh&p=https%3A//goo.by&dtd=327

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31b6ba1c194ab6d92c1f1ab40cc3c7eb313a8448d3354fe99983141229ade1da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36186
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:44 GMT
expires: Wed, 24 May 2023 08:44:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame ABA0 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 14:33:37 GMT
x-content-type-options: nosniff
age: 65466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 30 May 2023 14:33:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ABA0 15 KB
16 KB 127ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 19:55:37 GMT
x-content-type-options: nosniff
age: 46146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 19:55:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ABA0 15 KB
15 KB 137ms
49ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 22:41:31 GMT
x-content-type-options: nosniff
age: 295392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 22:41:31 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame ABA0 102 B
134 B 49ms
49ms Other
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3eefcd5ba2f128fa9468549daefb569acd63b7cb080f2105496fee6298c258e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=z6trh858i66n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 24 May 2023 08:44:43 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame ABA0 33 KB
19 KB 83ms
82ms XHR
application/json 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6bb247a5d19a7fd82b06e82e0cf3723903ce13c32aaddaca14ab30cc7c2e6b2d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=z6trh858i66n
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 24 May 2023 08:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19252
x-xss-protection: 1; mode=block
expires: Wed, 24 May 2023 08:44:43 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/45619767/
Redirect Chain

https://mc.yandex.com/watch/45619767?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A23kgit37m13tapt71047vz3%3Afp%3A530%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
https://mc.yandex.com/watch/45619767/1?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A23kgit37m13tapt71047vz3%3Afp%3A530%3Afu%3A0%3Aen%3Autf-8%3Ala...

435 B
570 B

82ms
82ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/45619767/1?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A23kgit37m13tapt71047vz3%3Afp%3A530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1042%3Acn%3A1%3Adp%3A0%3Als%3A509416283427%3Ahid%3A342687793%3Az%3A0%3Ai%3A20230524084443%3Aet%3A1684917883%3Ac%3A1%3Arn%3A869118702%3Arqn%3A1%3Au%3A1684917883905486824%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C92%2C2%2C212%2C%2C1%2C340%2C18%2C%2C%2C%2C647%3Aco%3A0%3Acpf%3A1%3Ans%3A1684917881905%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684917883%3At%3AGoo.gl%20URL%20Shortener.%20Shorten%20URL%20Free%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4f13624ce0e1f8e5e1d4b8fe574cbbf24762f94bdbf86732a955b144a5c597a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 24-May-2023 08:44:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://goo.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Wed, 24-May-2023 08:44:43 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:43 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 24-May-2023 08:44:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/45619767/1?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A23kgit37m13tapt71047vz3%3Afp%3A530%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1042%3Acn%3A1%3Adp%3A0%3Als%3A509416283427%3Ahid%3A342687793%3Az%3A0%3Ai%3A20230524084443%3Aet%3A1684917883%3Ac%3A1%3Arn%3A869118702%3Arqn%3A1%3Au%3A1684917883905486824%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C92%2C2%2C212%2C%2C1%2C340%2C18%2C%2C%2C%2C647%3Aco%3A0%3Acpf%3A1%3Ans%3A1684917881905%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1684917883%3At%3AGoo.gl%20URL%20Shortener.%20Shorten%20URL%20Free%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://goo.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 24-May-2023 08:44:43 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10013.fh8Z2E7y62doc8isAyTDhZlSZbWxKVYuzZl1usBSYaOIN7D8icfVDt236WXiX-Pg.JJgYFpqqiU7B_8nL1lsl5SOUnuc%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10013.hHO9_BtSHKWwJfXuHBumio1alBIiDoFiQn-tqCJwkoObSYPdpn3aQ8O2OfVdpubVlEAl71pvbBAxiW2Q2imzJDmQKH6jEm_JVuMjWofIDhY%2C.pLK5HdAQtAlidEk9I...

43 B
79 B

80ms
79ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10013.hHO9_BtSHKWwJfXuHBumio1alBIiDoFiQn-tqCJwkoObSYPdpn3aQ8O2OfVdpubVlEAl71pvbBAxiW2Q2imzJDmQKH6jEm_JVuMjWofIDhY%2C.pLK5HdAQtAlidEk9IjNJGsPuXT0%2C

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:43 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10013.hHO9_BtSHKWwJfXuHBumio1alBIiDoFiQn-tqCJwkoObSYPdpn3aQ8O2OfVdpubVlEAl71pvbBAxiW2Q2imzJDmQKH6jEm_JVuMjWofIDhY%2C.pLK5HdAQtAlidEk9IjNJGsPuXT0%2C
date: Wed, 24 May 2023 08:44:43 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.by/
Redirect Chain

https://mc.yandex.by/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.by&token=10013.MVZQzGJKDNMdDS8JJtzNck1tMjBGI1C4mbhTOzEJruiSh-9IZUN4LwwuI9d6OuMK.qopBXhqS--z_qS5MIt3DKEbVNxo%2C
https://mc.yandex.by/sync_cookie_image_decide_secondary?token=10013.ZXilH51ghfcOrVfKodSCOeQuSvBsOqi2KOk76icghuEAxw--9Bivg9RbC7tAvSO0sdOHRKUEgKzla3wnd41iDw%2C%2C.DTL0Q8TAxWUgB8EH3E9RtTNmq6o%2C

43 B
67 B

82ms
82ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.by/sync_cookie_image_decide_secondary?token=10013.ZXilH51ghfcOrVfKodSCOeQuSvBsOqi2KOk76icghuEAxw--9Bivg9RbC7tAvSO0sdOHRKUEgKzla3wnd41iDw%2C%2C.DTL0Q8TAxWUgB8EH3E9RtTNmq6o%2C

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:43 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.by/sync_cookie_image_decide_secondary?token=10013.ZXilH51ghfcOrVfKodSCOeQuSvBsOqi2KOk76icghuEAxw--9Bivg9RbC7tAvSO0sdOHRKUEgKzla3wnd41iDw%2C%2C.DTL0Q8TAxWUgB8EH3E9RtTNmq6o%2C
date: Wed, 24 May 2023 08:44:43 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 ef33bde3b6f53b5d50fc677805f1b9fa.js Show response
www.gstatic.com/mysidia/ Frame C163 8 KB
4 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1684917883&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917882711&bpp=3&bdt=499&idt=325&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pFgTloxszh&p=https%3A//goo.by&dtd=327

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Fri, 19 May 2023 05:26:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 20:24:23 GMT

GET
H3 200 ee89b602e2534f412f73bbda73fe42b2.js Show response
www.gstatic.com/mysidia/ Frame C163 9 KB
4 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee89b602e2534f412f73bbda73fe42b2.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4066
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 04:00:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C163 14 KB
2 KB 147ms
50ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 08:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 07:08:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 08:44:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame C163 2 KB
846 B 134ms
52ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:21:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame C163 22 KB
9 KB 146ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame C163 3 KB
1 KB 135ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 20:55:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame C163 19 KB
8 KB 151ms
45ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C163 171 KB
54 KB 183ms
78ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:44:44 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame C163 32 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C163 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJW9Ue85tZNnVBJOP9fgPsNqe-A-377nfcI3izbzeEKn3oaqTDhABIIva-xxglYKAgJAHoAHmnvmFA8gBAakC4y5wFXMTsj6oAwHIA8sEqgTAAU_QB_pQjzvvoa9o-KQCX9JsZiV_bW2PKSWhiBKBVGKF1WDfrQi2YH-3hR8oZiQmJzoTEwvfOyJqAHDD3ZY6iBdjETHSv2C_e1px4m4G2paag5_jpmK66Sg_yLK1nrPj9-SbYL6QQF-Dlj2BGpPfDAt3ueJqwivMH8H2Goqvs8ue16f15W58_kHfwlTDkLn7aFVt5f8vTQQk9OOpwmzvmw-4IbDPOAhbk46fTAZoqDKJJUw9gaJJDj1PUvONR854KMAE7ZP065oEkgUECAQYAZIFBAgFGASAB4LhhnqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDi7z7SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMNiBQC0BUBmBYBgBcBshccChoIABIUcHViLTg5MTc4MzAxODkxMDA3MjEYAA&sigh=9puQa19ZDKk&uach_m=[UACH]&cid=CAQSGwBygQiDUV6ljM_kFj0KgIuVhb1KhnJKdWEXKRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1684917883&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917882711&bpp=3&bdt=499&idt=325&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pFgTloxszh&p=https%3A//goo.by&dtd=327
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 May 2023 08:44:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 24 May 2023 08:44:44 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DDDA 143 B
166 B 52ms
51ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1684917883&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917882711&bpp=3&bdt=499&idt=325&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pFgTloxszh&p=https%3A//goo.by&dtd=327
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 07:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C163 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2dbe03f6b4950af448f33af9b9ca7a63d3a4cc98256a5c3daf1d31e456e85d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ 152 KB
51 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11e648ed41b2ced07832412e708bcffef74dab2eef5f431f0130677b1a07ee4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52644
x-xss-protection: 0
server: cafe
etag: 7684350734746529727
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 08:44:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DDDA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
50ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:44 GMT
expires: Wed, 24 May 2023 08:44:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
166 B 54ms
52ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=goo.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 49ms
48ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=goo.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 583F 98 KB
35 KB 1332ms
1332ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2456&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280&nras=3&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sz4QBin043&p=https%3A//goo.by&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

057bac175e585ef57f24d764c2e8637338cf0adac7e05dfddc20e90ba5e5f5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 35535
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81F5 82 KB
33 KB 1040ms
1039ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0mAUrimtn1&p=https%3A//goo.by&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d6cb69cd96f11fbbe757ce600e93c50cc204b09413e12e5c6faa187d6d9371d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 33478
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF29 31 KB
13 KB 870ms
869ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Nk4CHN0Ent&p=https%3A//goo.by&dtd=24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7332efc4dfb395ac04aadb2054c355cc07acecef7171cf6227274484a560e4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13598
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C163 33 KB
33 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 19:10:42 GMT
x-content-type-options: nosniff
age: 48842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 19:10:42 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/ Frame DF57 10 KB
4 KB 41ms
40ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 22:11:19 GMT
etag: 15057649708203361565
expires: Tue, 06 Jun 2023 22:11:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/ Frame 9BAD 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 22:11:19 GMT
etag: 15057649708203361565
expires: Tue, 06 Jun 2023 22:11:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/ Frame E841 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 22:11:19 GMT
etag: 15057649708203361565
expires: Tue, 06 Jun 2023 22:11:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/ Frame 8E50 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 22:11:19 GMT
etag: 15057649708203361565
expires: Tue, 06 Jun 2023 22:11:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EBE 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 18:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 18:25:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame DF57 4 KB
745 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 08:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 07:13:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 08:44:44 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DF57 205 B
229 B 39ms
39ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 23:20:15 GMT
x-content-type-options: nosniff
age: 33869
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 May 2024 23:20:15 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DF57 604 B
628 B 41ms
40ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 06:00:47 GMT
x-content-type-options: nosniff
age: 9837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 May 2024 06:00:47 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/ Frame DF57 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 00:00:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8271
x-xss-protection: 0
server: cafe
etag: 10419244916965318868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 00:00:55 GMT

GET
H3 200 ef33bde3b6f53b5d50fc677805f1b9fa.js Show response
www.gstatic.com/mysidia/ Frame 9BAD 8 KB
4 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Fri, 19 May 2023 05:26:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 20:24:23 GMT

GET
H3 200 ee89b602e2534f412f73bbda73fe42b2.js Show response
www.gstatic.com/mysidia/ Frame 9BAD 9 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee89b602e2534f412f73bbda73fe42b2.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4066
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 04:00:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9BAD 14 KB
1 KB 50ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 08:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 07:10:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 08:44:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 9BAD 2 KB
799 B 55ms
54ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:21:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 9BAD 22 KB
9 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 9BAD 3 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 20:55:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 9BAD 19 KB
8 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BAD 171 KB
53 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:44:44 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 9BAD 32 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame E841 22 KB
9 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H2 200 727348938943118805
tpc.googlesyndication.com/daca_images/simgad/ Frame E841 33 KB
34 KB 63ms
62ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/727348938943118805

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0403914918a9873dc530770c47edbeaac9749371ffa66e72ee5cfa3b1ea19cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 21:27:02 GMT
x-content-type-options: nosniff
age: 299862
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34123
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 14:42:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 21:27:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame E841 3 KB
1 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 20:55:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame E841 19 KB
8 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E841 171 KB
53 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:44:44 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame E841 32 KB
13 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 03:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13064
x-xss-protection: 0
server: cafe
etag: 484897097926465030
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 03:15:32 GMT

GET
H3 200 ef33bde3b6f53b5d50fc677805f1b9fa.js Show response
www.gstatic.com/mysidia/ Frame 8E50 8 KB
4 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Fri, 19 May 2023 05:26:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 20:24:23 GMT

GET
H3 200 ee89b602e2534f412f73bbda73fe42b2.js Show response
www.gstatic.com/mysidia/ Frame 8E50 9 KB
4 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee89b602e2534f412f73bbda73fe42b2.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4066
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 04:00:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8E50 14 KB
1 KB 49ms
48ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 08:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 07:10:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 08:44:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 8E50 2 KB
799 B 102ms
101ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:21:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 8E50 22 KB
9 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 8E50 3 KB
1 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 20:55:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 8E50 19 KB
8 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E50 171 KB
53 KB 128ms
127ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:44:44 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 8E50 32 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A232 14 KB
1 KB 49ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 08:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 07:10:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 08:44:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame A232 2 KB
765 B 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:21:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame A232 22 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame A232 3 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 20:55:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame A232 19 KB
8 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A232 171 KB
53 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:44:44 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame A232 32 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ADF6 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 07:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6654 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 07:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-buarr4gsctl2o-l74kjnbxy63hqiek-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame E0D8 247 B
867 B 156ms
48ms Document
text/html 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-buarr4gsctl2o-l74kjnbxy63hqiek-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

c6a6a5dc6833ce127ce3e49abc5aff4035df94ceddd84d12e38d82b57bb49dc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 201
content-security-policy-report-only: script-src 'nonce-paxJreZauFqjRfVPpzam2g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1B4B 143 B
166 B 40ms
40ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 07:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ADF6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
55ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:45 GMT
expires: Wed, 24 May 2023 08:44:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-gfdbssi5grp7a-7ay4ufxdacfypzvh-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 1146 247 B
868 B 155ms
48ms Document
text/html 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gfdbssi5grp7a-7ay4ufxdacfypzvh-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

7c4a6a5c5b52a952d961f72511c6e90754eb64508470f9cc5f39eedbdb195737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 202
content-security-policy-report-only: script-src 'nonce-XUaXaVx5VlfKxeU8-XJ5fg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6654
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
47ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:45 GMT
expires: Wed, 24 May 2023 08:44:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1B4B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
55ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:45 GMT
expires: Wed, 24 May 2023 08:44:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe.html Show response
p4-buarr4gsctl2o-l74kjnbxy63hqiek-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame E0D8 5 KB
2 KB 49ms
48ms Document
text/html 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-buarr4gsctl2o-l74kjnbxy63hqiek-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-buarr4gsctl2o-l74kjnbxy63hqiek-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-buarr4gsctl2o-l74kjnbxy63hqiek-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

4315f5da03e23c3a6a22eb8b0425a2af69a0a733d6271459de957752b7adfe54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-buarr4gsctl2o-l74kjnbxy63hqiek-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1986
content-security-policy-report-only: script-src 'nonce-JssTENLZbrTLNizeXvT-9Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E841 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 141de37d0899447ce87a9dcb97dc26aa5ea71ccfd190d40059b863260894b491

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame 805A 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 18:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 18:25:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E841 0
19 B 85ms
85ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQT9de85tZK68CNGOn88PvLGDmArsnZCecJnnh53LEa_jo9mTDhABIIva-xxglYKAgJAHoAGdsO6hA8gBAqkC4y5wFXMTsj6oAwHIA8kEqgTCAU_QJmhthNle7YWJA1mCQRMitMnGY9irJzqQbACg9e5n5-2DO2fhsShJmZYGzIkrOg2DSNv7Pmasrt2xfoeKqmREPQ-7WWCJA93Lmc-Srw9gsdQmNoW2yK82z4mwBNVPtmhKQt3a0afdROemjPUlTlSTagZ3zfmlDU4nV3LpVUVku5riYLL4lejqxRCnvaxYVPT8J4nj_zvN-ONHaqvV3ADCQD3CIeQvBEKoXdSzwvbuuLdOOVjWy90WRvoci4MHR6N_wATnzc6EngSSBQQIBBgBkgUECAUYBKAGAoAH9bSbXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMfnF9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODkxNzgzMDE4OTEwMDcyMRgA&sigh=zz2SubteAW0&uach_m=[UACH]&cid=CAQSGwBygQiDCzsLnVuZ4cg7QkA0bejO9Xx_D24rihgB&vis=1

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 May 2023 08:44:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 iframe.html Show response
p4-gfdbssi5grp7a-7ay4ufxdacfypzvh-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 1146 5 KB
2 KB 49ms
48ms Document
text/html 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gfdbssi5grp7a-7ay4ufxdacfypzvh-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-gfdbssi5grp7a-7ay4ufxdacfypzvh-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-gfdbssi5grp7a-7ay4ufxdacfypzvh-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

ad01db3d9c6d82ce2cb45fdac86cbb0d395e71e98f80147531f78943c95dcd7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-gfdbssi5grp7a-7ay4ufxdacfypzvh-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1986
content-security-policy-report-only: script-src 'nonce-yQWH2DL_sV_hYFzt-ESQFg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame 48F0 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 18:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 18:25:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame BF29 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Nk4CHN0Ent&p=https%3A//goo.by&dtd=24

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 20:55:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame BF29 19 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BF29 0
0 49ms
49ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0rA68l03Z_xKPK9___fmjiSge8qbZHzMYRjLbbNBCFd36uUYxbPKSoA2XXXGQ0e5FCJ50KdkAUsbOIyLyQDSjfImw8A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Nk4CHN0Ent&p=https%3A//goo.by&dtd=24
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF29 171 KB
53 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:44:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BF29 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGXVDfM5tZJHWMPnun88Pm-2U2A_JntKxXL3plfdwwI23ARABIABglYKAgJAHggEXY2EtcHViLTg5MTc4MzAxODkxMDA3MjHIAQmpAuMucBVzE7I-qAMBqgS0AU_QMqWaBkuMJj0V38ot_QdqYXA5hDaBREj5J3LI2oTWPYhwsCYg3XpyWDXw5BltCXHvBeIeRulkvXSJ5Tm8f5Uvw15cfv8OpljhNMIX5U04-OIuX0QdqqYuZ07nxjF-vcVvzys9lrVZvFlCIEe4GTLrcVEzavFJsLyn3IptUCGQpuutdKLXLZDBR_iXM64uMMcNTE9Qly3D6luklmNnDaScvjlEzSaeMiEBF6ZVLsHQnpp9EIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODkxNzgzMDE4OTEwMDcyMRgA&sigh=iQfrhfcP08s&uach_m=[UACH]&cid=CAQSPABygQiDoKpkTnQpZtgjkAA2apeRLGZS4fqlYMgbzTjwVDn7fpkHfilA2K_52DLImRdGtu5gwXxYcM94oBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Nk4CHN0Ent&p=https%3A//goo.by&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 May 2023 08:44:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame BF29 0
0 155ms
49ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RLAJmAKdg2ICAgAAAFnKREUmCNQjEHzObWQL30PcGZ3pLsPtAAASAAAKCkFRVUJEd0VCRHc&wp=ZG3OfAAMKxED5_d5AAU2m2-UgTFI5eLRPgp-LA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:44 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 194865
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 888B 139 KB
47 KB 217ms
124ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZG3OfAAMKxED5_d5AAU2m2-UgTFI5eLRPgp-LA&u=%7CG9pBjDUvafnJKMaqCHfR6mkDhYlUNa1sOM2Q4r48vXw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC863dcpp4WPN2RX0hwTGs7anyXQXhUgatak5OLskegNjrPKgiDwRHj9PDbmjwe_VvnsA28s_wMPaBI_mg6GDlO9bkFlJ691tPTj16CIfU5FEYxbO3R9A2UF7XmnoPybMsvvZd1a9wdi0Ey-L7VyURBzutIXBfXPrYN3vCCXftK85UCm9GJrkAKX6_KUEc1msluoCkld4EJIMvRr5GchpvwmlFLToWgL0lECyDyUmA9H3DCM_wgQfe03dkUlQTMc-ehPj0VUXhZ4El6VtsUFrHsABpl2_X7bTA-gG7GeMnm6Nv3kZz3C2ZlrH_JIuLY_-7sM-98-9MwdoXlpobKCILDNMAh2C2Tni90V6xjgaXioZlbjPRMsr25J4uW3Z9QDupvDCTdd6D-9i9DkvMjoyqq042i5Fv1eUqkvfdKaweucEISIDZdX4_cMB1ikPcIuJp_lbxaw1DmZIuopgAv5SpscD--Q5It-UFBdMSen7qoPNJuSErQrNkzczlZDPO4FeLjZuoHUK7puLrgnzjokrCz6iHrtok65hVoUesJvXDQPaf3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9mtFfM5tZJHWMPnun88Pm-2U2A_JntKxXL3plfdwwI23ARABIABglYKAgJAHggEXY2EtcHViLTg5MTc4MzAxODkxMDA3MjHIAQmpAuMucBVzE7I-qAMBqgS3AU_QMqWaBkuMJj0V38ot_QdqYXA5hDaBREj5J3LI2oTWPYhwsCYg3XpyWDXw5BltCXHvBeIeRulkvXSJ5Tm8f5Uvw15cfv8OpljhNMIX5U04-OIuX0QdqqYuZ07nxjF-vcVvzys9lrVZvFlCIEe4GTLrcVEzavFJsLyn3IptUCGQpuutdKLXLZDBR_iXM65sMuafy8DMhJJf_vh0q8WfBLCWCDNq1aQq-hyn5RlLAtlVNB5uryaCSYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3US-DQLXNiU9uUBRa3sYnAavdcGA%26client%3Dca-pub-8917830189100721%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d646178c2227db7c9377092f20b524b808b1085bd886bdbbc232e95fc1464776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=klO6FTdGzkr8MFaART2HBeTl3jpGW8YpcZs9syRoHpkRLL_v-0b9lJN18e26Rg63znewecoBzY9ReJ8jm7apwSVy5CIp8QRQQmXn9sq5nSveNm88h506Nb5NZ9WOtUv0CCt9mw0sQh8cM0CEKSC5ru83AIBDiJ1QvNKXCyILBEvDby2P3NfSBm_9upa4_z0_JZFoN39rROZjAER7g8qsio3TozGhWVrws6FMgYDOd1GBcY1w7c_bs4ANWkBb3BNRqmUMzA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 70094454
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3921 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 07:08:00 GMT
etag: 48472445140208031
expires: Thu, 25 May 2023 07:08:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BF29 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f809d3e144a4d16d5a676b291e67668e9bce81891fac6f54f154b27cf80a35cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3921
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHSsoiC8DoHA6bAW0PrhsIo&google_cver=1&google_push=ATf1kGNkTrNxV0eHszhIWnpkDkPM0H4ti1N8oS5n1Ak0xlNkvQ9kCylZcSYGfXV4ivRLNpNgxV1joSTSn9L1rjXFeybpj8re4bbal...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU1MzkyMTU2MTE5NTM2OTc0MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHSsoiC8DoHA6bAW0PrhsIo&google_cver=1

43 B
398 B

67ms
43ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHSsoiC8DoHA6bAW0PrhsIo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Nk4CHN0Ent&p=https%3A//goo.by&dtd=24
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEHSsoiC8DoHA6bAW0PrhsIo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3921 70 B
266 B 350ms
93ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDO70YVUZhiWsj9-_-Y2YNU&google_cver=1&google_push=ATf1kGP6NSqPDUkji1PbEODjwwA4-OaF_Dcbm8h06HFdbmNxNK8lh25qLaSBETp3_XqPCxiDTXhNEUJsxkByVd1WRR8znjv65ck4SyYSPt9HFOqcMEt_vRsNYXXOlAuc-HeJIM6aW55s3WwOzonAYmWP2ovzMyo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Nk4CHN0Ent&p=https%3A//goo.by&dtd=24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 24 May 2023 08:44:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3921
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGsBP5I1ejr0JhmIM5YBLLU&google_cver=1&google_push=ATf1kGNfiKYAO5KM6qlTpG9dUqsgRa2BLTp8zxzXZUHn8vXuEoXCcp8iPf0yTi6-Qwyd6NHm3YqclB-GxZNwSxGcron1...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGsBP5I1ejr0JhmIM5YBLLU&google_cver=1&google_push=ATf1kGNfiKYAO5KM6qlTpG9dUqsgRa2BLTp8zxzXZUHn8vXuEoXCcp8iPf0yTi6-Qwyd6NHm3YqclB-GxZNwSx...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=9a0d3519-a764-4026-a366-d079ad64bf92
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=9a0d3519-a764-4026-a366-d079ad64bf92
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d086492c-ca00-41ce-a002-05c5c9cce0d1&user_group=1&ssp=google&bsw_param=9a0d3519-a764-4026-a366-d079ad64bf92
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNfiKYAO5KM6qlTpG9dUqsgRa2BLTp8zxzXZUHn8vXuEoXCcp8iPf0yTi6-Qwyd6NHm3YqclB-GxZNwSxGcron1u16_qYAwTX4MtDavEFox09SuNvfdi-T6Ua1TYrellg...

170 B
188 B

50ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNfiKYAO5KM6qlTpG9dUqsgRa2BLTp8zxzXZUHn8vXuEoXCcp8iPf0yTi6-Qwyd6NHm3YqclB-GxZNwSxGcron1u16_qYAwTX4MtDavEFox09SuNvfdi-T6Ua1TYrellgy1svKfrkQUS6PVs60B7FOso7Q&google_hm=mg01GadkQCajZtB5rWS_kg==

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNfiKYAO5KM6qlTpG9dUqsgRa2BLTp8zxzXZUHn8vXuEoXCcp8iPf0yTi6-Qwyd6NHm3YqclB-GxZNwSxGcron1u16_qYAwTX4MtDavEFox09SuNvfdi-T6Ua1TYrellgy1svKfrkQUS6PVs60B7FOso7Q&google_hm=mg01GadkQCajZtB5rWS_kg==
date: Wed, 24 May 2023 08:44:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3921 43 B
246 B 159ms
47ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEK7zBk0oY-3pIAfbRu1yPeY&google_cver=1&google_push=ATf1kGPft9xGvBGiE-Qw5O2G2fdLK-eSH-oLA5mHA3gkVleGQKdGtu7RNsRlX0zKpZ5gu6xV1wsZmP1MOQ27U3wBkLr91KT7JvRiAB22BUupHkxXZ8pnH7AyFq23FpUbeBOk6hmqVRHuiFHAEUtbpR7_IERzpdw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Nk4CHN0Ent&p=https%3A//goo.by&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:45 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3921
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJNev1hcoGED-5Fhfm5L7dE&google_cver=1&google_push=ATf1kGP5iMy2Z1LssaJlbLFdhJkgh4sNrGmghVyLKKPvRAG3ya1Cr4KuYjcxk939_q-1Q13pgWG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxR0xUQUEtMVQtMk5VQQ==&google_push=ATf1kGP5iMy2Z1LssaJlbLFdhJkgh4sNrGmghVyLKKPvRAG3ya1Cr4KuYjcxk939_q-1Q13pgWGVFsq9xxYAuNxTP45QepVCsSm__...

170 B
233 B

50ms
49ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxR0xUQUEtMVQtMk5VQQ==&google_push=ATf1kGP5iMy2Z1LssaJlbLFdhJkgh4sNrGmghVyLKKPvRAG3ya1Cr4KuYjcxk939_q-1Q13pgWGVFsq9xxYAuNxTP45QepVCsSm__h5e__sHjXr7e6GtwOVCSpaV-F4q3vxYoBxriVL8GLavb9LCR8GOS4SKCD4

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxR0xUQUEtMVQtMk5VQQ==&google_push=ATf1kGP5iMy2Z1LssaJlbLFdhJkgh4sNrGmghVyLKKPvRAG3ya1Cr4KuYjcxk939_q-1Q13pgWGVFsq9xxYAuNxTP45QepVCsSm__h5e__sHjXr7e6GtwOVCSpaV-F4q3vxYoBxriVL8GLavb9LCR8GOS4SKCD4
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3921
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_hm=ZG3OfXHlTPC-uw_zy1ayxQAAFAsAAAAB&google_nid=index&google_push=ATf1kGP4qNLzkkOENj2R9sXZamukxL3UTiavm...

170 B
188 B

52ms
52ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_hm=ZG3OfXHlTPC-uw_zy1ayxQAAFAsAAAAB&google_nid=index&google_push=ATf1kGP4qNLzkkOENj2R9sXZamukxL3UTiavmamsS-CeMYpbfoAvzN9BoQ060snnpSvdsYCYO5ppzfaBmWKAD9OvTpMS_rgxOgGCRYc4Mz0Wj7dkBW0ssvozDkT4X3MKQ2NJaaZH_SLqtiGA5VVcVdSMOZ0pFCo

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 May 2023 08:44:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_hm=ZG3OfXHlTPC-uw_zy1ayxQAAFAsAAAAB&google_nid=index&google_push=ATf1kGP4qNLzkkOENj2R9sXZamukxL3UTiavmamsS-CeMYpbfoAvzN9BoQ060snnpSvdsYCYO5ppzfaBmWKAD9OvTpMS_rgxOgGCRYc4Mz0Wj7dkBW0ssvozDkT4X3MKQ2NJaaZH_SLqtiGA5VVcVdSMOZ0pFCo
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3921
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIsVBjvvgqhfwreZQ23KoIk&google_cver=1&google_push=ATf1kGOHWeLouTDTlUAIN8I8xfdzQwFZP0a4G1lcezJjI3yFEZ17ofamqryhgtVTq5aApRxpYjrpw6gGeBnp...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOHWeLouTDTlUAIN8I8xfdzQwFZP0a4G1lcezJjI3yFEZ17ofamqryhgtVTq5aApRxpYjrpw6gGeBnpXjLBu_zSUes5HSBbOp1h2s2yhaWXrhwaoC1o...

170 B
330 B

50ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOHWeLouTDTlUAIN8I8xfdzQwFZP0a4G1lcezJjI3yFEZ17ofamqryhgtVTq5aApRxpYjrpw6gGeBnpXjLBu_zSUes5HSBbOp1h2s2yhaWXrhwaoC1oEqRjMd-4MXddLnYEbBo3uLgO_vrs3GprXEXbCQ

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOHWeLouTDTlUAIN8I8xfdzQwFZP0a4G1lcezJjI3yFEZ17ofamqryhgtVTq5aApRxpYjrpw6gGeBnpXjLBu_zSUes5HSBbOp1h2s2yhaWXrhwaoC1oEqRjMd-4MXddLnYEbBo3uLgO_vrs3GprXEXbCQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3921 0
131 B 140ms
48ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-sRqWO4Tonlk9YJk5GcUIyBwejrkPyGKNUhbkvxLJz4uzpSPzkQT_vBJq69Y81TUb8y4L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 3270368457058933114
tpc.googlesyndication.com/daca_images/simgad/ Frame 81F5 119 KB
119 KB 40ms
40ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3270368457058933114

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0mAUrimtn1&p=https%3A//goo.by&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39be138b8f1adf5a5148c54d230cffac5263f33cfda599fb23ca0fde70b8da1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 16:36:28 GMT
x-content-type-options: nosniff
age: 317297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122080
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 14:43:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 16:36:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 81F5 22 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 81F5 3 KB
1 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 20:55:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 81F5 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 81F5 0
0 47ms
47ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTlTZDQREFjqCbFuoB05eD6VMI0s2FwOePQ6qiZFBrfNpwGWZv1aZ7-xgqHOZijMe8NMz7ukfjFOzR7SqKph5Ui3Ntodg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0mAUrimtn1&p=https%3A//goo.by&dtd=20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81F5 171 KB
53 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:44:45 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 81F5 32 KB
13 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 03:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13064
x-xss-protection: 0
server: cafe
etag: 484897097926465030
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 03:15:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 81F5 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cshj4fM5tZN-_LJWllgTauqK4AeydkJ5wsYyIncsRpo77l5YPEAEgi9r7HGCVgoCAkAegAZ2w7qEDyAECqQLjLnAVcxOyPqgDAcgDyQSqBLwBT9CVb5oRd9l3cKzCvZ4HmHz6oMu3fjj_P09OfotXCqRhD-C5Pq-irpIBhUIkSY3kNP1BF-V23j7Ji2e9L96difTp-tOp3bwuLZ2oHf1c67jKGo0UAAywmauwftsHlqG6VEBt9kRJIJ9CLf9qotksNjnBst2a9DRsQrgkfriqw9Lct_fl1Aj0RuvNFTN-80ATTjM9S6cWjBQZroQ_RpzlE8wTvqXEPRjZ_mX75v-kqdC0D4FI5AEdM-SBL3zABK_PzoSeBJIFBAgEGAGSBQQIBRgEoAYCgAf1tJteqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQubMH0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04OTE3ODMwMTg5MTAwNzIxGAA&sigh=FHPs3o2CmpI&uach_m=[UACH]&cid=CAQSPABygQiDoVqDg5Bg8yKB4AMx33Iu5WaEyUdYmNgDgQD-R3z5EWI5Di-ixw20BAsfMy0V-VxmOjxQ1tTNBxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0mAUrimtn1&p=https%3A//goo.by&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 May 2023 08:44:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EFE0 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0mAUrimtn1&p=https%3A//goo.by&dtd=20
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 07:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7E37 1 KB
643 B 42ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 07:08:00 GMT
etag: 48472445140208031
expires: Thu, 25 May 2023 07:08:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C163 42 B
64 B 159ms
78ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbqXr8s7ZNdMaJ9iT8LQDCcSxwbNh7gEo5lkDha9mNlbDxkB0PdP6O-fGhvCtwFr5EdtwnRPvtToi_vEvVeiCx9ABogBvA7_j5P0Ps1CLKrCjD6XUgAbkPKilMEZrAKg94GdN8nA&sai=AMfl-YQrM9ycXsVsAm6g8UHj6ShA2ucjncT29hDtoQjGppdwz31X1CIdg2IU5hNK0lXqs6ZU4F55hwoW0t4h&sig=Cg0ArKJSzK02gj0WIL6jEAE&cid=CAQSGwBygQiDUV6ljM_kFj0KgIuVhb1KhnJKdWEXKRgB&id=lidar2&mcvt=1000&p=0,0,280,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2348938529&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684917883039&rpt=1747&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 81F5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5d505f2274276951c12cbcdf1e763988ac536cb4605d96e35d00ff338c42785

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 888B 2 KB
1 KB 248ms
53ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZG3OfAAMKxED5_d5AAU2m2-UgTFI5eLRPgp-LA&u=%7CG9pBjDUvafnJKMaqCHfR6mkDhYlUNa1sOM2Q4r48vXw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC863dcpp4WPN2RX0hwTGs7anyXQXhUgatak5OLskegNjrPKgiDwRHj9PDbmjwe_VvnsA28s_wMPaBI_mg6GDlO9bkFlJ691tPTj16CIfU5FEYxbO3R9A2UF7XmnoPybMsvvZd1a9wdi0Ey-L7VyURBzutIXBfXPrYN3vCCXftK85UCm9GJrkAKX6_KUEc1msluoCkld4EJIMvRr5GchpvwmlFLToWgL0lECyDyUmA9H3DCM_wgQfe03dkUlQTMc-ehPj0VUXhZ4El6VtsUFrHsABpl2_X7bTA-gG7GeMnm6Nv3kZz3C2ZlrH_JIuLY_-7sM-98-9MwdoXlpobKCILDNMAh2C2Tni90V6xjgaXioZlbjPRMsr25J4uW3Z9QDupvDCTdd6D-9i9DkvMjoyqq042i5Fv1eUqkvfdKaweucEISIDZdX4_cMB1ikPcIuJp_lbxaw1DmZIuopgAv5SpscD--Q5It-UFBdMSen7qoPNJuSErQrNkzczlZDPO4FeLjZuoHUK7puLrgnzjokrCz6iHrtok65hVoUesJvXDQPaf3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9mtFfM5tZJHWMPnun88Pm-2U2A_JntKxXL3plfdwwI23ARABIABglYKAgJAHggEXY2EtcHViLTg5MTc4MzAxODkxMDA3MjHIAQmpAuMucBVzE7I-qAMBqgS3AU_QMqWaBkuMJj0V38ot_QdqYXA5hDaBREj5J3LI2oTWPYhwsCYg3XpyWDXw5BltCXHvBeIeRulkvXSJ5Tm8f5Uvw15cfv8OpljhNMIX5U04-OIuX0QdqqYuZ07nxjF-vcVvzys9lrVZvFlCIEe4GTLrcVEzavFJsLyn3IptUCGQpuutdKLXLZDBR_iXM65sMuafy8DMhJJf_vh0q8WfBLCWCDNq1aQq-hyn5RlLAtlVNB5uryaCSYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3US-DQLXNiU9uUBRa3sYnAavdcGA%26client%3Dca-pub-8917830189100721%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 May 2024 08:44:46 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 888B 2 KB
1 KB 248ms
54ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 May 2024 08:44:46 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 888B 308 B
637 B 247ms
53ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 18 May 2024 08:44:46 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 888B 293 B
621 B 273ms
79ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 18 May 2024 08:44:46 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 888B 43 B
348 B 223ms
40ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=IchmZFpK7UNOzZVT8RZfYtdX4rAqakLdIVSemXp84EpbrwoePYBvus5AuPBzLihY7xhNZZCIqwYNE-ebxdqXIiLDN9U8Drj-FRDGTSYEeBUiXLJKE4JFlPDGkjW0JsNCI6a10Hi4G0JM6Tli3JHPALvm8bnQspNcesBVZ4vgeZKPWEiqrCkmPUo3lqKalrxSrn65R0TXiPrgsvB6yVfw52nsC_Pwe7hd1xAPAgPtTuI5VSHcxKDSZi8DbygHXYTyid-uY9pp7V3kweC2hH2oe7ygxQLUWsuRBjrC7idfd-Iji9MSNjxmKHpYyic09CCChr-vQev9uOSrp5hu-5wVq_svYSNHusaTVpDhwpw1un-gBDnIG7Z0GGVvUpAwk5qNKdYsXeSH8daqHlXqKFu2ES76gCVvvDkCH39yK-dYIAk0m8G4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1755705
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 888B 12 KB
5 KB 57ms
56ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 42292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pD3eb2IysgXkCLj2X5XYlUGefDhAaWGZl58%2BsImthXKClrz05R%2FXC%2F%2BRzEguawheIJRXPuKoyabPV9ieQccLn3Gh9S8IsYcOFpnDAPRJGI39Sqr0JFyFHJ5RuwRDFHw8LzJncOQynKupTyUoGEVxtdE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7cc4423329829028-FRA
expires: Mon, 13 May 2024 08:44:45 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 888B 12 KB
6 KB 240ms
54ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 May 2024 08:44:46 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 888B 46 KB
46 KB 370ms
189ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 May 2024 08:44:46 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 888B 38 KB
38 KB 261ms
81ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 May 2024 08:44:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 888B 3 KB
4 KB 216ms
56ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=196&s=kONWYru3LfCDOkvuk-5yXOI_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

05c03c87d7017a903a21732e8c3bc93ca41ef0e82e023e22af527d3a8137ddea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 3552
expires: Wed, 08 May 2024 04:52:55 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 888B 66 KB
66 KB 367ms
207ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F230515%2F4e6511f043b043b0b7694508f0dfb491_img_horizontal_1.jpg&v=3&w=1200&s=Y6AYSZMxQjvGXF0e6ZL3EBsY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cb1903f7f246f3de5384b2e1949ff3938b545ea1c74eadc63f533c8f89f56810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 67588
expires: Thu, 09 May 2024 17:12:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 888B 22 KB
23 KB 267ms
107ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1644493811%2F22030846-vEZUvyWe.jpg&v=3&w=400&s=H5JdnUsPDvF9imz20xrhBmn-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3db8b9500d72a55dca757df9f9a633a497b27306a132084a9e420ff124b3bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 22954
expires: Tue, 30 May 2023 10:15:14 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 888B 7 KB
7 KB 216ms
56ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1677877216%2F23041068-JbWlnPIn.jpg&v=3&w=400&s=BZs8wqzNgt52rnHm6KJ_4-Pu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

245c718f14d5258493d6bd26b4e957178a17bd28f21fa593cc6d1911fddb324c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 7412
expires: Thu, 25 May 2023 18:53:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 888B 22 KB
22 KB 329ms
169ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23059933-LTAT0l6z.jpg&v=3&w=400&s=WcwzNxZm1SHsEtSDGHQISSGH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d686da2f688c0626150916a9c9d322a21ce1e3f62cc4fba52ebb1ee0a2252758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 22324
expires: Sat, 27 May 2023 15:50:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 888B 1 KB
2 KB 409ms
250ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2Fbonprix%2F20230502%2F200x65_neulabel_criteo_de.png&v=3&w=400&s=LMbwVQqqZkIT_OqRJg0FwumN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 1366
expires: Fri, 10 May 2024 07:34:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 888B 15 KB
15 KB 221ms
221ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23005716-11wtsoZ4.jpg&v=3&w=400&s=v93q50fHQsm6YRYki5ft4U7v&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c8e98969dce2816e15b94aea27381a7367ff9381a212f0707c3eb4efa79d6440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 15546
expires: Sat, 27 May 2023 21:32:36 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 888B 0
128 B 214ms
55ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=klO6FTdGzkr8MFaART2HBeTl3jpGW8YpcZs9syRoHpkRLL_v-0b9lJN18e26Rg63znewecoBzY9ReJ8jm7apwSVy5CIp8QRQQmXn9sq5nSveNm88h506Nb5NZ9WOtUv0CCt9mw0sQh8cM0CEKSC5ru83AIBDiJ1QvNKXCyILBEvDby2P3NfSBm_9upa4_z0_JZFoN39rROZjAER7g8qsio3TozGhWVrws6FMgYDOd1GBcY1w7c_bs4ANWkBb3BNRqmUMzA&sds=2&rev=86437&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 24 May 2023 08:44:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 888B 2 KB
1 KB 50ms
49ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 May 2024 08:44:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 888B 2 KB
1 KB 51ms
50ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 May 2024 08:44:46 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 7E37 0
105 B 237ms
88ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDEFxnU-80KmMV9brUvLGEE&google_cver=1&google_push=ATf1kGOTbmmKdPHI-Nwz91PQjlGXkr9GmYrq0Q42aEfr7B2MfUdSRAwznv-yrGzefixtV1rm0iIe0-urRhlzhyvhrta3KE5ln2kKtPg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0mAUrimtn1&p=https%3A//goo.by&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7E37
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDXFcSFKekiZvsd9TfdNSLA&google_push=ATf1kGN5ZwoTEtXizDfw9E4heARHa5PTyl_JkI4i_QQvIUF-bY861DwfeX...

170 B
188 B

51ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDXFcSFKekiZvsd9TfdNSLA&google_push=ATf1kGN5ZwoTEtXizDfw9E4heARHa5PTyl_JkI4i_QQvIUF-bY861DwfeX2cwFBFn86h3-3Uktjh3V0SfFZzDQAAA2WvNb8WSijKdw

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230041-FRA
pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1684917886.132411,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDXFcSFKekiZvsd9TfdNSLA&google_push=ATf1kGN5ZwoTEtXizDfw9E4heARHa5PTyl_JkI4i_QQvIUF-bY861DwfeX2cwFBFn86h3-3Uktjh3V0SfFZzDQAAA2WvNb8WSijKdw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 7E37 70 B
265 B 67ms
66ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDO70YVUZhiWsj9-_-Y2YNU&google_cver=1&google_push=ATf1kGMyUcWVT85RWNWiHSZVTPAr-zplobbTq_lFnuSySa4L1KmW3bTrdqEajXonV8IG9kqUFeC3qRWgGrv8tDg62NKtrD9WL-dMomY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0mAUrimtn1&p=https%3A//goo.by&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7E37 0
187 B 170ms
41ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAr3PHq2Ht-GXv5C3WXZks4&google_cver=1&google_push=ATf1kGN8ONI4qC_VJjyUiZmXi6MsC4fCEw8WMrOXu7VMMe6SWcEVOXggcs9yDbqEEo0-gX1Wlmi4gpdFRnqLG1BR5RY-d5M3jF3BQvM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0mAUrimtn1&p=https%3A//goo.by&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Wed, 24 May 2023 08:44:45 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7E37
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEBx5eb8maKRNBPakWk86cG8&google_cver=1&google_push=ATf1kGOQu6gGSa-CrRxrOiZLlYVYPGVtRxXC2mMYVWOnWnvcqCCx9otedvP3AdTAaN8i7z-AtxGiTqWnrb2_wKriShpdFVimINKkCCY
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGOQu6gGSa-CrRxrOiZLlYVYPGVtRxXC2mMYVWOnWnvcqCCx9otedvP3AdTAaN8i7z-AtxGiTqWnrb2_wKriShpdFVimINKkCCY&google_hm=Q0FFU0VCeDVlYjhtYU...

170 B
188 B

93ms
93ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGOQu6gGSa-CrRxrOiZLlYVYPGVtRxXC2mMYVWOnWnvcqCCx9otedvP3AdTAaN8i7z-AtxGiTqWnrb2_wKriShpdFVimINKkCCY&google_hm=Q0FFU0VCeDVlYjhtYUtSTkJQYWtXazg2Y0c4

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 May 2023 08:44:46 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ATf1kGOQu6gGSa-CrRxrOiZLlYVYPGVtRxXC2mMYVWOnWnvcqCCx9otedvP3AdTAaN8i7z-AtxGiTqWnrb2_wKriShpdFVimINKkCCY&google_hm=Q0FFU0VCeDVlYjhtYUtSTkJQYWtXazg2Y0c4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7E37
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEN6Gu_Eb-SpN3uIWcOKDQYg&google_cver=1&google_push=ATf1kGNqcHVRmKTKfk5pAHqUVCYGzj8BGBM0N7O3svP-t5qb0Wvj4UFUJX1htGTgbsKI0mhevBMIu8FIy3G3kHLhPHInT4b...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEN6Gu_Eb-SpN3uIWcOKDQYg&google_cver=1&google_push=ATf1kGNqcHVRmKTKfk5pAHqUVCYGzj8BGBM0N7O3svP-t5qb0Wvj4UFUJX1htGTgbsKI0mhevBMIu8FIy3G3kHLhPHInT...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNqcHVRmKTKfk5pAHqUVCYGzj8BGBM0N7O3svP-t5qb0Wvj4UFUJX1htGTgbsKI0mhevBMIu8FIy3G3kHLhPHInT4bLH3aN80Q

170 B
188 B

52ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNqcHVRmKTKfk5pAHqUVCYGzj8BGBM0N7O3svP-t5qb0Wvj4UFUJX1htGTgbsKI0mhevBMIu8FIy3G3kHLhPHInT4bLH3aN80Q

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNqcHVRmKTKfk5pAHqUVCYGzj8BGBM0N7O3svP-t5qb0Wvj4UFUJX1htGTgbsKI0mhevBMIu8FIy3G3kHLhPHInT4bLH3aN80Q
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 trk
ag.innovid.com/ Frame 7E37 43 B
298 B 243ms
45ms Image
image/gif 2a05:d01c:1d8:8100:a4c6:9405:d858:453d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIrCzQ8Uymw70ZV9Hd7liu4&google_cver=1&google_push=ATf1kGOgSyEDRzCA-HxHm3Q-Vd16xweJmtJjhlofGfHP7EAnx57yUnnNgfXh_9lBY7WGwmn1wX7olG62MVRKXZwLxNTCpD87cDaTv3w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0mAUrimtn1&p=https%3A//goo.by&dtd=20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:a4c6:9405:d858:453d London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7E37 0
12 B 48ms
47ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L2Asd8nWq5Dw22_gxkQHLdjgqZ17IoppJ5ri8h1ibUyCqqFaZYc2666BotxfJK0EM3dfxs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EFE0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

110ms
109ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:46 GMT
expires: Wed, 24 May 2023 08:44:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E26 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 18:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 18:25:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 583F 6 KB
706 B 61ms
60ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2456&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280&nras=3&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sz4QBin043&p=https%3A//goo.by&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 May 2023 08:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 May 2023 07:08:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 May 2023 08:44:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 583F 2 KB
765 B 42ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:21:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/ Frame 583F 22 KB
9 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8780
x-xss-protection: 0
server: cafe
etag: 16540081610679671253
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 583F 3 KB
1 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 20:55:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/ Frame 583F 19 KB
8 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230518/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jun 2023 22:18:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 583F 0
0 54ms
53ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMCVNDPv5dL2zFjoAgZwBVT5jQuNnvCQVnIOed20vmQjvTFanXhU_8j_zyYf9yxG3Qlkz6B_qa_g-oontEP46OLql8VA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2456&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280&nras=3&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sz4QBin043&p=https%3A//goo.by&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 583F 171 KB
53 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54262
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684757038394838"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:44:46 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 583F 32 KB
13 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 07:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Wed, 17 May 2023 01:31:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 07:59:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 583F 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNCbffM5tZNzkK_mO9fgP486CmA2377nfcI3izbzeEKn3oaqTDhABIIva-xxglYKAgJAHoAHmnvmFA8gBCakCmCrtl_EVsj6oAwHIA8sEqgS7AU_QhJVBxuO6y34iNpr87clrGYY6PFkWVP06wrC7GE3WSxE0rIpavIJXSwWQVSKR1Lw_8rpgWoJVnbEVrlfUbTEduVUE0lrqlgsxylwTCAqjiZpVdQWtenb_2zcLtVhRgiURFjyFJLI4kVMTTKLx80MQ7vlsWRYvD4z4WGHSsmRAXBNMocrVIH-oRZ3BJiFYwf_TE93wWNSIcAySLg3_ZQkXvLtzRuYS1uSRxh0pnLd1Mqvtem2lZWAa7aTABO2T9OuaBJIFBAgEGAGSBQQIBRgEoAYugAeC4YZ6qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQtYQP0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAbgT5APYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItODkxNzgzMDE4OTEwMDcyMRgA&sigh=0hAmZV7WKno&uach_m=[UACH]&cid=CAQSPABygQiDr91rew2Xw73wyXkMHNYFciW9gbASYK_l2Px58ycv3N_Tf4fPik6TOmPeqEaFK6-JT2UJtedncRgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2456&idt=-M&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280&nras=3&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sz4QBin043&p=https%3A//goo.by&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 24 May 2023 08:44:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2393207814724294971/ Frame 583F 7 KB
7 KB 42ms
42ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2393207814724294971/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b178ba1cf424a9bc6f79084d775a77838fcbc1c3da4b2d426dd8facce1dfddbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 03:16:16 GMT
x-content-type-options: nosniff
age: 19710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7388
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 15:22:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 May 2024 03:16:16 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/18238337852266318280/ Frame 583F 8 KB
8 KB 42ms
42ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18238337852266318280/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e5d83579758755f74a6f1a97a044da32144ad0e22d7691ec2d6c2c8a098929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:07:23 GMT
x-content-type-options: nosniff
age: 293843
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 08:34:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 May 2024 23:07:23 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0558 1 KB
645 B 98ms
97ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 07:08:00 GMT
etag: 48472445140208031
expires: Thu, 25 May 2023 07:08:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 583F 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b43eeb98a1b90d28b370672ee03972ae0aab4787dac49bcfe55168cfa37eaaa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 583F 15 KB
15 KB 76ms
76ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 23:14:12 GMT
x-content-type-options: nosniff
age: 379834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 May 2024 23:14:12 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 583F 15 KB
16 KB 75ms
75ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 16:10:14 GMT
x-content-type-options: nosniff
age: 59672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 16:10:14 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 583F 15 KB
15 KB 93ms
93ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 22:48:48 GMT
x-content-type-options: nosniff
age: 35758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 22:48:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E841 42 B
64 B 108ms
108ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm9feGNPGmA_m6jabwQqse087uigyHnDbFG77dJ1FWRQHNpsyCieZRA_ZhmqBb1RhNB-Qm3TkWSQHeiZZkezUVqerjV8_-PA04n8GAghi-rxZvT9Na8PZM0aNtRblAlWDGV29sOA&sai=AMfl-YRArPWfTLr6NlTAMbGeL3EGn3UPHSJEHk85bgAhhg7usanEoo52ifVjh04pLbRcpgsKOxcitF2E7qOD&sig=Cg0ArKJSzBsXJzFb105nEAE&cid=CAQSGwBygQiDCzsLnVuZ4cg7QkA0bejO9Xx_D24rihgB&id=lidar2&mcvt=1004&p=0,0,600,160&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230522&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=293675614&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684917884762&rpt=257&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0558
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPQ_dpLkq9OMR48-Zb9sWag&google_cver=1&google_push=ATf1kGOl-lFdWsflZn7D-kVC1nnteQ0JFyqEyQq5bDNMcDBtdNdrsqfiFuwgXrvOjuqRNMkPnY7iDTCqLLnnvJlH...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOl-lFdWsflZn7D-kVC1nnteQ0JFyqEyQq5bDNMcDBtdNdrsqfiFuwgXrvOjuqRNMkPnY7iDTCqLLnnvJlHmlxErcIq4X4Qyavgm8FeZR0YcynrN0...

170 B
188 B

50ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOl-lFdWsflZn7D-kVC1nnteQ0JFyqEyQq5bDNMcDBtdNdrsqfiFuwgXrvOjuqRNMkPnY7iDTCqLLnnvJlHmlxErcIq4X4Qyavgm8FeZR0YcynrN0T_jmV4rAxBztljZ7meifcQlnrHKD8

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 24 May 2023 08:44:46 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x30 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGOl-lFdWsflZn7D-kVC1nnteQ0JFyqEyQq5bDNMcDBtdNdrsqfiFuwgXrvOjuqRNMkPnY7iDTCqLLnnvJlHmlxErcIq4X4Qyavgm8FeZR0YcynrN0T_jmV4rAxBztljZ7meifcQlnrHKD8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 24 May 2023 08:44:45 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0558
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEFLZSb5q0FXtroFXC82KJw&google_cver=1&google_push=ATf1kGODymW3zWzR5_BmxwN-6pclerXRdi4KcjDMm8Dk_Iu5_7mPztDhK392eyC8XmnWjzOdASCJqWB9I4GVxX...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNjY2NzIxNjgyNjMzMzMzOQ%3D%3D&google_push=ATf1kGODymW3zWzR5_BmxwN-6pclerXRdi4KcjDMm8Dk_Iu5_7mPztDhK392eyC8XmnWjzOdASCJqWB9I4GVxXIs2B...

170 B
188 B

51ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNjY2NzIxNjgyNjMzMzMzOQ%3D%3D&google_push=ATf1kGODymW3zWzR5_BmxwN-6pclerXRdi4KcjDMm8Dk_Iu5_7mPztDhK392eyC8XmnWjzOdASCJqWB9I4GVxXIs2Bo2YsD1btJZYeJ77ZwacE7dcOJbuTFhKpyl44_WMmR8xpkAwa_d2SyuVYY

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzNjY2NzIxNjgyNjMzMzMzOQ%3D%3D&google_push=ATf1kGODymW3zWzR5_BmxwN-6pclerXRdi4KcjDMm8Dk_Iu5_7mPztDhK392eyC8XmnWjzOdASCJqWB9I4GVxXIs2Bo2YsD1btJZYeJ77ZwacE7dcOJbuTFhKpyl44_WMmR8xpkAwa_d2SyuVYY
Date: Wed, 24 May 2023 08:44:46 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0558
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMw0ezUQKF1SEz8UnaK5LPM&google_cver=1&google_push=ATf1kGMl7NO3hiVXZ0nhdU0yPotJrGkL2Uauww5VKn91GYroPjg5iGpfR-4q9sohW-RAhM7X9Eat1XSeBB-eAhpiFwJldpz...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMl7NO3hiVXZ0nhdU0yPotJrGkL2Uauww5VKn91GYroPjg5iGpfR-4q9sohW-RAhM7X9Eat1XSeBB-eAhpiFwJldpzp4UpwPYXn4XyVXqJhJkiCObYRvMAC6TjwvKRBa...

170 B
188 B

50ms
49ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMl7NO3hiVXZ0nhdU0yPotJrGkL2Uauww5VKn91GYroPjg5iGpfR-4q9sohW-RAhM7X9Eat1XSeBB-eAhpiFwJldpzp4UpwPYXn4XyVXqJhJkiCObYRvMAC6TjwvKRBaoMnp82ee31TzGM&google_hm=eS1HbE4yTTFWRTJwR3dxRnZOT1VCZTFtUHFCTlRjYk4wan5B

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 24 May 2023 08:44:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMl7NO3hiVXZ0nhdU0yPotJrGkL2Uauww5VKn91GYroPjg5iGpfR-4q9sohW-RAhM7X9Eat1XSeBB-eAhpiFwJldpzp4UpwPYXn4XyVXqJhJkiCObYRvMAC6TjwvKRBaoMnp82ee31TzGM&google_hm=eS1HbE4yTTFWRTJwR3dxRnZOT1VCZTFtUHFCTlRjYk4wan5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0558
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDIFSO7WKGt58CqTYQDjJpE&google_cver=1&google_push=ATf1kGOst_za0y_mMBSz5RH5d61sOUT2pBVLoetqrESKX15q2f54uzlTw5XDrecBsg4yD9I2Kl0YSJXz...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDIFSO7WKGt58CqTYQDjJpE&google_cver=1&google_push=ATf1kGOst_za0y_mMBSz5RH5d61sOUT2pBVLoetqrESKX15q2f54uzlTw5XDrecBsg4yD9I2Kl0...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ4MjczMDkxMjcwMzY4Njcy&google_push=ATf1kGOst_za0y_mMBSz5RH5d61sOUT2pBVLoetqrESKX15q2f54uzlTw5XDrecBsg4yD9I2Kl0YSJXz...

170 B
188 B

51ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ4MjczMDkxMjcwMzY4Njcy&google_push=ATf1kGOst_za0y_mMBSz5RH5d61sOUT2pBVLoetqrESKX15q2f54uzlTw5XDrecBsg4yD9I2Kl0YSJXzM0wBwHBweCk8goOPMzm8cCgeTHbJI2DSaKWp6zVqGdStmqQ6rjSGWOv2QHDdDv6oGKY

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ4MjczMDkxMjcwMzY4Njcy&google_push=ATf1kGOst_za0y_mMBSz5RH5d61sOUT2pBVLoetqrESKX15q2f54uzlTw5XDrecBsg4yD9I2Kl0YSJXzM0wBwHBweCk8goOPMzm8cCgeTHbJI2DSaKWp6zVqGdStmqQ6rjSGWOv2QHDdDv6oGKY
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0558
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJNev1hcoGED-5Fhfm5L7dE&google_cver=1&google_push=ATf1kGNJhamRWDHPXlAypsECglGlSUdNCTltnbwlqklVkZj83DS6OhNQ26B4rQS0xMvmsF-1X2b...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxR0xUTzItMjctMlFBSQ==&google_push=ATf1kGNJhamRWDHPXlAypsECglGlSUdNCTltnbwlqklVkZj83DS6OhNQ26B4rQS0xMvmsF-1X2bzKb7WvhWgSm6Y6MFOBIcM6KbUE...

170 B
188 B

51ms
50ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxR0xUTzItMjctMlFBSQ==&google_push=ATf1kGNJhamRWDHPXlAypsECglGlSUdNCTltnbwlqklVkZj83DS6OhNQ26B4rQS0xMvmsF-1X2bzKb7WvhWgSm6Y6MFOBIcM6KbUEdEceRkcc9Ca2wKntRE6FGfrFUPsnVyrR09xGJSQ6bmWCLk

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEkxR0xUTzItMjctMlFBSQ==&google_push=ATf1kGNJhamRWDHPXlAypsECglGlSUdNCTltnbwlqklVkZj83DS6OhNQ26B4rQS0xMvmsF-1X2bzKb7WvhWgSm6Y6MFOBIcM6KbUEdEceRkcc9Ca2wKntRE6FGfrFUPsnVyrR09xGJSQ6bmWCLk
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0558
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_hm=ZG3OfXHlTPC-uw_zy1ayxQAAFAsAAAAB&google_nid=index&google_push=ATf1kGNfDPabpnJZ7HmHH_PRloona_8ofwek8...

170 B
188 B

50ms
49ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_hm=ZG3OfXHlTPC-uw_zy1ayxQAAFAsAAAAB&google_nid=index&google_push=ATf1kGNfDPabpnJZ7HmHH_PRloona_8ofwek8ZgNigjq8gS3u_PMsAqQ3DX5IwWanv7iWzFDn0uAyQ9Qjp-Kl_cyfNxJiOCN--ptvdMbNa_X8ADV7QiZIKd5bx-zzTPKDN_cwKLEtSltq7HqPw

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 May 2023 08:44:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBHxzOFzatymzdlTRAUA44U&google_hm=ZG3OfXHlTPC-uw_zy1ayxQAAFAsAAAAB&google_nid=index&google_push=ATf1kGNfDPabpnJZ7HmHH_PRloona_8ofwek8ZgNigjq8gS3u_PMsAqQ3DX5IwWanv7iWzFDn0uAyQ9Qjp-Kl_cyfNxJiOCN--ptvdMbNa_X8ADV7QiZIKd5bx-zzTPKDN_cwKLEtSltq7HqPw
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0558
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIsVBjvvgqhfwreZQ23KoIk&google_cver=1&google_push=ATf1kGN72Q_Ldj5tiZtvQI2gDDZUAyJf66wVGz6yw-Mo6mBOIyNheO_OXukbA8B366d8l45CEs-dzzrjn2gO...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN72Q_Ldj5tiZtvQI2gDDZUAyJf66wVGz6yw-Mo6mBOIyNheO_OXukbA8B366d8l45CEs-dzzrjn2gO0AQgcpseImgapYyLQ7zKkWZ4aWjugH9twaTK...

170 B
188 B

51ms
51ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN72Q_Ldj5tiZtvQI2gDDZUAyJf66wVGz6yw-Mo6mBOIyNheO_OXukbA8B366d8l45CEs-dzzrjn2gO0AQgcpseImgapYyLQ7zKkWZ4aWjugH9twaTKQnBJeCbqHP03UVnB1Gy0AIxncs0

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGN72Q_Ldj5tiZtvQI2gDDZUAyJf66wVGz6yw-Mo6mBOIyNheO_OXukbA8B366d8l45CEs-dzzrjn2gO0AQgcpseImgapYyLQ7zKkWZ4aWjugH9twaTKQnBJeCbqHP03UVnB1Gy0AIxncs0
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0558 0
12 B 49ms
48ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbdwG9nl_eRxZ3FhqEeJ6Q-WsBfFC6JJB1ekgCDpwBRXdI4jDA_5UEohT-d26PuGIUY2t2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame C55F 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 18:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 18:25:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 98ms
97ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230518&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a5be2c72413a2c0a18340bf05bbc3c672facc79a8b9c1a84b9740b378a07661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11264
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 May 2023 08:44:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B3BF 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 02:33:38 GMT
expires: Thu, 23 May 2024 02:33:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 042E 783 B
535 B 51ms
50ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bffd26f0a8eacdc8b7dff28a6e6dc4505256ac7fe5649c6e5418c998ca55b394

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xp3sH_yOv3W36iYIJdzMfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-xp3sH_yOv3W36iYIJdzMfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 08:44:46 GMT
expires: Wed, 24 May 2023 08:44:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js Show response
pagead2.googlesyndication.com/bg/ Frame B3BF 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHrP8GR4WD3-4SafWKd0oRFewpEF611yDaZvldToCrs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 18:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14642
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 18:25:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 042E 0
0 76ms
76ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230518&jk=2716698797462785&rc=05AIuXPCX1eqrgEjjJ5v0i8lMEp79LQXC0nq1jmP0fE--V-BryeeM6ChipKy6t93FccbHW3LVMgTGguT4epuReg2EZrN8IAihitdXq1LMmdu7QvcfJdakX9d9FAaSlqRYv7JvcHLV13YJCx7s6eIlbeV0HhZZ5s-zOOIewXII5UOMfhhM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B3BF 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gEZKIg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 08:44:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230518&jk=2716698797462785&bg=!5uWl5bHNAAZ8_aWmXP07ADkAdvg8Wg5MgVeacQxiP4c6cm9JsTWlkq9v6NL0yWCP9Pnxy45mhyTEoWvXjWzdUaZWfFuS9rJWRXoCAAABXVIAAAADaAEHmQKY2Rn5G7TcP3Jw48392TJCEmvIoYnB8HB4kD9sJx9WaQ9jeru4qTJd7iQbITu2wuzL7vuke3ts38oO_xDS6G1PiLl6ZQ3pmTGkkkP6mOjhl0iYzsjcqGpT9luq0AZaixMTxJun0QDsyXef9vovkMgQ8m72eLWcFoPGTKOCxHwwEAinHN5rx7WC1sEi-cNh36IErFOIAs0IZempze1zyO_QUpM1SosGqG14fIXBcwJ-AxvnbbGOPy_0fhGyRCwuy4EY2xeDRkjhMuAbmNrcrgBI2FyD7ZV93WvhXWMijZFnGKfufsoBIdUMWDXpfPsv9mAr4kbZc3Dj71JgWepzSVr4PbSV49PyRqjrwMOqHVxX9YlDI9MQDeHV66heSsgwCQT0_-tsuwWcbrEqERf0bgJkxhbuESNJi-_pwgrNtm96NQ8EHBDKnGe9_S_9F07dojAi5hKrvNn_UW0vSp5fsr9WHk4MSUoTK-RDupwvobWugDVNzxX-ZlbGErdZ838VY61fCuGSetRxZItIKHEKnTvRHpiVLRWiV82PYY311pNb7Hi7QBGUn_OVEmpSlGDdHsWHRNB-ywmCyuiqaQMAXf8-gOty-wr9D2hLOOEqHTR7FFzJJlvbTzYEU4in_kBp0DRGVQUX1cnKvVrC5bKCDQQ3PgvXCaBOAn6zLxVT2hI0UXmkgZG_gkLY-OG7NUQbZea6luARUQW5ttFemRI1vW83F5hrxBQNZjeOjakgsVTaiwSV1DSeef6KUtvnqTK70X-tlBRKSgVvT5PH6RKQkV9CxxMxUoSHuZ6pvCBbJxLNouyMFf9JGA9mR0JcTXcmBRi1Pnc0liocFVQORs46YGvrAasC2VUAaB4Tkj3YnIXyMRW9fEsPNGWeWg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 16:21:09	Name: _GRECAPTCHA Value: 09AIuXPCX9Uy166PVtzjKE71F5CLYo94EoutWa7muxCaXDhz_6U-ot6x-XE64_rRWn-HB2vv3Ng3q34S4sp2xdmc0
goo.by/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2denv41jdvl78h3q9ofhqlnogd
.goo.by/	1970-01-20 20:47:33	Name: _ym_uid Value: 1684917883905486824
.goo.by/	1970-01-20 20:47:33	Name: _ym_d Value: 1684917883
.mc.yandex.com/	1970-01-20 12:01:58	Name: sync_cookie_csrf Value: 2172098906fake
.goo.by/	1970-01-20 12:03:09	Name: _ym_isad Value: 2
.goo.by/	1970-01-20 21:23:33	Name: __gads Value: ID=f3ec8c20ac84d40b-22fcb1eee6dd0090:T=1684917883:RT=1684917883:S=ALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A
.goo.by/	1970-01-20 21:23:33	Name: __gpi Value: UID=00000c31f878bce4:T=1684917883:RT=1684917883:S=ALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g
.mc.yandex.by/	1970-01-20 12:01:58	Name: sync_cookie_csrf Value: 2329503975fake
.mc.yandex.ru/	1970-01-20 12:01:58	Name: sync_cookie_csrf Value: 3742742691fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2471900451684917883
.yandex.com/	1970-01-20 21:37:57	Name: i Value: BdDf6HS70rhFBogtoVSsv//SODiHhhb/1z78PxWqLZJ9lfYzMPnhOTMv0Jdcll5Adtrsm0xq7A1kwhiQsZrlJGNSS0g=
.yandex.com/	1970-01-20 21:37:57	Name: yandexuid Value: 3407836361684917883
.yandex.com/	1970-01-20 20:47:33	Name: yuidss Value: 3407836361684917883
.yandex.com/	1970-01-20 20:47:33	Name: ymex Value: 1716453883.yc.1684917883#1716453883.yrts.1684917883#1716453883.yrtsi.1684917883
.yandex.com/	1970-01-20 20:47:33	Name: bh Value: KgI/MA==
.doubleclick.net/	1970-01-20 21:23:33	Name: IDE Value: AHWqTUl58VqkJBuvadhO326tYtkm2xBCFtQ8eR15HWEmCmU4vbUDBPaJa0VnJgoQBVg
.doubleclick.net/	1970-01-20 12:01:58	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 12:02:01	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 20:47:33	Name: CMID Value: ZG3OfXHlTPC.uw-zy1ayxQAA
.casalemedia.com/	1970-01-20 14:11:33	Name: CMPS Value: 5131
.casalemedia.com/	1970-01-20 14:11:33	Name: CMPRO Value: 5131
.bidswitch.net/	1970-01-20 20:47:33	Name: tuuid Value: 9a0d3519-a764-4026-a366-d079ad64bf92
.bidswitch.net/	1970-01-20 20:47:33	Name: c Value: 1684917885
.bidswitch.net/	1970-01-20 20:47:33	Name: tuuid_lu Value: 1684917885
.turn.com/	1970-01-20 16:21:09	Name: uid Value: 2553921561195369741
.de17a.com/	1970-01-20 20:40:21	Name: guid Value: 1.8983870068274584527
.agkn.com/	1970-01-20 20:47:33	Name: ab Value: 0001%3AIHTnFuNO5lHtxnkquo3M%2FNVwy0fhJkEK
.agkn.com/	1970-01-20 20:47:33	Name: u Value: C\|0CEAsAIr-LACK_gAAAAAAAQ13AQCAAQpAAAAAAA
.innovid.com/	1970-01-20 14:11:33	Name: uuid Value: e551f732-182d-4152-9f22-0a93a4f7c392-20230524 04:44:46
.everesttech.net/	1970-01-20 20:47:33	Name: everest_g_v2 Value: g_surferid~ZG3OfgACNV43-QBI
.adform.net/	1970-01-20 12:46:36	Name: C Value: 1
.mathtag.com/	1970-01-20 21:27:53	Name: uuid Value: 2651646d-ce7e-4500-b6a8-f3f7962d9757
.mathtag.com/	1970-01-20 12:45:09	Name: mt_mop Value: 4:1684917886
.adfarm1.adition.com/	1970-01-20 14:11:33	Name: UserID1 Value: 7236667216826333339
.adform.net/	1970-01-20 13:28:21	Name: uid Value: 848273091270368672
.yahoo.com/	1970-01-20 20:47:55	Name: A3 Value: d=AQABBH7ObWQCEALxqpaQ8Q1vsnMxwKVEirAFEgEBAQEfb2R3ZAAAAAAA_eMAAA&S=AQAAAjTp_62veVfnyToDWykVfD8
pool.admedo.com/	1970-01-20 20:47:33	Name: tuuid Value: d086492c-ca00-41ce-a002-05c5c9cce0d1
pool.admedo.com/	1970-01-20 20:47:33	Name: c Value: 1684917886
pool.admedo.com/	1970-01-20 20:47:33	Name: tuuid_lu Value: 1684917886

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1684917884&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684917884669&bpp=1&bdt=2457&idt=0&shv=r20230518&mjsv=m202305170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df3ec8c20ac84d40b-22fcb1eee6dd0090%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MbB64TqJ39V0LTz-KSwYvwf015U4A&gpic=UID%3D00000c31f878bce4%3AT%3D1684917883%3ART%3D1684917883%3AS%3DALNI_MYgS75pfzsxFAPHyl4taxCZnNEI7g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=1465404818372&frm=20&pv=1&ga_vid=1951121299.1684917883&ga_sid=1684917883&ga_hid=1818566429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071755%2C44788441%2C44792645&oid=2&psts=ABHeCvgZDr2TkmO0W9LI_gHJxu0q1Y7cnENIhGQJNwMtt7bLtKS1vj_6FE0zmZoD6CouFkaPiLrhlJakJrYYYVTpGkNdFQ&pvsid=2716698797462785&tmod=144994039&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Nk4CHN0Ent&p=https%3A//goo.by&dtd=24 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=293675613&client=ca-pub-8917830189100721&fa=3&ifi=11&uci=a!b&btvi=4&xpc=SsO5fJhgXa&p=https%3A//goo.by Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230518/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=293675612&client=ca-pub-8917830189100721&fa=2&ifi=13&uci=a!d&btvi=6&xpc=xkm3VPxno7&p=https%3A//goo.by Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
c1.adform.net
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
goo.by
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
match.adsrvr.org
mc.yandex.by
mc.yandex.com
mc.yandex.ru
onetag-sys.com
p4-buarr4gsctl2o-l74kjnbxy63hqiek-if-v6exp3-v4.metric.gstatic.com
p4-gfdbssi5grp7a-7ay4ufxdacfypzvh-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
r.turn.com
rtb.fr3.eu.criteo.com
rtb.openx.net
ssum-sec.casalemedia.com
static.criteo.net
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.185.131
142.250.186.131
151.101.66.49
172.217.16.194
178.250.1.6
18.185.196.61
185.29.134.248
185.80.39.216
213.155.156.182
2606:4700:3030::6815:56e9
2606:4700::6811:190e
2a00:1450:4001:801::2003
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a02:6b8::1:119
2a02:fa8:8806:12::1400
2a05:d018:d29:3605:c16d:3d42:19c0:e699
2a05:d01c:1d8:8100:a4c6:9405:d858:453d
35.157.12.160
35.186.253.211
35.210.53.219
35.71.131.137
37.157.5.132
46.228.164.11
51.89.9.252
69.173.144.138
85.114.159.93
98.98.134.243
057bac175e585ef57f24d764c2e8637338cf0adac7e05dfddc20e90ba5e5f5b4
05c03c87d7017a903a21732e8c3bc93ca41ef0e82e023e22af527d3a8137ddea
08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f
08ec63812b5c543fbc24b98cf05328d849347f0dc0b2cbdf9bc463435b5ad1f6
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11e648ed41b2ced07832412e708bcffef74dab2eef5f431f0130677b1a07ee4a
141de37d0899447ce87a9dcb97dc26aa5ea71ccfd190d40059b863260894b491
171ca22825d9d3284a7e20e85120854bc2bf6fb15b821ce6bed382f14ff51c29
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a37dc90b9c1990e293e02307fc12b9c7e66331a24eabb8336a9c06907a2bd6
1912ec9329c898b56073a8120eb94e72e0bb858b390443cbc65d18a494572215
195ffe64f7501043f3700fdf9fbf2012d0b66fa26dcad328db4d5e8430fb520b
1b43eeb98a1b90d28b370672ee03972ae0aab4787dac49bcfe55168cfa37eaaa
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
245c718f14d5258493d6bd26b4e957178a17bd28f21fa593cc6d1911fddb324c
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b6ba1c194ab6d92c1f1ab40cc3c7eb313a8448d3354fe99983141229ade1da
39be138b8f1adf5a5148c54d230cffac5263f33cfda599fb23ca0fde70b8da1c
3a5be2c72413a2c0a18340bf05bbc3c672facc79a8b9c1a84b9740b378a07661
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eefcd5ba2f128fa9468549daefb569acd63b7cb080f2105496fee6298c258e0
4315f5da03e23c3a6a22eb8b0425a2af69a0a733d6271459de957752b7adfe54
43df0eac8cd04fe4184d857d79cb2b72f9c636dfbc7d3bc6555ce0aacf2f2c47
452f096c720b3e3f9bef10090f461ce08ab38e64159263e9939a7c60067aa32f
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f13624ce0e1f8e5e1d4b8fe574cbbf24762f94bdbf86732a955b144a5c597a0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5590c34e6c1e3de21931ccd8182869af373dac2b7e666fc9aa2bde573555b0f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58446cbabd044c73d3acf500f55f95be558c0675d8ddb298a70fc077c165b5cb
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee
5ea674dcb540d02737561e4b79664ae44128ce757a2c919eca6fded2e85ce390
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f
6461e3d621bb44222b85c04e787c3a1bc2c296316d77bc175e682c177557fa76
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
68decb9b04351770373306a7d4eef2a677b9f2541d790a42fc6f72e8cdcc7bd0
6bb247a5d19a7fd82b06e82e0cf3723903ce13c32aaddaca14ab30cc7c2e6b2d
6c785dee6ed2b248070e51f80868e1b938665681c17188c4e579c9c509ae05d8
707acff06478583dfee1269f58a774a1115ec29105eb5d720da66f95d4e80abb
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7332efc4dfb395ac04aadb2054c355cc07acecef7171cf6227274484a560e4a1
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc
7c4a6a5c5b52a952d961f72511c6e90754eb64508470f9cc5f39eedbdb195737
7d6cb69cd96f11fbbe757ce600e93c50cc204b09413e12e5c6faa187d6d9371d
877de2ffab95719d6ff1f1048fa912e70ee31879a2a31f868eb5b1770252d8fb
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7c3e55eaa9ecaa4ca4a2ebffc199b1d3b5c4c568e832a107811ca61db66bcbb
a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad01db3d9c6d82ce2cb45fdac86cbb0d395e71e98f80147531f78943c95dcd7b
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b178ba1cf424a9bc6f79084d775a77838fcbc1c3da4b2d426dd8facce1dfddbe
b28bb6c60fd6185bfa7e62f9fc502cec6d9d60e5b48443268ca73cbcc9065adb
b5d505f2274276951c12cbcdf1e763988ac536cb4605d96e35d00ff338c42785
b6a164eff6f0efb5c929028b6430e4019769f33101ba5956ffc8b2212c1d9b1a
b9ad0243bfcfea8ef5de93bd04cf7d0fa885f5a4cad496b869bf3c2d852410c0
bffd26f0a8eacdc8b7dff28a6e6dc4505256ac7fe5649c6e5418c998ca55b394
c0403914918a9873dc530770c47edbeaac9749371ffa66e72ee5cfa3b1ea19cb
c44313430f757e3a44c796394ad431ad413d363d4467dfbc6cf1867e560969c3
c6a6a5dc6833ce127ce3e49abc5aff4035df94ceddd84d12e38d82b57bb49dc3
c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f
c8e98969dce2816e15b94aea27381a7367ff9381a212f0707c3eb4efa79d6440
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
cb1903f7f246f3de5384b2e1949ff3938b545ea1c74eadc63f533c8f89f56810
cba61c9b9fa4ee66a556ae225d15d718abdb0986bff5648354d7b43f627f1b10
cbce5e3e69c8bd44de26117e5566a6d3bef2cd527035b883c8f5be718b646b47
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
d646178c2227db7c9377092f20b524b808b1085bd886bdbbc232e95fc1464776
d686da2f688c0626150916a9c9d322a21ce1e3f62cc4fba52ebb1ee0a2252758
d69ba2a3cb603ff3aba5f081ad98b683d0b0788524d62f5b4df4f240658b4c90
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e337c98d5ed7ed7e852c87ee65bf108bd1cf6377d585c9f7b595a9e54ad41fa5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3db8b9500d72a55dca757df9f9a633a497b27306a132084a9e420ff124b3bfc
e8e5d83579758755f74a6f1a97a044da32144ad0e22d7691ec2d6c2c8a098929
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dbe03f6b4950af448f33af9b9ca7a63d3a4cc98256a5c3daf1d31e456e85d8
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f809d3e144a4d16d5a676b291e67668e9bce81891fac6f54f154b27cf80a35cb
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

goo.by Open in urlscan Pro 2606:4700:3030::6815:56e9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

212 Requests

91 %HTTPS

51 %IPv6

33 Domains

44 Subdomains

28 IPs

11 Countries

2521 kBTransfer

6258 kBSize

40 Cookies

0 Outgoing links

Page URL History

Redirected requests

212 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

goo.by Open in urlscan Pro
2606:4700:3030::6815:56e9 Public Scan

Screenshot
Live screenshot

Full Image

212
Requests

91 %
HTTPS

51 %
IPv6

33
Domains

44
Subdomains

28
IPs

11
Countries

2521 kB
Transfer

6258 kB
Size

40
Cookies

212 HTTP transactions
5 data transactions