URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D...
Submission Tags: falconsandbox
Submission: On October 02 via api from US — Scanned from DE

Summary

This website contacted 34 IPs in 9 countries across 29 domains to perform 160 HTTP transactions. The main IP is 2606:4700:3032::6815:1e70, located in United States and belongs to CLOUDFLARENET, US. The main domain is sanovnikat.com.
TLS certificate: Issued by GTS CA 1P5 on August 6th 2023. Valid for: 3 months.
This is the only time sanovnikat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
35 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:440... 13335 (CLOUDFLAR...)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2 23.56.205.163 16625 (AKAMAI-AS)
2 2 2.17.100.202 20940 (AKAMAI-ASN1)
2 65.9.66.77 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
10 17 216.58.206.34 15169 (GOOGLE)
6 12 104.18.27.193 13335 (CLOUDFLAR...)
6 9 185.89.211.12 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 142.250.186.34 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 64.233.184.156 15169 (GOOGLE)
1 2 46.228.164.11 56396 (AMOBEE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.196.113.49 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 178.250.7.11 44788 (ASN-CRITE...)
1 1 31.220.27.134 39572 (ADVANCEDH...)
2 2 37.157.4.28 198622 (ADFORM)
1 104.18.36.54 13335 (CLOUDFLAR...)
2 184.30.20.47 16625 (AKAMAI-AS)
160 34
Apex Domain
Subdomains
Transfer
54 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
532 KB
36 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433
bid.g.doubleclick.net — Cisco Umbrella Rank: 1063
181 KB
20 sanovnikat.com
sanovnikat.com
212 KB
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
7 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
7 KB
8 gstatic.com
csi.gstatic.com
fonts.gstatic.com
41 KB
7 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2225
www.google.com — Cisco Umbrella Rank: 11
apis.google.com — Cisco Umbrella Rank: 242
64 KB
4 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16620
a1.awin1.com — Cisco Umbrella Rank: 73043
101 KB
4 youtube.com
www.youtube.com — Cisco Umbrella Rank: 80
80 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
imasdk.googleapis.com — Cisco Umbrella Rank: 657
133 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
188 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
172 KB
3 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 25798
ui.cleverwebserver.com — Cisco Umbrella Rank: 27253
call.cleverwebserver.com — Cisco Umbrella Rank: 27981
48 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
180 KB
2 flashtalking.com
secure.flashtalking.com — Cisco Umbrella Rank: 3630
cdn.flashtalking.com — Cisco Umbrella Rank: 1786
7 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 954
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1469
s.tribalfusion.com — Cisco Umbrella Rank: 3247
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
r.turn.com — Cisco Umbrella Rank: 6191
869 B
2 awin.com
ui2.awin.com — Cisco Umbrella Rank: 76699
210 B
2 google.de
www.google.de — Cisco Umbrella Rank: 3974
515 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
147 KB
1 doubleverify.com
vast.doubleverify.com — Cisco Umbrella Rank: 1922
4 KB
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10895
335 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 910
363 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
755 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
146 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 194
2 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
603 B
160 29
Domain Requested by
35 pagead2.googlesyndication.com sanovnikat.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
20 sanovnikat.com sanovnikat.com
cdnjs.cloudflare.com
19 tpc.googlesyndication.com googleads.g.doubleclick.net
sanovnikat.com
tpc.googlesyndication.com
imasdk.googleapis.com
pagead2.googlesyndication.com
17 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
sanovnikat.com
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
sanovnikat.com
12 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
9 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
5 csi.gstatic.com imasdk.googleapis.com
4 www.youtube.com cdnjs.cloudflare.com
www.youtube.com
3 fonts.gstatic.com fonts.googleapis.com
3 googleads4.g.doubleclick.net googleads.g.doubleclick.net
sanovnikat.com
3 s0.2mdn.net googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
sanovnikat.com
3 www.google.com sanovnikat.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
3 cdnjs.cloudflare.com sanovnikat.com
2 c1.adform.net 2 redirects
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 a1.awin1.com googleads.g.doubleclick.net
2 ui2.awin.com 2 redirects
2 www.awin1.com 2 redirects
2 apis.google.com cdnjs.cloudflare.com
www.youtube.com
2 www.google.de sanovnikat.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com sanovnikat.com
www.googletagmanager.com
1 cdn.flashtalking.com sanovnikat.com
1 secure.flashtalking.com sanovnikat.com
1 vast.doubleverify.com imasdk.googleapis.com
1 s.uuidksinc.net 1 redirects
1 dis.criteo.com googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 x.bidswitch.net googleads.g.doubleclick.net
1 s.tribalfusion.com sanovnikat.com
1 a.tribalfusion.com 1 redirects
1 r.turn.com sanovnikat.com
1 ad.turn.com 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 yt3.ggpht.com www.youtube.com
1 call.cleverwebserver.com sanovnikat.com
1 ui.cleverwebserver.com sanovnikat.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 scripts.cleverwebserver.com sanovnikat.com
160 44

This site contains links to these domains. Also see Links.

Domain
t.me
Subject Issuer Validity Valid
sanovnikat.com
GTS CA 1P5
2023-08-06 -
2023-11-04
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3
2023-08-06 -
2024-08-04
a year crt.sh
www.google.de
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
www.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
vast.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2023-06-11 -
2024-07-12
a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-04 -
2024-05-03
a year crt.sh

This page contains 23 frames:

Primary Page: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Frame ID: 18CCF9C72F87744C40A914F59D189A36
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Frame ID: E4CDAC3F158920D960BA0D09BF74BFD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&adk=2969136045&adf=3689892565&lmt=1696258630&plat=1%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l&format=0x0&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265829761&bpp=6&bdt=500&idt=251&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4218111838503&frm=20&pv=2&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=295
Frame ID: 1121BB3FD63D6F8F4F22B1E8BFAF1A8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=200&slotname=3249978591&adk=140209721&adf=1958524040&pi=t.ma~as.3249978591&w=1200&fwrn=4&lmt=1696258630&rafmt=11&format=1200x200&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265829767&bpp=2&bdt=507&idt=298&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3uIIvnTjQK&p=https%3A//sanovnikat.com&dtd=305
Frame ID: 8508CC1A44AEDD2BD5DA0385AD2184F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=309&slotname=3249978591&adk=1088673156&adf=1183831810&pi=t.ma~as.3249978591&w=370&fwrn=4&lmt=1696258630&rafmt=11&format=370x309&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830387&bpp=5&bdt=1126&idt=5&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZQQguldsjp&p=https%3A//sanovnikat.com&dtd=12
Frame ID: 5F1ED7E9868B13A70030D95DB26BEC9A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCe4WqN4aswxCyWBo-UTtCmw&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fsanovnikat.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Frame ID: C5C0D8E546D62C0775853155F86F37F6
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=3365719131&pi=t.aa~a.2162043785~i.4~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=3&bdt=1462&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309&nras=2&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=PqwkLUyTOW&p=https%3A//sanovnikat.com&dtd=5
Frame ID: 13BEB2DE3B7AD885C287DC352FB60F3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Frame ID: FA221C2EF890271400023E6D4DC9F51D
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Frame ID: 174677B31DC135B955645DB6E39A4485
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Frame ID: DE4F0379778B23FB38FF418C08609130
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEPGV5IEFGJTnm_EBMAE&v=APEucNU1RDupjEQLCIb6s2jg9vd6NeqTG1ZAqEHMVf_AhtpZkVlLqceox-An8WtKC3INmt_-PleWFlqyxXJaGQfe2muN8h5xE3Wmr9VuF3p67cVPsz77tBkwIysXIZi0h0fdTnREFk6lhFIefTBeeBr9Bb4a6vi03Y5qZZNa86Mb0zE9NTSUfjG93vzhBxjYUKEeXitgsnwSIMSPCiCAXTuFAHHd8eW7rg
Frame ID: 5AD30D7868857EBD1340782E74279B52
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B7F82D90A4BD84D1EE7BC7C38C6FB89B
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKen9wIQyvWgpQUY5e2Z9gEwAQ&v=APEucNUtNCBYpXz78af99eL5sjk_6tVa6VMLfPJywnmeQqYcuGbrchIixs78Kjh1NTyrUss7Hd3voi3_2MUlWJqmU5Fc9DRtC_77_b9xbO3uG7a8VrMZe0ZSGhDgrOKP1w_Rv66pBDwxy2Hl8KrCgrzaSrhxu88zy3VvztrMYGRpFRBQMp1eIKjSLaX1u9HAxslqnyTgadO6fUpyfV6V576bUmB1t_BxUw
Frame ID: 7AAD719DBEA838EB9C4274977E5B434F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js
Frame ID: BD1FCCB9105A03507AA01AAFAAE84402
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKen9wIQyvWgpQUY176a9gEwAQ&v=APEucNV-xTeYQgpfwv7njk1TqfIuWpk8ZftHcAFMOWK3HwwIfWXXjR6tOyARqjWjt34vIWVPGBfIA2DYx0uqJDlTyqQPsVc1Nl0oYC3SLFciuHotgaXEx42PF0fT-I_ctQt_rttK27TRbRviqD8qGbEtZcyQUwraWIKDNQ4GNPqshCrZK_el_gOlW7rwumn-jSJ7hADx4fVcCQZu6E70O-xtXip4U5XS5Q
Frame ID: E0FF0CD81C3D61E0C1C040B785C90C1A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js
Frame ID: 262299193375CC1EB53DD8B26F248DE0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 61329967E6A908F94E0A598898D41B50
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A87F28A050C9D37F5F0F2743E60BFF7B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 42E99F5553482D3AEEA13727A492331E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D4CCB3177C4D9F6FB87416EE2AC83F4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 9CFBE30083012809C4B455A561836404
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8EF1EE64BFBE870E4AA355C7F5981AB6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 41A54569ECED1F805FF487569C384476
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Съновник гола жена мастурбира, да сънуваш гола жена мастурбира - sanovnikat.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

160
Requests

88 %
HTTPS

61 %
IPv6

29
Domains

44
Subdomains

34
IPs

9
Countries

2130 kB
Transfer

43690 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://www.awin1.com/cshow.php?s=3454802&v=37018&q=448851&r=302675 HTTP 302
  • https://ui2.awin.com/ads/awin/37018/imgcriteoeaffiliation-160x600de-1694428281864.jpg HTTP 301
  • https://a1.awin1.com/ads/awin/37018/imgcriteoeaffiliation-160x600de-1694428281864.jpg
Request Chain 78
  • https://www.awin1.com/cshow.php?s=3454817&v=37018&q=448851&r=302675 HTTP 302
  • https://ui2.awin.com/ads/awin/37018/imgcriteoeaffiliation-728x90de-1694428556925.jpg HTTP 301
  • https://a1.awin1.com/ads/awin/37018/imgcriteoeaffiliation-728x90de-1694428556925.jpg
Request Chain 81
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIiZ9AJevIxonwwgPH1hVI8&google_cver=1
Request Chain 82
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRr2Z8Ia.sD-VOW3hgs1ygAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL17xXY3nS0MlQWqT9UHjBg&google_cver=1&google_hm=2
Request Chain 83
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE1OTFCRJVDqzFZtzqJVMzE&google_cver=1
Request Chain 84
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2NTM0NzYzNTYyOTc4NTkxNQ%3D%3D
Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBJHR9SkqFoWW3zSqi5sDxA&google_cver=1
Request Chain 90
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRr2Z8Ia.sD-VOW3hgs1ygAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL17xXY3nS0MlQWqT9UHjBg&google_cver=1&google_hm=2
Request Chain 91
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMGzhASjk4NVd---wcDCtcM&google_cver=1
Request Chain 92
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2NTM0NzYzNTYyOTc4NTkxNQ%3D%3D
Request Chain 93
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBJHR9SkqFoWW3zSqi5sDxA&google_cver=1
Request Chain 94
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRr2Z8Ia.sD-VOW3hgs1ygAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL17xXY3nS0MlQWqT9UHjBg&google_cver=1&google_hm=2
Request Chain 95
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMGzhASjk4NVd---wcDCtcM&google_cver=1
Request Chain 96
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2NTM0NzYzNTYyOTc4NTkxNQ%3D%3D
Request Chain 127
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM3pSxaX8wPjkJuMMtpLg4U&google_cver=1&google_push=AXcoOmQXr0cIKJ2EsrjUlAA9B2jDWOTNkWRBprIVl8C0A5OZHdrSGLCF90GTIfhMVk_oGjFxQNYVVEfBvwrwBHgvB_lWM3AALHE1anHBiy9NLhGqXs-IcyP-vBw6ZbYBG8M-XTeAmSKCRk5AwhYbClczjW9Y3L0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY2NDI3Njc4NjE1NDA3NDg0OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqmJTBK5kSDsUgCnndwtSQ&google_cver=1
Request Chain 128
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGVR_cfx3vva6Il01BrLihQ&google_cver=1&google_push=AXcoOmTbjT07MOv50oEnXo2YM4kLpJ8VhZ5uSuREw3D2caC_V0iCzji7Eek8j3JseR4GXnjlqLSO8LI-ayBijW96C4ojXAF8y5fkVq-AveZrMlVr9Th8NLllBu5_0nTW_qkapMOOkMj5D8hhsdUYb5tviYvS-u4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTbjT07MOv50oEnXo2YM4kLpJ8VhZ5uSuREw3D2caC_V0iCzji7Eek8j3JseR4GXnjlqLSO8LI-ayBijW96C4ojXAF8y5fkVq-AveZrMlVr9Th8NLllBu5_0nTW_qkapMOOkMj5D8hhsdUYb5tviYvS-u4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGVR_cfx3vva6Il01BrLihQ&google_cver=1&google_push=AXcoOmTbjT07MOv50oEnXo2YM4kLpJ8VhZ5uSuREw3D2caC_V0iCzji7Eek8j3JseR4GXnjlqLSO8LI-ayBijW96C4ojXAF8y5fkVq-AveZrMlVr9Th8NLllBu5_0nTW_qkapMOOkMj5D8hhsdUYb5tviYvS-u4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTbjT07MOv50oEnXo2YM4kLpJ8VhZ5uSuREw3D2caC_V0iCzji7Eek8j3JseR4GXnjlqLSO8LI-ayBijW96C4ojXAF8y5fkVq-AveZrMlVr9Th8NLllBu5_0nTW_qkapMOOkMj5D8hhsdUYb5tviYvS-u4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 130
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMjwMb397hH41bQJYNMu864&google_cver=1&google_push=AXcoOmTZok-5H4seNuDbWixubQYYVXQ2QdxYC-8eyIkaaLsL3bv4VsHdn_rODcIpgGYtiSZkb36PNfgS38l4mFDQDi_B7e5LCa9rT8DPJIqt-orIzs5HA1sGX7bIp_zvHxN2Iu9BaW28xrsc_-YA69iuFkUvbw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTZok-5H4seNuDbWixubQYYVXQ2QdxYC-8eyIkaaLsL3bv4VsHdn_rODcIpgGYtiSZkb36PNfgS38l4mFDQDi_B7e5LCa9rT8DPJIqt-orIzs5HA1sGX7bIp_zvHxN2Iu9BaW28xrsc_-YA69iuFkUvbw&google_hm=eS1NUU1qcUlsRTJwSGhCaEpfSTl2c09FVHlYbDRsRGdtX35B
Request Chain 132
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEKNMcAY4rO-hBy2Fgp7wsFQ&c_param1=AXcoOmQBrVnGr9af8T833ya1qhZgUiLTD1Zwbfc4_KpGIxjLfm0Q6CFxZTpexnxpx0pcMl3YBMu_jMChsXcd3SstwBVz7FsdBd7QW_hPaLgpGDKQzS6fnT8o1dRa42A8XxcDPPRs2xoEwbrWrBPIfsrReJPby_4&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQBrVnGr9af8T833ya1qhZgUiLTD1Zwbfc4_KpGIxjLfm0Q6CFxZTpexnxpx0pcMl3YBMu_jMChsXcd3SstwBVz7FsdBd7QW_hPaLgpGDKQzS6fnT8o1dRa42A8XxcDPPRs2xoEwbrWrBPIfsrReJPby_4
Request Chain 133
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOnhfyAAtIh_d8sLMFd7ArY&google_cver=1&google_push=AXcoOmTvkw30gqe_CerMxudzih2czcW43HaZIuV3sG9EdkMH4O0J4Q-iKHq8rYiS0OV99qUdX30fVz9KL-FiJZcUyajnF8MUDzNOTQHHXjVesrey4_IvWQPfaXRu9YoAnbW4lST_8SkZrB4dRPamUthqvVjvfd8 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOnhfyAAtIh_d8sLMFd7ArY&google_cver=1&google_push=AXcoOmTvkw30gqe_CerMxudzih2czcW43HaZIuV3sG9EdkMH4O0J4Q-iKHq8rYiS0OV99qUdX30fVz9KL-FiJZcUyajnF8MUDzNOTQHHXjVesrey4_IvWQPfaXRu9YoAnbW4lST_8SkZrB4dRPamUthqvVjvfd8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIxODEyMzM4NDU5MDE0MzkyOQ&google_push=AXcoOmTvkw30gqe_CerMxudzih2czcW43HaZIuV3sG9EdkMH4O0J4Q-iKHq8rYiS0OV99qUdX30fVz9KL-FiJZcUyajnF8MUDzNOTQHHXjVesrey4_IvWQPfaXRu9YoAnbW4lST_8SkZrB4dRPamUthqvVjvfd8

160 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%...
133 KB
28 KB
Document
General
Full URL
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92540f4c834981b343c377cb46158a614a633dac2ee307c06ddf7335a9075089

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80fe7b95df155ff0-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 02 Oct 2023 16:57:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBpHbAS9zSwFC70cnRX3wkd4BdNAvS649gzQwqiNy%2F8ePFcB5YsyZj7gVcuUDmJQwInEJb7JtfuNQIiWwJy84IGnp1%2Ba8ADjjN%2Fhbk%2Byw0s2riSzBsMMFOmxZEZngBtiRqv3jXjMvGJnVnNrZw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://sanovnikat.com/
Origin
https://sanovnikat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4063970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Thu, 22 Jun 2023 11:02:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a3a-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tKtH%2FLFyDBybsUxedbfqdCINTJ4kp2kY30ka9nFvykL8AjOASvQ1aqbFJ1QWN6VfnD2ed%2BX7Jy7GkgiUF4eN2h%2BBaLSW7LnziYeqf3ha99%2FvhCJNQcD9PGsNha2RvPObjydamZrUqp%2FMsQ4gwDQWncZ"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80fe7b998862bbb9-FRA
expires
Sat, 21 Sep 2024 16:57:09 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2113139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
28007
last-modified
Thu, 22 Jun 2023 11:06:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1e-6d67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AYCqw5HZMI0FhJIQ7fvmSAXqc2%2FL7bi7Ge9TWiKYmHzAknrmNwvauAGML42iudZSuAKyfHxbuqRzZ9gAwW1O0Ts4Py9fNl9xShfBf7JW3jDwhQjzgUuauq0%2FZ9YScGrQyknHksZjQlCEMT0v8QhIi8V"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80fe7b9989b218d2-FRA
expires
Sat, 21 Sep 2024 16:57:09 GMT
header-home-59a53ddb031874db1197445903f5cd55.min.js
sanovnikat.com/wp-content/uploads/generated-assets/
96 KB
29 KB
Script
General
Full URL
https://sanovnikat.com/wp-content/uploads/generated-assets/header-home-59a53ddb031874db1197445903f5cd55.min.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51d44c25ac94f585478221aaa2b8970a2a1c9602adf29c9953f81076758bbb7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Jun 2021 18:49:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1023094
etag
W/"60d776bc-17ef8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcmzRLMduouXwSRefnCxXgs76yLAXwbbBk%2BlTtysca1WGYCOU0TtO5N%2BwoGeI8nYPI8oDPyrq4Vf4OTIgEJAzjDfDo9X54xXqOjxw6nDm8%2BhNYidhSFwtTS%2Btldu9bJSw5BX1ijd5YbzP%2Bvhgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
80fe7b9a2ea9b76c-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 18 Apr 2024 05:27:50 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
147 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b85fb99c4170e2e9841ce9a8f536fa4e6f13f50a9ef1e7bb0265c192317c08a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51024
x-xss-protection
0
server
cafe
etag
3721415439912752918
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 16:57:09 GMT
footer-b13e0479b5c666d6f9f391c1b9b2f756.css.min.css
sanovnikat.com/wp-content/uploads/generated-assets/
111 KB
29 KB
Stylesheet
General
Full URL
https://sanovnikat.com/wp-content/uploads/generated-assets/footer-b13e0479b5c666d6f9f391c1b9b2f756.css.min.css
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099b19959f1e898131d984358c16ebb8e0d8eef35a28a7a5bc9d17c7b8ace743

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Jun 2021 18:49:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
55339
etag
W/"60d776ba-1bb4f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USMXErocJmCPndZzP9jdwFZVJUe0IKP2DGcnwn4aQKz4DgHkPeoYPgH9t%2FCfioRIXOgIfsm5%2BmuA4g%2FJMdbZqD6oC7EpGKPcMn7tXtHcKPAZTMc5TH3K3SaFtHyruaqA5qUatUJzyQu%2FnPu2%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
80fe7b998c635ff0-SIN
alt-svc
h3=":443"; ma=86400
expires
Thu, 18 Apr 2024 05:29:35 GMT
header-single-d0e332e592e1cef1cdad7539ea73a478.css.min.css
sanovnikat.com/wp-content/uploads/generated-assets/
216 KB
39 KB
Stylesheet
General
Full URL
https://sanovnikat.com/wp-content/uploads/generated-assets/header-single-d0e332e592e1cef1cdad7539ea73a478.css.min.css
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1bce2d623320499967a52f9df542e777a10294a16c56680fd6f36599791cb39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Jun 2021 18:49:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
51324
etag
W/"60d776bc-36031"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSatyAlDnPMhZvQEaMX6ePKEzB%2BNvJ0hFjgQlzVSsTMMew4Hbxn4O07iW3OWgW6HcsjIGqye%2B3rF4Ba735OPrxL6mX%2BXSe741cfqsI5oYhiEgN4J%2FIILvDMD3%2FviltkethRaN80SmjMVMb%2FBxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
80fe7b998c645ff0-SIN
alt-svc
h3=":443"; ma=86400
expires
Thu, 18 Apr 2024 05:27:50 GMT
js
www.googletagmanager.com/gtag/
185 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-40048317-1
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d7f5badf1463759d0cfcedbd16e23befa1c84c18ecad7d3277ec45e527da0ceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68973
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 16:07:27 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Oct 2023 16:57:09 GMT
eb3db60621fc053ecd0b470de7444e90fe76e7d019b8144193f9c6_640_%D1%81%D1%8A%D0%BD%D0%B8%D1%89%D0%B0-300x170.jpg
sanovnikat.com/wp-content/uploads/2019/02/
4 KB
5 KB
Image
General
Full URL
https://sanovnikat.com/wp-content/uploads/2019/02/eb3db60621fc053ecd0b470de7444e90fe76e7d019b8144193f9c6_640_%D1%81%D1%8A%D0%BD%D0%B8%D1%89%D0%B0-300x170.jpg
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b190232800b349bb4390f656b869c5f010f87c796cf9371fde332e25c82f7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1431521
alt-svc
h3=":443"; ma=86400
content-length
4130
last-modified
Mon, 18 Apr 2022 05:32:26 GMT
server
cloudflare
etag
"625cf7ea-1022"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3t5eQDESQmP%2FQm8647jqaW17AwNnu%2B5sEMhTvNk0qJINIWsWRWqWcmuAFWQldV87yARovEMV2DxlOMTt%2FQ75HhDTtc4iOsqfZnytna3vHh0hPaO5aSBizfHZD852NfF2K%2BWwFVDPc2FUHUxg3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80fe7b9a3ec1b76c-AMS
expires
Thu, 18 Apr 2024 05:29:05 GMT
znachenie-na-imenata-300x185.jpg
sanovnikat.com/wp-content/uploads/2019/02/
6 KB
7 KB
Image
General
Full URL
https://sanovnikat.com/wp-content/uploads/2019/02/znachenie-na-imenata-300x185.jpg
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d79b5b6b39664f8c1afd4153ed9f59f6c80c38113dfe582993af5f25252bb500

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1002335
alt-svc
h3=":443"; ma=86400
content-length
6348
last-modified
Mon, 18 Apr 2022 05:32:04 GMT
server
cloudflare
etag
"625cf7d4-18cc"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nq%2FsgnRidHYA1I8JwWxXZb9%2BBwYPGLXFZywXJId0N48qLehAyEBo1mk1cdjj9hf6D1cvD%2B8yg3dUlDbzCdScS2We3m3TH0jYEHVz4ItdsPwSPffzidJSNs9b8X7ZDwEuEsL4Laelr5HsQVtrvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80fe7b9a3ec3b76c-AMS
expires
Thu, 18 Apr 2024 05:29:05 GMT
eb3db30b2bf4053ecd0b470de7444e90fe76e7d019b8114791f9c2_640_dreams.jpg
sanovnikat.com/wp-content/uploads/2019/02/
37 KB
38 KB
Image
General
Full URL
https://sanovnikat.com/wp-content/uploads/2019/02/eb3db30b2bf4053ecd0b470de7444e90fe76e7d019b8114791f9c2_640_dreams.jpg
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96be6646b5927a82d9f25e29a7a8ad8c0a5632e7ae7e535da83e0ad0c2f462eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1428433
alt-svc
h3=":443"; ma=86400
content-length
38368
last-modified
Mon, 18 Apr 2022 05:32:19 GMT
server
cloudflare
etag
"625cf7e3-95e0"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kATBJF7EQ4eZVatKMHV%2F4hiQBbuw3VpU8IFJHID7IbGKQGC7A%2F%2BRFF0rqV3tvRJ554%2FhUiYXwewaC4ZyhgJrJJq%2BLYpWieC6mMwBujs0iEGvkft7zvg5zpuRQTrpCaKO8C2wrgFONylUYHTgzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80fe7b9a7f06b76c-AMS
expires
Wed, 19 Apr 2023 05:28:01 GMT
truncated
/
9 KB
9 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a14905b85669a60640659e75d93b815f0c019e09069570591fdb2d9bbde613ce

Request headers

Referer
Origin
https://sanovnikat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
j_check.php
sanovnikat.com/
324 B
599 B
XHR
General
Full URL
https://sanovnikat.com/j_check.php
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48b7d10831e640f8a441656c74398520bab0bb856770a6d5ef45a0c7db67e39b

Request headers

Accept
*/*
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCmO3TSbar0sskPBC%2Fr5urIfSDfhN7N3p4ZWmQWAIREN%2BcbGamr%2BuZCyqs02iXBQVPw%2BShsx%2F8aTICclf3v0ItGBcCCoj6ZTTSK%2BXPBdrHh%2FXlHR%2B1OG0aDZG8UWti1D%2Fk6t8iXOH5GGFra%2FVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
80fe7b9bf8bfb76c-AMS
alt-svc
h3=":443"; ma=86400
a78e6cba070ee0e4fd444b0218cc3685.js
scripts.cleverwebserver.com/
131 KB
48 KB
Script
General
Full URL
https://scripts.cleverwebserver.com/a78e6cba070ee0e4fd444b0218cc3685.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dc773bcc8762b962cd23d0002c3e322e0de95d8d4e901fff9b0a5154f5fa17b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
x-amz-version-id
5cH0ulhQHMl0ubDjaEOBj2gciwwuUqvo
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 21 Sep 2023 17:16:53 GMT
server
cloudflare
x-amz-request-id
V6N13HCNMSZFK75D
etag
W/"36ca9c6c180c867dbd14176c0799c086"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
80fe7b9c9bf23662-FRA
x-amz-id-2
GQ+TrtyEBUZzQdbzHaE50dN8LpLgcZGavXHnSKLIDpxRGLIdw1l+Pbxq3t2qeRCx9KXQMGsPO0s=
expires
Mon, 02 Oct 2023 17:27:09 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/
378 KB
128 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0731180709150395&plah=sanovnikat.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eff81fc04bf29cce33da16685a890955cebde676c09fdb000377513d7d76cb5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131249
x-xss-protection
0
server
cafe
etag
15924778695066880736
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 16:57:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame E4CD
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sanovnikat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1501
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 16:32:08 GMT
etag
2603938475786422795
expires
Mon, 16 Oct 2023 16:32:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
224 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YBFHPC76SD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-40048317-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9dbe5df0df4a57d6ad83217b882a6bcbdbf5b4b4ebd73f7bcdd8481862a165c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81362
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 02 Oct 2023 16:57:09 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-40048317-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 02 Oct 2023 15:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4046
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 02 Oct 2023 17:49:43 GMT
c_ajax.php
sanovnikat.com/
11 KB
2 KB
XHR
General
Full URL
https://sanovnikat.com/c_ajax.php?action=get_ajax_menu_desk
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f70cd7f01ee52df6cd6b065dd27e40c281f009cba96cebff60070e6b1145d9b

Request headers

Accept
*/*
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c59vv61beehkUNERfgM%2BZVd3vtA%2BE4WAHUlmdj1sZ6vv4zTl6NeC2Kim962vcpRpVIw0jDlyzTq1Vyr8fL0J2y1KAWxcH8Ub9C83LmTo2b9aBOWEO%2BFcgqaluGNU0a6IsRwQW7IbbUHjZt%2Fbhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
80fe7b9c795db76c-AMS
alt-svc
h3=":443"; ma=86400
collect
region1.analytics.google.com/g/
0
244 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-YBFHPC76SD&gtm=45je39r0&_p=1976156223&_gaz=1&cid=548593582.1696265830&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1696265829&sct=1&seg=0&dl=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&dt=%D0%A1%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0%2C%20%D0%B4%D0%B0%20%D1%81%D1%8A%D0%BD%D1%83%D0%B2%D0%B0%D1%88%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0%20-%20sanovnikat.com&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YBFHPC76SD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sanovnikat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
253 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YBFHPC76SD&cid=548593582.1696265830&gtm=45je39r0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YBFHPC76SD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sanovnikat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YBFHPC76SD&cid=548593582.1696265830&gtm=45je39r0&aip=1&z=1245256254
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
395 B
603 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sanovnikat.com&callback=_gfp_s_&client=ca-pub-0731180709150395
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0731180709150395&plah=sanovnikat.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89eb83bb17a9cf33d918455a9a1bb4417fa7e76b3d5de749aaba346250d2896d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1121
262 KB
68 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&adk=2969136045&adf=3689892565&lmt=1696258630&plat=1%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l&format=0x0&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265829761&bpp=6&bdt=500&idt=251&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4218111838503&frm=20&pv=2&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=295
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0731180709150395&plah=sanovnikat.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c501c0333d3d89536728f3e2b8175238ebb2b726b16bc18c1dc86d29d397f87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sanovnikat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
69053
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 16:57:10 GMT
expires
Mon, 02 Oct 2023 16:57:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=ASIDE&cls=side-aside%20normal-side%20tie-aside-effect%20dark-skin%20dark-widgetized-area%20&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8508
436 B
432 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=200&slotname=3249978591&adk=140209721&adf=1958524040&pi=t.ma~as.3249978591&w=1200&fwrn=4&lmt=1696258630&rafmt=11&format=1200x200&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265829767&bpp=2&bdt=507&idt=298&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3uIIvnTjQK&p=https%3A//sanovnikat.com&dtd=305
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0731180709150395&plah=sanovnikat.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
865c078913e1b17254df6a89c5e66b2c8c7a80f01707de698d9934b73da26a4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sanovnikat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 16:57:10 GMT
expires
Mon, 02 Oct 2023 16:57:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
ui.cleverwebserver.com/
159 B
219 B
Script
General
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd283fcb6016b74f7b269aad2aa42f1a9e15b2372c4b92bc953e1eebdac19f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
80fe7b9e5d923662-FRA
content-type
application/javascript
collect
www.google-analytics.com/j/
2 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1976156223&t=pageview&_s=1&dl=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0%2C%20%D0%B4%D0%B0%20%D1%81%D1%8A%D0%BD%D1%83%D0%B2%D0%B0%D1%88%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0%20-%20sanovnikat.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1256219460&gjid=2059563046&cid=548593582.1696265830&tid=UA-40048317-1&_gid=765598916.1696265830&_r=1&gtm=457e39r0&jsscut=1&z=1058474922
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sanovnikat.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sanovnikat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
151 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-40048317-1&cid=548593582.1696265830&jid=1256219460&gjid=2059563046&_gid=765598916.1696265830&_u=YADAAUAAAAAAACAAI~&z=1828174265
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sanovnikat.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 02 Oct 2023 16:57:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sanovnikat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
call.cleverwebserver.com/
43 B
105 B
Image
General
Full URL
https://call.cleverwebserver.com/?id=51575&c=DE&r=null&l=76&b=Chrome&os=Win10&mob=0&v=1.51.1&ref=aHR0cHM6Ly9zYW5vdm5pa2F0LmNvbS8lRDElODElRDElOEElRDAlQkQlRDAlQkUlRDAlQjIlRDAlQkQlRDAlQjglRDAlQkEvJUQxJTgyJUQxJThBJUQxJTgwJUQxJTgxJUQwJUI4JTIwJUQwJUIzJUQwJUJFJUQwJUJCJUQwJUIwJTIwJUQwJUI2JUQwJUI1JUQwJUJEJUQwJUIwJTIwJUQwJUJDJUQwJUIwJUQxJTgxJUQxJTgyJUQxJTgzJUQxJTgwJUQwJUIxJUQwJUI4JUQxJTgwJUQwJUIwLw%3D%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
80fe7b9ede283662-FRA
content-length
43
content-type
image/gif
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-40048317-1&cid=548593582.1696265830&jid=1256219460&_u=YADAAUAAAAAAACAAI~&z=294596111
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-40048317-1&cid=548593582.1696265830&jid=1256219460&_u=YADAAUAAAAAAACAAI~&z=294596111
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c_ajax.php
sanovnikat.com/
6 KB
2 KB
XHR
General
Full URL
https://sanovnikat.com/c_ajax.php?action=get_ajax_sidebar
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1117a7a5e4dcd73b550eef4d8ad43e4e82ff62707bf4936f3c8d53bdacb69f6

Request headers

Accept
*/*
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDgut93e%2Bf4289eIwWAr0NDS4Lk2oySEl%2FdTHMYIsE%2F6tlDbF%2FTZT8l27lt9j4VH8hOuI0ooulCEkMT0DciBfhQOpd4CRoR59OVgSKtNNOR8eLAuruZqtlx3zY9vs12SH33JBQDG8AVuDZZ3Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
80fe7b9f9d80b76c-AMS
alt-svc
h3=":443"; ma=86400
afc340d6443db73e03d47147238f55e9-150x150.jpg
sanovnikat.com/wp-content/uploads/2019/04/
4 KB
4 KB
Image
General
Full URL
https://sanovnikat.com/wp-content/uploads/2019/04/afc340d6443db73e03d47147238f55e9-150x150.jpg
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ad1c55369a5a5ae758580a5b35fa24d8a0e81e7835a626d3ba8dcee4182794e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2060
alt-svc
h3=":443"; ma=86400
content-length
3974
last-modified
Mon, 18 Apr 2022 05:30:56 GMT
server
cloudflare
etag
"625cf790-f86"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PNsL%2FSHKerJXrFReD45hOh1dTDqweMc5qxxGJAfjiXaBy2sE0i30syc7xIxi2%2B%2Bia2n1aCV%2FCVYnn1rm56VF0deUCPwZG%2Fx8cJ9RAa8YbRCwN1WkcNcUCNwlGuQmvdWbjG4xuRS7yfunAcJ1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80fe7ba01e05b76c-AMS
expires
Thu, 26 Sep 2024 09:34:23 GMT
sezonno-hranene-150x150.jpg
sanovnikat.com/wp-content/uploads/2020/04/
6 KB
7 KB
Image
General
Full URL
https://sanovnikat.com/wp-content/uploads/2020/04/sezonno-hranene-150x150.jpg
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5385b3406883e1fc93ac43ba9fc33de7a5a129d279d713112a8547200f717af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56771
alt-svc
h3=":443"; ma=86400
content-length
6166
last-modified
Mon, 18 Apr 2022 05:26:47 GMT
server
cloudflare
etag
"625cf697-1816"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYPxJNy8PZ4ZWkZPXRHI17n2eapVapEWfp4qw6DbBkaf9JU1DANvJq%2FLaVfJv9yAX72UIF%2Bpu0alGw57Y1R3BbFHp8YL8mBfnXzM%2FAYH21PxUANoLKNDefgQkEMXFj7ro1c022z2h30DXFIe0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80fe7ba01e06b76c-AMS
expires
Mon, 30 Sep 2024 18:55:51 GMT
c58e0f9afce44593859c033aa4my-kartiny-i-panno-ikona-sv-spiridon-trimifutskij-150x150.jpg
sanovnikat.com/wp-content/uploads/2000/12/
7 KB
7 KB
Image
General
Full URL
https://sanovnikat.com/wp-content/uploads/2000/12/c58e0f9afce44593859c033aa4my-kartiny-i-panno-ikona-sv-spiridon-trimifutskij-150x150.jpg
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ad26396de01eaa101321ee6044978198ee7f998eba675e56b288dba98be716f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56771
alt-svc
h3=":443"; ma=86400
content-length
7124
last-modified
Mon, 18 Apr 2022 05:40:55 GMT
server
cloudflare
etag
"625cf9e7-1bd4"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzMNWOmw0JxGBWyOfNSdYNRv4lCuyRHjGsBLdTdlncsBA0Y9RD28hztEHhXu4nU3PnjhMpA0yfKsALo6zKruZw5eQUeFaPyV3Q812RYm%2BYBLn0Rx2Ms3ZNMLX3Pgy%2BdOAf%2FbvAcXnSwtEI8f%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80fe7ba01e07b76c-AMS
expires
Sat, 28 Sep 2024 16:21:26 GMT
%D0%BB%D1%8A%D0%B2-150x150.jpg
sanovnikat.com/wp-content/uploads/2020/12/
2 KB
2 KB
Image
General
Full URL
https://sanovnikat.com/wp-content/uploads/2020/12/%D0%BB%D1%8A%D0%B2-150x150.jpg
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5a60334c5c447d1d0aa9c7f1e0c2ffb0c478512005a11d59b5c58f17a19e7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5964
alt-svc
h3=":443"; ma=86400
content-length
1568
last-modified
Mon, 18 Apr 2022 05:29:37 GMT
server
cloudflare
etag
"625cf741-620"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzwaBGWkg28SnbmZ4jjBNlZoVVRQPnHgI7BLQqLYfFYRjodjPQWw8tUmZJgtTlWymJuN0bHdNpKzisnlOmNxSYJYXYltcw27gCXS%2FdBiFlW%2Fny%2BND6wrYcWANfktV2Xbu36bF2x%2FR%2Fk8HOAQTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80fe7ba01e09b76c-AMS
expires
Wed, 18 Sep 2024 14:19:59 GMT
maxresdefault1-150x150.jpg
sanovnikat.com/wp-content/uploads/2000/07/
5 KB
5 KB
Image
General
Full URL
https://sanovnikat.com/wp-content/uploads/2000/07/maxresdefault1-150x150.jpg
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71ffeec8488658ec0b5408a9cd194cdce943905bc5c726bde84a1a4ded2535f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2060
alt-svc
h3=":443"; ma=86400
content-length
5099
last-modified
Sun, 24 Feb 2019 16:30:10 GMT
server
cloudflare
etag
"5c72c692-13eb"
vary
Accept-Encoding, Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSSvxOreMOkwXph3%2B%2Flsh5pWXn8QsIO1ZJ6l4sBKNDIWqa6aQizyvzqVvrg3atRV%2BudjDNtVXzhupGmLkcHG9xpBUpkfFr3YfSNwQ%2BL9GCqKpHwH9mpCj3%2BOGzC%2BQ5l5GDyvEq1I9meJAz5g4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80fe7ba01e0ab76c-AMS
expires
Sat, 28 Sep 2024 17:15:14 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5F1E
39 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=309&slotname=3249978591&adk=1088673156&adf=1183831810&pi=t.ma~as.3249978591&w=370&fwrn=4&lmt=1696258630&rafmt=11&format=370x309&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830387&bpp=5&bdt=1126&idt=5&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZQQguldsjp&p=https%3A//sanovnikat.com&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0731180709150395&plah=sanovnikat.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
204479c68a95567abb9c8713ba8a2c5a1bebdce713bec89b40eedefb64d3f36b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sanovnikat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
15852
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 16:57:10 GMT
expires
Mon, 02 Oct 2023 16:57:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
c_ajax.php
sanovnikat.com/
2 KB
1 KB
XHR
General
Full URL
https://sanovnikat.com/c_ajax.php?action=get_ajax_see_also&post=1022
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
067f93a01b09217821ab208ead95cc31cb9b091e035e29d43da08c8f3d187bbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wNIXKAf3ExpQ5TkZCAHATj4BA%2FMPOIeJftkX3Zc12ZEmHZXtbWhLgMFVwXvSzp6j8NPmjsgTRWU2hbAhNbbC2RIAXaPPunymLKUA7rzaHVIA5mItqoT97EIgb5J6zBZf17LlrDRm6nR4gfcJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
no-cache, must-revalidate, max-age=0
x-robots-tag
noindex
cf-ray
80fe7ba0eeeeb76c-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
c_ajax.php
sanovnikat.com/
3 KB
2 KB
XHR
General
Full URL
https://sanovnikat.com/c_ajax.php?action=get_ajax_youtube_sub
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c289ae146bc7ae37b9e5cd50137a52a2dd21f96b45fadf22c367d8ceb6f5f3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YctRNwIsjVYgyvF%2BiLSqwQGwBXzpUxCJhgSvE3kEDCFZt5q%2FBb%2BmsSRsiCEJThKKybyWrjn5etuor3QtwMWQV%2FOE%2Bhys9JrHV%2BlhoKzVtoWtji2eXi6iSmRwLFrQHdTn9nYrhMP%2FWrxryGzuEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
no-cache, must-revalidate, max-age=0
x-robots-tag
noindex
cf-ray
80fe7ba0eef0b76c-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
subscribe_embed
www.youtube.com/ Frame C5C0
3 KB
3 KB
Document
General
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCe4WqN4aswxCyWBo-UTtCmw&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fsanovnikat.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d534081afc65f3bf3ef98ad0dc75b3ea4194b65c62d2d47264be43eb5ca7af65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sanovnikat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Mon, 02 Oct 2023 16:57:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
platform.js
apis.google.com/js/
56 KB
22 KB
Script
General
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecfb48718a6edc5e924f385d0ed226cde5dfdebde87049970779bd5d9f86c435
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 02 Oct 2023 16:57:10 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21949
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"ce58d6b1676e880c"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Oct 2023 16:57:10 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/
154 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0731180709150395&plah=sanovnikat.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad0e31795c6d4ebccd7be3ff459bdc2345f2c5373ffacfb9358533f40a769a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53743
x-xss-protection
0
server
cafe
etag
7587445946488867730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 16:57:10 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/wp-content/uploads/generated-assets/footer-b13e0479b5c666d6f9f391c1b9b2f756.css.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://sanovnikat.com/
Origin
https://sanovnikat.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:10 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4063971
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Thu, 22 Jun 2023 11:02:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a3a-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIUpzlpYJv8HyQ9P8niOXzLiyRYyK7FQpc%2FtjJ8IisGOCJuIDfvqiFa5bmm7wCKExeq69HDoJKDZf0cT0rqEOuZGbX3aMOR9oQgLeTXl2YdH2V7bMWpAOSOJDSNFkfyts8YDMK1vSvpmBPif2j1xGX2%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80fe7ba1b92abbb9-FRA
expires
Sat, 21 Sep 2024 16:57:10 GMT
ako-ti-pritreperi-okoto-150x150.jpg
sanovnikat.com/wp-content/uploads/2019/06/
2 KB
3 KB
Image
General
Full URL
https://sanovnikat.com/wp-content/uploads/2019/06/ako-ti-pritreperi-okoto-150x150.jpg
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
379ad0aa6ed004df96525180315c66a1f17433e72dc6c864b9be79c60528c740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55
alt-svc
h3=":443"; ma=86400
content-length
2546
last-modified
Mon, 18 Apr 2022 05:32:45 GMT
server
cloudflare
etag
"625cf7fd-9f2"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f95l1wSHJGAAUyT9BTK9ypDNFjEVudWVmDiuYhCslNjTFUWUTai4tp4oQbg826aZqiilgiyqb6xOd99PFS8ZN7VnUv3zcUTlzh7Q6FUl%2BbFNz0qKK9gIAWUwdiX2qy74b49zJ8X64FpEEk9GnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80fe7ba1f81eb76c-AMS
expires
Mon, 30 Sep 2024 14:07:42 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 13BE
436 B
237 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=3365719131&pi=t.aa~a.2162043785~i.4~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=3&bdt=1462&idt=-M&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309&nras=2&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=PqwkLUyTOW&p=https%3A//sanovnikat.com&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0731180709150395&plah=sanovnikat.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a42643906d1869df05a2fa2c7ec6166510ecf2039596e7e946083eacaa3f731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sanovnikat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 16:57:11 GMT
expires
Mon, 02 Oct 2023 16:57:11 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FA22
91 KB
30 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0731180709150395&plah=sanovnikat.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b3188e444c19ad046ee79336e51e8314068cd06e2e646b348cae69b3fe550d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sanovnikat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
30621
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 16:57:11 GMT
expires
Mon, 02 Oct 2023 16:57:11 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0731180709150395&plah=sanovnikat.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sanovnikat.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame C5C0
38 KB
5 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCe4WqN4aswxCyWBo-UTtCmw&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fsanovnikat.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCe4WqN4aswxCyWBo-UTtCmw&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fsanovnikat.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 19:21:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
77741
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5155
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 30 Sep 2024 19:21:29 GMT
APkrFKYUtp1fEU_4gp-1F5sXCu0_MXLVjcvePQASdNcq=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C5C0
2 KB
2 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/APkrFKYUtp1fEU_4gp-1F5sXCu0_MXLVjcvePQASdNcq=s48-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCe4WqN4aswxCyWBo-UTtCmw&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fsanovnikat.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b54a08f85d6bb3354b2c3bd119b1b09e413cfae2c18a0380d4368a03e204acff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 14:02:38 GMT
x-content-type-options
nosniff
age
10472
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1700
x-xss-protection
0
server
fife
etag
"v5"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 03 Oct 2023 14:02:38 GMT
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame C5C0
252 KB
72 KB
Script
General
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCe4WqN4aswxCyWBo-UTtCmw&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fsanovnikat.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCe4WqN4aswxCyWBo-UTtCmw&layout=full&theme=dark&count=default&origin=https%3A%2F%2Fsanovnikat.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 19:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77741
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73785
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 30 Sep 2024 19:21:29 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/ Frame 1746
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0731180709150395&plah=sanovnikat.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sanovnikat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
77281
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 19:29:09 GMT
etag
2603938475786422795
expires
Sun, 15 Oct 2023 19:29:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/ Frame DE4F
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0731180709150395&plah=sanovnikat.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sanovnikat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
77281
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 01 Oct 2023 19:29:09 GMT
etag
2603938475786422795
expires
Sun, 15 Oct 2023 19:29:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5AD3
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEPGV5IEFGJTnm_EBMAE&v=APEucNU1RDupjEQLCIb6s2jg9vd6NeqTG1ZAqEHMVf_AhtpZkVlLqceox-An8WtKC3INmt_-PleWFlqyxXJaGQfe2muN8h5xE3Wmr9VuF3p67cVPsz77tBkwIysXIZi0h0fdTnREFk6lhFIefTBeeBr9Bb4a6vi03Y5qZZNa86Mb0zE9NTSUfjG93vzhBxjYUKEeXitgsnwSIMSPCiCAXTuFAHHd8eW7rg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=309&slotname=3249978591&adk=1088673156&adf=1183831810&pi=t.ma~as.3249978591&w=370&fwrn=4&lmt=1696258630&rafmt=11&format=370x309&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830387&bpp=5&bdt=1126&idt=5&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZQQguldsjp&p=https%3A//sanovnikat.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=309&slotname=3249978591&adk=1088673156&adf=1183831810&pi=t.ma~as.3249978591&w=370&fwrn=4&lmt=1696258630&rafmt=11&format=370x309&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830387&bpp=5&bdt=1126&idt=5&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZQQguldsjp&p=https%3A//sanovnikat.com&dtd=12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 16:57:10 GMT
expires
Mon, 02 Oct 2023 16:57:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B7F8
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=309&slotname=3249978591&adk=1088673156&adf=1183831810&pi=t.ma~as.3249978591&w=370&fwrn=4&lmt=1696258630&rafmt=11&format=370x309&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830387&bpp=5&bdt=1126&idt=5&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZQQguldsjp&p=https%3A//sanovnikat.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 16:57:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame B7F8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=309&slotname=3249978591&adk=1088673156&adf=1183831810&pi=t.ma~as.3249978591&w=370&fwrn=4&lmt=1696258630&rafmt=11&format=370x309&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830387&bpp=5&bdt=1126&idt=5&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZQQguldsjp&p=https%3A//sanovnikat.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
37535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 06:31:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame B7F8
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=309&slotname=3249978591&adk=1088673156&adf=1183831810&pi=t.ma~as.3249978591&w=370&fwrn=4&lmt=1696258630&rafmt=11&format=370x309&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830387&bpp=5&bdt=1126&idt=5&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZQQguldsjp&p=https%3A//sanovnikat.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 16:48:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B7F8
182 KB
58 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=309&slotname=3249978591&adk=1088673156&adf=1183831810&pi=t.ma~as.3249978591&w=370&fwrn=4&lmt=1696258630&rafmt=11&format=370x309&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830387&bpp=5&bdt=1126&idt=5&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZQQguldsjp&p=https%3A//sanovnikat.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Oct 2023 16:57:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7F8
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DFarzThQNCVA3aazPFtgIuEuudPC_c7eQtTKp954r8xtVxemOSINmOQBVwDBTGAbPXydke4KwOHZFQcunxj2IsEgn4et184-7P5-qj3gjhksRFE8A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=309&slotname=3249978591&adk=1088673156&adf=1183831810&pi=t.ma~as.3249978591&w=370&fwrn=4&lmt=1696258630&rafmt=11&format=370x309&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830387&bpp=5&bdt=1126&idt=5&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZQQguldsjp&p=https%3A//sanovnikat.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7F8
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16945681009573678916&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=309&slotname=3249978591&adk=1088673156&adf=1183831810&pi=t.ma~as.3249978591&w=370&fwrn=4&lmt=1696258630&rafmt=11&format=370x309&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830387&bpp=5&bdt=1126&idt=5&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZQQguldsjp&p=https%3A//sanovnikat.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7AAD
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKen9wIQyvWgpQUY5e2Z9gEwAQ&v=APEucNUtNCBYpXz78af99eL5sjk_6tVa6VMLfPJywnmeQqYcuGbrchIixs78Kjh1NTyrUss7Hd3voi3_2MUlWJqmU5Fc9DRtC_77_b9xbO3uG7a8VrMZe0ZSGhDgrOKP1w_Rv66pBDwxy2Hl8KrCgrzaSrhxu88zy3VvztrMYGRpFRBQMp1eIKjSLaX1u9HAxslqnyTgadO6fUpyfV6V576bUmB1t_BxUw
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 16:57:10 GMT
expires
Mon, 02 Oct 2023 16:57:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame BD1F
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 16:54:13 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame BD1F
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 17:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
85058
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 17:19:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BD1F
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
295126
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 06:58:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame BD1F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
37535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 06:31:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame BD1F
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 16:48:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BD1F
182 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Oct 2023 16:57:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD1F
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZvA5hLCanvk-wIms7_DKsa9LrD-BJVPgbv74Aht4I2HSD2l_OT7Dy15sS-5n91LhJHr2HXkrl5c0Y1QAmYhn3H9NDmmuIxj60NX5hzazcoGZH6EM
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
imgcriteoeaffiliation-160x600de-1694428281864.jpg
a1.awin1.com/ads/awin/37018/ Frame BD1F
Redirect Chain
  • https://www.awin1.com/cshow.php?s=3454802&v=37018&q=448851&r=302675
  • https://ui2.awin.com/ads/awin/37018/imgcriteoeaffiliation-160x600de-1694428281864.jpg
  • https://a1.awin1.com/ads/awin/37018/imgcriteoeaffiliation-160x600de-1694428281864.jpg
72 KB
73 KB
Image
General
Full URL
https://a1.awin1.com/ads/awin/37018/imgcriteoeaffiliation-160x600de-1694428281864.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
65.9.66.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-77.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f55f1258a40af31664214d65e2420cec3658fbdfacc8bb0fb0dd5dc7a6b2c052

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
aGw0lE0NWs0LReGSMR1R11f6coztDQUs
date
Sun, 01 Oct 2023 19:44:08 GMT
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
76384
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
74092
last-modified
Mon, 11 Sep 2023 10:31:22 GMT
server
AmazonS3
etag
"c6c65e0ae29a30bb0e3ef2b1768af43b"
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
x-amz-cf-id
ry_gLvj0r5PRojDuCxYuLSqp9SCCDAV6WgQLVVqXmWKSsyRB6F_w9w==

Redirect headers

location
https://a1.awin1.com/ads/awin/37018/imgcriteoeaffiliation-160x600de-1694428281864.jpg
date
Mon, 02 Oct 2023 16:57:11 GMT
content-length
0
11760699917686465055
s0.2mdn.net/simgad/ Frame BD1F
72 KB
73 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/11760699917686465055
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f55f1258a40af31664214d65e2420cec3658fbdfacc8bb0fb0dd5dc7a6b2c052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 20:22:27 GMT
x-content-type-options
nosniff
age
506084
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74092
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 14:28:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Sep 2024 20:22:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E0FF
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKen9wIQyvWgpQUY176a9gEwAQ&v=APEucNV-xTeYQgpfwv7njk1TqfIuWpk8ZftHcAFMOWK3HwwIfWXXjR6tOyARqjWjt34vIWVPGBfIA2DYx0uqJDlTyqQPsVc1Nl0oYC3SLFciuHotgaXEx42PF0fT-I_ctQt_rttK27TRbRviqD8qGbEtZcyQUwraWIKDNQ4GNPqshCrZK_el_gOlW7rwumn-jSJ7hADx4fVcCQZu6E70O-xtXip4U5XS5Q
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 16:57:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 2622
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 16:54:13 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame 2622
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 17:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
85058
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 17:19:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2622
41 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
295126
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 06:58:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 2622
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 06:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
37535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 06:31:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 2622
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 16:48:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2622
182 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58285
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695814262870679"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 Oct 2023 16:57:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2622
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AHvgxX-H7aXTFEHoTp4yCFFM-TfQiywenIHj38FubohF6HWPHvKAID2yEPWYg9jqwm-IRz39E9vTl3ONU5WHbkV4c2IhGYZoAf_uHGHXnKFhRDCWA
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
imgcriteoeaffiliation-728x90de-1694428556925.jpg
a1.awin1.com/ads/awin/37018/ Frame 2622
Redirect Chain
  • https://www.awin1.com/cshow.php?s=3454817&v=37018&q=448851&r=302675
  • https://ui2.awin.com/ads/awin/37018/imgcriteoeaffiliation-728x90de-1694428556925.jpg
  • https://a1.awin1.com/ads/awin/37018/imgcriteoeaffiliation-728x90de-1694428556925.jpg
27 KB
27 KB
Image
General
Full URL
https://a1.awin1.com/ads/awin/37018/imgcriteoeaffiliation-728x90de-1694428556925.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
65.9.66.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-77.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49e5a3998c52bf8468c903158c514385ad4b6f092dd21c60a324ebca335aff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
HOCz3Bz1bRbNLrHPCo0t8tWcnhWDTeqq
date
Mon, 02 Oct 2023 07:45:45 GMT
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
33087
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
27152
last-modified
Mon, 11 Sep 2023 10:35:57 GMT
server
AmazonS3
etag
"ec79da9e0aa7acbd13be58d1c57c0ac0"
content-type
image/jpeg
cache-control
max-age=43200
accept-ranges
bytes
x-amz-cf-id
Gduj3PBb5dFG1J9Q6W3DBaCuOQGzME3r9WDKy7jeuqNx-7ivrHphAA==

Redirect headers

location
https://a1.awin1.com/ads/awin/37018/imgcriteoeaffiliation-728x90de-1694428556925.jpg
date
Mon, 02 Oct 2023 16:57:11 GMT
content-length
0
7673459186529047368
s0.2mdn.net/simgad/ Frame 2622
27 KB
27 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/7673459186529047368
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e5a3998c52bf8468c903158c514385ad4b6f092dd21c60a324ebca335aff29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 20:15:06 GMT
x-content-type-options
nosniff
age
506525
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27152
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 14:39:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Sep 2024 20:15:06 GMT
subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame C5C0
156 B
179 B
Image
General
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:19:59 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Sep 2020 20:15:00 GMT
server
sffe
age
329831
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 27 Sep 2024 21:19:59 GMT
rum
dsum-sec.casalemedia.com/ Frame 5AD3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIiZ9AJevIxonwwgPH1hVI8&google_cver=1
43 B
733 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIiZ9AJevIxonwwgPH1hVI8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEPGV5IEFGJTnm_EBMAE&v=APEucNU1RDupjEQLCIb6s2jg9vd6NeqTG1ZAqEHMVf_AhtpZkVlLqceox-An8WtKC3INmt_-PleWFlqyxXJaGQfe2muN8h5xE3Wmr9VuF3p67cVPsz77tBkwIysXIZi0h0fdTnREFk6lhFIefTBeeBr9Bb4a6vi03Y5qZZNa86Mb0zE9NTSUfjG93vzhBxjYUKEeXitgsnwSIMSPCiCAXTuFAHHd8eW7rg
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMbGW0cZbg0P1%2BV3%2BL%2BwFDW3o3SlOg9i8sWlX5FjnAyduPr61X5ttWFCWAN5DJfkjicRidkx8MRVohvS9khb7IdMlPyW%2FrWqF1OSkyrSHub39h0EXfJX0ZgvGAaVYIg0mfPZlRmsnfMEGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fe7ba51b773a82-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIiZ9AJevIxonwwgPH1hVI8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5AD3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRr2Z8Ia.sD-VOW3hgs1ygAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL17xXY3nS0MlQWqT9UHjBg&google_cver=1&google_hm=2
43 B
731 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL17xXY3nS0MlQWqT9UHjBg&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEPGV5IEFGJTnm_EBMAE&v=APEucNU1RDupjEQLCIb6s2jg9vd6NeqTG1ZAqEHMVf_AhtpZkVlLqceox-An8WtKC3INmt_-PleWFlqyxXJaGQfe2muN8h5xE3Wmr9VuF3p67cVPsz77tBkwIysXIZi0h0fdTnREFk6lhFIefTBeeBr9Bb4a6vi03Y5qZZNa86Mb0zE9NTSUfjG93vzhBxjYUKEeXitgsnwSIMSPCiCAXTuFAHHd8eW7rg
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvSd%2BwFcUW9SKT%2BNagG%2FII4Xn2t7e5y0mK19FEQ2MSOiFZGudazbuBIprKv0rW2gmcf7s%2BaQestmoLbcAzKMssZjb754rbTOysxA16zfzsT2SaigDWVXFgw9TfSkGlDHWltuxCFxt9ntbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fe7ba5bc0c3a82-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL17xXY3nS0MlQWqT9UHjBg&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5AD3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE1OTFCRJVDqzFZtzqJVMzE&google_cver=1
43 B
842 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEE1OTFCRJVDqzFZtzqJVMzE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEPGV5IEFGJTnm_EBMAE&v=APEucNU1RDupjEQLCIb6s2jg9vd6NeqTG1ZAqEHMVf_AhtpZkVlLqceox-An8WtKC3INmt_-PleWFlqyxXJaGQfe2muN8h5xE3Wmr9VuF3p67cVPsz77tBkwIysXIZi0h0fdTnREFk6lhFIefTBeeBr9Bb4a6vi03Y5qZZNa86Mb0zE9NTSUfjG93vzhBxjYUKEeXitgsnwSIMSPCiCAXTuFAHHd8eW7rg
Protocol
H2
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
an-x-request-uuid
3bf30ffa-6d70-477f-9173-127288f34300
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.103; 80.255.7.103; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEE1OTFCRJVDqzFZtzqJVMzE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5AD3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2NTM0NzYzNTYyOTc4NTkxNQ%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2NTM0NzYzNTYyOTc4NTkxNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEPGV5IEFGJTnm_EBMAE&v=APEucNU1RDupjEQLCIb6s2jg9vd6NeqTG1ZAqEHMVf_AhtpZkVlLqceox-An8WtKC3INmt_-PleWFlqyxXJaGQfe2muN8h5xE3Wmr9VuF3p67cVPsz77tBkwIysXIZi0h0fdTnREFk6lhFIefTBeeBr9Bb4a6vi03Y5qZZNa86Mb0zE9NTSUfjG93vzhBxjYUKEeXitgsnwSIMSPCiCAXTuFAHHd8eW7rg
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
an-x-request-uuid
5b037247-58d4-4868-9b0a-31ddfdd1f59d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2NTM0NzYzNTYyOTc4NTkxNQ%3D%3D
x-proxy-origin
80.255.7.103; 80.255.7.103; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7F8
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1409387200410&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7F8
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1409387200410&version=m202309260101&ct=76&x=1&cor=16945681009573680000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B7F8
76 KB
34 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpJimT4LjC61bLSs6RK3Av2nqw_6DCVTdLYThcscGP_NbgZg8J3g87fyUEneR14NSjR2unN2xcSw5F4CXamIKR7Xbzrg&cry=1&dbm_d=AKAmf-AXljVxN-bKWmAbKf6lpypyriwwfQ4hVgsdXoES7CLh2915Ew_wM8x15_vxQNVXP91EYE4xnorsmffHm8-t5Nyft-yYTwiD4nl5ObPq08nUk4wtgmFXtn3l6GgAXHDD_BXXRkjzMYhsWWDd13hDtM676vTQKJCdYcRxTyYZC8DFWLOYQwG7qL-S3t2Uc0iNtZ6VPYCGorcQMgHHhZ3KJV-EUqd3TcKXdifxGpYvjgvbFVjsbE2odn5AwAORkdBmeXvo6bW68lwJwftxnuL8pz_U5NmFL9pJDKZ1-pk1sJCj0NUMeheL4eX4yrDnBeaW6D1ItT7Pk8tf2UgIEyAscqjC7u3hmZikVF5ydKUszO-s5tyMtzS8LeS2j_6adrWqReTOd0CROkLUB1ec7FkwIVpXkhsVUp4W1XDZLBqyQvZYw56Qur6SK01q83bysoKXMUfO69D5uGCG-xJ0N4CojdiW8rtCHBC1GLntMOTSFtMRFXWpLb9XL8bBsAHeFnCVmIoHTawIzer5z63ucR-wYc5d9SuTxofJU6PMvwEa34Ruj0xIY6b8JfdNAyP7VUlRqYQZ-43Hrau2hvn9nYG44HykR0l6hV30ESuhObvao0tusrkyKmyu5v-GTvlU-9UiSph4s6SjIjWEtP1_Q0_ToJQCjy9KCa2e-t8eW37M5zSSUqpLOdvvrIG2vbwQK3ywv1_Wv4xlAcqJ22EuKDaubR7gQ9tjP5INHJDQAcNynMjOC59WX--dKKxcsl1f_7Vb-Dh_7j40xgai_KkS-pNaJaWOymIEy2mOSvnMkr7HSJJJUPyzBV8wFjXfFzA2iBmlqynxv6CIF1A9wZ_bJvsBCTn0iqI34HjVlqVh74SsbACzEgdQ1lxa-WMYMja5Qv-AcNwitoSJo05nvA-odx6CXsEYquXU0UxW9aH7gJ60uCQltsebkVMlibSYRDD0XkrmNq4SqyHH8Ar_fWW2LYGpQ5MfG0tlf-dLuj6rRzL3M4Cj-8n6mbyVCgt5H4V9dFIKhtGM3mkaBHvou7s3QCoW2b6ZLG32EdAYWdxzDwAkapJ2Fnk2trO9XJiO8Wrdtk3Y0SOMlkIbxN3VXH7SaazChJlhpKBn8nqyUvIB7dm2lFE6AwybJWE5PtzTVBkgyywxmODmtKXu8Yyi_6In_lfDCmIUHDZPfGyUCwCCbZXOll2SHtvv4xJc4LSlw7ckxjF3GUBx_O9VIS8ZVBsSWCi6MAjNWnd4i2P7tECRLaK4NKGBPwurMJbJS15wIM4Zh-npJynvl1dDi6YKZiCydneAyokPbZzPGK3C2unmv33DR8reygnIzKftaLpzz6EaSaKmzDliW03TFMKzBGl8CxRBpMAlzBvZnwROnpwZKGM36IzSNEZ1UhaC4IKnP5Qepm580tNlF0U6E-5NPj2762vbB9Mrj1viKUQt80p7wptnXlNHSrfijsZsRhP89T4da5CQgZEUlMdxMxKph25qVP2oAyNAUDO9FJz4g25-13AFGRhqnVKOfNtpQkSPvc_UFS0MHiYe-zOun4nbR37weD3uyKCGcBdrQKzC078wXBeTYA3QzL8VaRGYEY9u4yf1mdhJr3tLjFmS0CGJeNgGbfcPvuFW3-DVkyS1Qrc2GMuiGq2DVz3TD1j1lVAu9u0ZONZHiSkBy14TRLxrNz1G4gtfZbPzzwXqS2lkIFNZIcMwVsHfXLWcwxbssZUQhW8mPLPfvedy4zJOV_YEd2eHIVpXmJ3j5QYIw7eBexWHbohi70gth_lE1imSiPFuJvn83yL-BdQMV2nBjks7ii9UncjiR4EDJppPfMNQ1WX1N7_DsFguGfI4x645oFH4SJHl4Q-ROPtw9p__b-NpkhLKgDNRZYZPOQW2YP0ErcxsRfHr8JarkrX6ekBorA4rcAnngWD2Po3MawD1s7vDrA2lx6DKFhmI5uvMqmbNRu7FjcKYFrHi0subXrO4vEzBfYsklY0ISwMFIdTIrMXkqr46D1ps9AwbqDNKnjVDYRtwt2fpyTHWYlJsaEtEw2gvf0ZxL8GZIoIqkFK00kHgkvnJtxkummxf1Scbq5uLWtoo2dfIuD2vYJbQf8xc_5tLh__eoRdviTYSFI4UMaFb7V4eXQ3e_0OHbQz_31WEMWgAA7nm6HsWsdaRH1AumRboBlhrYOS5SPF_IhdH2r4ds4zAsuAoeZcYXEJCE15TUje0funkl7-76f_uuu8zMEH3atSGZoC_GS7GMwKIEuRbk77QAI-sxfVBm375353dkKULD4AOOHS9aMD1Qo-2fS_OC_u4gqZVptb9Bd2SWaHfYU9IyWcLGnLdIOpXSV9Gc76Wd0zdFS6X5_4t5MheELNmZWlil1r3fT5WGse1ThCQ-RdwF6DumF1mB_2-YKkYwlNRH4Ss51qYnvbh2LX23D_Fb48A5-5j7zPXtuxV2sv4FTBxrBkRtX_08dKSABAVgJHXArd7b7jzF90Nq8kPyuWQ_vI8ivjRso7KmayDSNxwJjnG-ZpQtCKQxCMKGY0O9beSwM-xdA0ic-DGG-UEM2QaH4l9teDG2W3VQ5OPAyZmZSD4g4J6UTsGGeMUVnFVR3lMykmZ58mQZIjOs76ipO5dgMqG9aRKPV9OI9KkgL3GfVL_vAv3_isr8IL87OXQZy9ZS0Eufj3ZTKQy29F1ZAEg94cNU4eNG68bpNYRzYdSMDsqO3J-glqfO-n4Z5zxd7xB08JNniZ98D4tCksAhvVHysQpZ6q8PmSJHcRXx8sz69b2-IRrru4k3RIoeQM4WwNH2FTQJJToUTnOFuI7l8Xa2gAGmF0RgULjoOOaEi_yzQG0QUgHtVToe3DiCXKtcdhRw1WV6VCr8e4QEdO9uipsP3UN4I-rIXgkDda-umafabpsKkyjujaHIJv5TnOkDAWyXYWBzQKc5KzQxOSqAWKUE0y4oxVX_SJaVvn--3a1BgIiAqgUiKWZY6HHkVS95uSNtuEbb26WH_9pPGFxgTRL63QcmMoEYufhlgraIBPrMEMPKHwotBX1-9CzTziqEJpbB8Utxiu8g8gZUuUuHncglgZdrVkMb_Z7FrCO5i5Z_1PvvOyPPSt1pm-CJ8SFaZId18yf4B5dTJS46kEjnGLLNP1dLDmY0kQ-aa850PgkugNVe4PCtQf8wiemhuA1C7NKA8hnab4lXDuLoR-6NvEcZIgv1UrYFwTVFz38fE-yE-iaJYCiNI9L12FyLtgcALJ5Q10BFHdO-Syo0ZMqGIUaWYjJsJ-wS1KjjicTO2u3OCGUsPz-DKehY--CQQ4MYRnvP5owKkZEhOZRzvWJ51JzP077p7i9-7JQw6Tr0-giuTa6ND6AkA9FbSqBV3meM-gzRnUWn2Qt6XogMlHAikPDAEq3VewnBFFuiR0uXl9Lx8ouGL2IZ1leGYMNJ_pv9T_w-qC34JIc3EdBTbHgdZd91d6J3FKBF6P8G2xulx1of2f25X4uCcc_acFV9FZJxJN-KuADG5C9QppWYtIA_z4b75iqWuXmSYmIgM3qZRvbQGaV4NBd8F8XtQCQNHYfDGVHkmN_afGk6oidgZthEi4mzALKeDwicqRnmTjaYkcdO8WcMWuTiRIGtFKnzZdcBQjrkvihYjWI5Lq2ZwkctepTAknlvxMFVZND99pDC-0-IrPTaBmII1cEFFBZMYR2PMAbtji-cau04FRkEOPdb-k6nJYuAxV4TfnxS_dsL3p6sCUMBehhhXpx3W_icGByWMT4Qww4Hy9BAf6HyA3hquBQL7jJZVg_HPx5al41-jwVukcSw1PvK_E9pxQWKmU5qLBKbcsZ_m0PNyYrBM44fTQcGnHADVxdc84gcH89rQ28zh_mvoRWYZVRvBtpd0lC3Np8BxRFJpdoX3tU4QaujSVvGf3WEfYRopyzb_r-16hemm9qd8NrF8m4X7KM6NrDKvln43_Pr8QjAOt87cIIQl1t8PsqmsGnNBM-_TJ5qe1CEhggIpnV7TW_Hv1AcxCuhP1x1vbfyvlOpOWD9BH-Dz75Hqkfe8_a6J9-sG22fwOEVyI5dr7atde6YXSG9iPx4P9p8YZlGBiyFMn_9LhJZrPtFGMSlvuZM8SDw3sh7Ujbqt1Icq5_fKDROaWEVVPtQmoEwMGE63xTadTI1gJbzMn2PA4fCS4H127j1ZxAosh8gMohUZ_bAbJFy8gvkYsWTQmogkyA2FMtPTcPAaPZF6TqLLzLLItcRI5VPAeL63_TevApbZMMcPPtwPHA_Y_1PQpCWvQzmSLUHUetPGVR6o5Dvylrok4aNjIh3L7XlJsy8CDttK0QTjHFdQUa8jLzSqYWLYCua6eQMXAmVGTWfgtKQg2OhiGM5vEukX4FJ8J5m8tbkueGrnNQGHl8f3FaLX_eJi0XhsMlHDQa_93evAJmH-pW_rQtKX1gtvgp&cid=CAQSTADICaaNyW0sJJPmEOfFhdBZB5kaifHCoRFUExw9rBJlaHW24uqccAw_UGL_8_uUxL3dDpPOI8ZAMG51ptKNuaRKcpd-PTDjqHrIvZkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsanovnikat.com%2F&ds=l&xdt=1&iif=1&cor=16945681009573680000&adk=497053795&idt=136&cac=0&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b931de30c306be214ba6e10865deccb8751ef0dda989ce0aaa96c686aefb680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=309&slotname=3249978591&adk=1088673156&adf=1183831810&pi=t.ma~as.3249978591&w=370&fwrn=4&lmt=1696258630&rafmt=11&format=370x309&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830387&bpp=5&bdt=1126&idt=5&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZQQguldsjp&p=https%3A//sanovnikat.com&dtd=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34717
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ Frame C5C0
118 KB
40 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1f30944e2f2b0e21ecbf80f926ef8733d4f73d8b7d538629e630c3ebc3fc06e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 15:36:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40956
x-xss-protection
0
last-modified
Thu, 19 Nov 2020 17:03:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Oct 2024 15:36:15 GMT
rum
dsum-sec.casalemedia.com/ Frame 7AAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBJHR9SkqFoWW3zSqi5sDxA&google_cver=1
43 B
732 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBJHR9SkqFoWW3zSqi5sDxA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKen9wIQyvWgpQUY5e2Z9gEwAQ&v=APEucNUtNCBYpXz78af99eL5sjk_6tVa6VMLfPJywnmeQqYcuGbrchIixs78Kjh1NTyrUss7Hd3voi3_2MUlWJqmU5Fc9DRtC_77_b9xbO3uG7a8VrMZe0ZSGhDgrOKP1w_Rv66pBDwxy2Hl8KrCgrzaSrhxu88zy3VvztrMYGRpFRBQMp1eIKjSLaX1u9HAxslqnyTgadO6fUpyfV6V576bUmB1t_BxUw
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afXZoAdVM0OPAvJN3kLI23VDs%2F8pPyYCnSo08htQlOPawqr4BJQp7Y7EXOwQmE%2FIZqN7QQa7nZr6F5htCy0U01fAE9aRhSjP2IvovcYShKrweS9L0bCCIt4busKQC75%2BdEfXVLR5RsY0pw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fe7ba51b7c3a82-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBJHR9SkqFoWW3zSqi5sDxA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7AAD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRr2Z8Ia.sD-VOW3hgs1ygAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL17xXY3nS0MlQWqT9UHjBg&google_cver=1&google_hm=2
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL17xXY3nS0MlQWqT9UHjBg&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKen9wIQyvWgpQUY5e2Z9gEwAQ&v=APEucNUtNCBYpXz78af99eL5sjk_6tVa6VMLfPJywnmeQqYcuGbrchIixs78Kjh1NTyrUss7Hd3voi3_2MUlWJqmU5Fc9DRtC_77_b9xbO3uG7a8VrMZe0ZSGhDgrOKP1w_Rv66pBDwxy2Hl8KrCgrzaSrhxu88zy3VvztrMYGRpFRBQMp1eIKjSLaX1u9HAxslqnyTgadO6fUpyfV6V576bUmB1t_BxUw
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOX87TS4fFfukNMsDVVaO5v7Z6SA8NCbF%2B6oWN90u2Cvvmpayc6%2F0KUAMVihDk0D6Dzy2J9b80f%2BpObwd%2Fuf%2BqhAb6ENU0CSgFFhAs4Z8gqQnNLHlfXi0I%2FMGfjYgL8DY857f8kypnEuXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fe7ba5bc123a82-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL17xXY3nS0MlQWqT9UHjBg&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7AAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMGzhASjk4NVd---wcDCtcM&google_cver=1
43 B
843 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMGzhASjk4NVd---wcDCtcM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKen9wIQyvWgpQUY5e2Z9gEwAQ&v=APEucNUtNCBYpXz78af99eL5sjk_6tVa6VMLfPJywnmeQqYcuGbrchIixs78Kjh1NTyrUss7Hd3voi3_2MUlWJqmU5Fc9DRtC_77_b9xbO3uG7a8VrMZe0ZSGhDgrOKP1w_Rv66pBDwxy2Hl8KrCgrzaSrhxu88zy3VvztrMYGRpFRBQMp1eIKjSLaX1u9HAxslqnyTgadO6fUpyfV6V576bUmB1t_BxUw
Protocol
H2
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
an-x-request-uuid
03de6f8f-cc70-458d-81d6-510cf3cceda7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.103; 80.255.7.103; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMGzhASjk4NVd---wcDCtcM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7AAD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2NTM0NzYzNTYyOTc4NTkxNQ%3D%3D
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2NTM0NzYzNTYyOTc4NTkxNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKen9wIQyvWgpQUY5e2Z9gEwAQ&v=APEucNUtNCBYpXz78af99eL5sjk_6tVa6VMLfPJywnmeQqYcuGbrchIixs78Kjh1NTyrUss7Hd3voi3_2MUlWJqmU5Fc9DRtC_77_b9xbO3uG7a8VrMZe0ZSGhDgrOKP1w_Rv66pBDwxy2Hl8KrCgrzaSrhxu88zy3VvztrMYGRpFRBQMp1eIKjSLaX1u9HAxslqnyTgadO6fUpyfV6V576bUmB1t_BxUw
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
an-x-request-uuid
2245457c-14f3-4e0f-afc6-f0fda25831db
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2NTM0NzYzNTYyOTc4NTkxNQ%3D%3D
x-proxy-origin
80.255.7.103; 80.255.7.103; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E0FF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBJHR9SkqFoWW3zSqi5sDxA&google_cver=1
43 B
771 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBJHR9SkqFoWW3zSqi5sDxA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKen9wIQyvWgpQUY176a9gEwAQ&v=APEucNV-xTeYQgpfwv7njk1TqfIuWpk8ZftHcAFMOWK3HwwIfWXXjR6tOyARqjWjt34vIWVPGBfIA2DYx0uqJDlTyqQPsVc1Nl0oYC3SLFciuHotgaXEx42PF0fT-I_ctQt_rttK27TRbRviqD8qGbEtZcyQUwraWIKDNQ4GNPqshCrZK_el_gOlW7rwumn-jSJ7hADx4fVcCQZu6E70O-xtXip4U5XS5Q
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGXl5LgBWWShXFF3G%2BJKpU7IB8yZR5Xd2BPgaDo1MIhh78m12R%2B%2BF3Yg4mQF691nfmK8jYQ3AMqIDinL3hQwqPcZa8J5zHN1O1M4JjSohlNOplEhx0%2BHw2a%2BqNCLVh3aO1xVxoW85QKIFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fe7ba51b7d3a82-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBJHR9SkqFoWW3zSqi5sDxA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E0FF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRr2Z8Ia.sD-VOW3hgs1ygAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL17xXY3nS0MlQWqT9UHjBg&google_cver=1&google_hm=2
43 B
732 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL17xXY3nS0MlQWqT9UHjBg&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKen9wIQyvWgpQUY176a9gEwAQ&v=APEucNV-xTeYQgpfwv7njk1TqfIuWpk8ZftHcAFMOWK3HwwIfWXXjR6tOyARqjWjt34vIWVPGBfIA2DYx0uqJDlTyqQPsVc1Nl0oYC3SLFciuHotgaXEx42PF0fT-I_ctQt_rttK27TRbRviqD8qGbEtZcyQUwraWIKDNQ4GNPqshCrZK_el_gOlW7rwumn-jSJ7hADx4fVcCQZu6E70O-xtXip4U5XS5Q
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2F4N%2Fqj4Fex703JeIH5kIJo3SkCrp9whzCmZXA5EgD6kxiVTex3ppXWmw5nZwEBQtcnWuBY9NlYFDbYuanBVZEdKEyr7osPKNMerCFWJvxbo7l3ut7DDeX2FKiI8ERqhp%2Bk3l1o8A4njJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80fe7ba5bc103a82-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL17xXY3nS0MlQWqT9UHjBg&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E0FF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMGzhASjk4NVd---wcDCtcM&google_cver=1
43 B
844 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMGzhASjk4NVd---wcDCtcM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKen9wIQyvWgpQUY176a9gEwAQ&v=APEucNV-xTeYQgpfwv7njk1TqfIuWpk8ZftHcAFMOWK3HwwIfWXXjR6tOyARqjWjt34vIWVPGBfIA2DYx0uqJDlTyqQPsVc1Nl0oYC3SLFciuHotgaXEx42PF0fT-I_ctQt_rttK27TRbRviqD8qGbEtZcyQUwraWIKDNQ4GNPqshCrZK_el_gOlW7rwumn-jSJ7hADx4fVcCQZu6E70O-xtXip4U5XS5Q
Protocol
H2
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
an-x-request-uuid
f49b2820-48dd-4fa9-88d3-d9d88d2e44d6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.103; 80.255.7.103; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMGzhASjk4NVd---wcDCtcM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E0FF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2NTM0NzYzNTYyOTc4NTkxNQ%3D%3D
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2NTM0NzYzNTYyOTc4NTkxNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKen9wIQyvWgpQUY176a9gEwAQ&v=APEucNV-xTeYQgpfwv7njk1TqfIuWpk8ZftHcAFMOWK3HwwIfWXXjR6tOyARqjWjt34vIWVPGBfIA2DYx0uqJDlTyqQPsVc1Nl0oYC3SLFciuHotgaXEx42PF0fT-I_ctQt_rttK27TRbRviqD8qGbEtZcyQUwraWIKDNQ4GNPqshCrZK_el_gOlW7rwumn-jSJ7hADx4fVcCQZu6E70O-xtXip4U5XS5Q
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
an-x-request-uuid
b2cc322f-a282-46a1-8e40-5e698cfb1825
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2NTM0NzYzNTYyOTc4NTkxNQ%3D%3D
x-proxy-origin
80.255.7.103; 80.255.7.103; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6132
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
44649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 04:33:02 GMT
expires
Tue, 01 Oct 2024 04:33:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A87F
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
44649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 04:33:02 GMT
expires
Tue, 01 Oct 2024 04:33:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame FA22
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
494
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 16:48:57 GMT
css
fonts.googleapis.com/ Frame FA22
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 02 Oct 2023 16:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 15:56:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Oct 2023 16:57:11 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230925_RC00/ Frame FA22
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230925_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 17:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
603969
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 16:06:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Sep 2024 17:11:02 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230925_RC00/ Frame FA22
370 KB
129 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230925_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52be6530147dbdf4e02ca8cd2dfe32475771524a951f1c9d82078ce374feea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 17:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
603969
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131465
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 16:06:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Sep 2024 17:11:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame FA22
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 16:48:58 GMT
l
www.google.com/ads/measurement/ Frame FA22
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTffJJK9q3iqyXThW0c98U2VMn3LZUQFF4FPOFOtRl9V-PZAGG8fucEAE-WsuLCwQ6kqAYsADKsm8Hols7uIvTllbWl8Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame B7F8
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpJimT4LjC61bLSs6RK3Av2nqw_6DCVTdLYThcscGP_NbgZg8J3g87fyUEneR14NSjR2unN2xcSw5F4CXamIKR7Xbzrg&cry=1&dbm_d=AKAmf-AXljVxN-bKWmAbKf6lpypyriwwfQ4hVgsdXoES7CLh2915Ew_wM8x15_vxQNVXP91EYE4xnorsmffHm8-t5Nyft-yYTwiD4nl5ObPq08nUk4wtgmFXtn3l6GgAXHDD_BXXRkjzMYhsWWDd13hDtM676vTQKJCdYcRxTyYZC8DFWLOYQwG7qL-S3t2Uc0iNtZ6VPYCGorcQMgHHhZ3KJV-EUqd3TcKXdifxGpYvjgvbFVjsbE2odn5AwAORkdBmeXvo6bW68lwJwftxnuL8pz_U5NmFL9pJDKZ1-pk1sJCj0NUMeheL4eX4yrDnBeaW6D1ItT7Pk8tf2UgIEyAscqjC7u3hmZikVF5ydKUszO-s5tyMtzS8LeS2j_6adrWqReTOd0CROkLUB1ec7FkwIVpXkhsVUp4W1XDZLBqyQvZYw56Qur6SK01q83bysoKXMUfO69D5uGCG-xJ0N4CojdiW8rtCHBC1GLntMOTSFtMRFXWpLb9XL8bBsAHeFnCVmIoHTawIzer5z63ucR-wYc5d9SuTxofJU6PMvwEa34Ruj0xIY6b8JfdNAyP7VUlRqYQZ-43Hrau2hvn9nYG44HykR0l6hV30ESuhObvao0tusrkyKmyu5v-GTvlU-9UiSph4s6SjIjWEtP1_Q0_ToJQCjy9KCa2e-t8eW37M5zSSUqpLOdvvrIG2vbwQK3ywv1_Wv4xlAcqJ22EuKDaubR7gQ9tjP5INHJDQAcNynMjOC59WX--dKKxcsl1f_7Vb-Dh_7j40xgai_KkS-pNaJaWOymIEy2mOSvnMkr7HSJJJUPyzBV8wFjXfFzA2iBmlqynxv6CIF1A9wZ_bJvsBCTn0iqI34HjVlqVh74SsbACzEgdQ1lxa-WMYMja5Qv-AcNwitoSJo05nvA-odx6CXsEYquXU0UxW9aH7gJ60uCQltsebkVMlibSYRDD0XkrmNq4SqyHH8Ar_fWW2LYGpQ5MfG0tlf-dLuj6rRzL3M4Cj-8n6mbyVCgt5H4V9dFIKhtGM3mkaBHvou7s3QCoW2b6ZLG32EdAYWdxzDwAkapJ2Fnk2trO9XJiO8Wrdtk3Y0SOMlkIbxN3VXH7SaazChJlhpKBn8nqyUvIB7dm2lFE6AwybJWE5PtzTVBkgyywxmODmtKXu8Yyi_6In_lfDCmIUHDZPfGyUCwCCbZXOll2SHtvv4xJc4LSlw7ckxjF3GUBx_O9VIS8ZVBsSWCi6MAjNWnd4i2P7tECRLaK4NKGBPwurMJbJS15wIM4Zh-npJynvl1dDi6YKZiCydneAyokPbZzPGK3C2unmv33DR8reygnIzKftaLpzz6EaSaKmzDliW03TFMKzBGl8CxRBpMAlzBvZnwROnpwZKGM36IzSNEZ1UhaC4IKnP5Qepm580tNlF0U6E-5NPj2762vbB9Mrj1viKUQt80p7wptnXlNHSrfijsZsRhP89T4da5CQgZEUlMdxMxKph25qVP2oAyNAUDO9FJz4g25-13AFGRhqnVKOfNtpQkSPvc_UFS0MHiYe-zOun4nbR37weD3uyKCGcBdrQKzC078wXBeTYA3QzL8VaRGYEY9u4yf1mdhJr3tLjFmS0CGJeNgGbfcPvuFW3-DVkyS1Qrc2GMuiGq2DVz3TD1j1lVAu9u0ZONZHiSkBy14TRLxrNz1G4gtfZbPzzwXqS2lkIFNZIcMwVsHfXLWcwxbssZUQhW8mPLPfvedy4zJOV_YEd2eHIVpXmJ3j5QYIw7eBexWHbohi70gth_lE1imSiPFuJvn83yL-BdQMV2nBjks7ii9UncjiR4EDJppPfMNQ1WX1N7_DsFguGfI4x645oFH4SJHl4Q-ROPtw9p__b-NpkhLKgDNRZYZPOQW2YP0ErcxsRfHr8JarkrX6ekBorA4rcAnngWD2Po3MawD1s7vDrA2lx6DKFhmI5uvMqmbNRu7FjcKYFrHi0subXrO4vEzBfYsklY0ISwMFIdTIrMXkqr46D1ps9AwbqDNKnjVDYRtwt2fpyTHWYlJsaEtEw2gvf0ZxL8GZIoIqkFK00kHgkvnJtxkummxf1Scbq5uLWtoo2dfIuD2vYJbQf8xc_5tLh__eoRdviTYSFI4UMaFb7V4eXQ3e_0OHbQz_31WEMWgAA7nm6HsWsdaRH1AumRboBlhrYOS5SPF_IhdH2r4ds4zAsuAoeZcYXEJCE15TUje0funkl7-76f_uuu8zMEH3atSGZoC_GS7GMwKIEuRbk77QAI-sxfVBm375353dkKULD4AOOHS9aMD1Qo-2fS_OC_u4gqZVptb9Bd2SWaHfYU9IyWcLGnLdIOpXSV9Gc76Wd0zdFS6X5_4t5MheELNmZWlil1r3fT5WGse1ThCQ-RdwF6DumF1mB_2-YKkYwlNRH4Ss51qYnvbh2LX23D_Fb48A5-5j7zPXtuxV2sv4FTBxrBkRtX_08dKSABAVgJHXArd7b7jzF90Nq8kPyuWQ_vI8ivjRso7KmayDSNxwJjnG-ZpQtCKQxCMKGY0O9beSwM-xdA0ic-DGG-UEM2QaH4l9teDG2W3VQ5OPAyZmZSD4g4J6UTsGGeMUVnFVR3lMykmZ58mQZIjOs76ipO5dgMqG9aRKPV9OI9KkgL3GfVL_vAv3_isr8IL87OXQZy9ZS0Eufj3ZTKQy29F1ZAEg94cNU4eNG68bpNYRzYdSMDsqO3J-glqfO-n4Z5zxd7xB08JNniZ98D4tCksAhvVHysQpZ6q8PmSJHcRXx8sz69b2-IRrru4k3RIoeQM4WwNH2FTQJJToUTnOFuI7l8Xa2gAGmF0RgULjoOOaEi_yzQG0QUgHtVToe3DiCXKtcdhRw1WV6VCr8e4QEdO9uipsP3UN4I-rIXgkDda-umafabpsKkyjujaHIJv5TnOkDAWyXYWBzQKc5KzQxOSqAWKUE0y4oxVX_SJaVvn--3a1BgIiAqgUiKWZY6HHkVS95uSNtuEbb26WH_9pPGFxgTRL63QcmMoEYufhlgraIBPrMEMPKHwotBX1-9CzTziqEJpbB8Utxiu8g8gZUuUuHncglgZdrVkMb_Z7FrCO5i5Z_1PvvOyPPSt1pm-CJ8SFaZId18yf4B5dTJS46kEjnGLLNP1dLDmY0kQ-aa850PgkugNVe4PCtQf8wiemhuA1C7NKA8hnab4lXDuLoR-6NvEcZIgv1UrYFwTVFz38fE-yE-iaJYCiNI9L12FyLtgcALJ5Q10BFHdO-Syo0ZMqGIUaWYjJsJ-wS1KjjicTO2u3OCGUsPz-DKehY--CQQ4MYRnvP5owKkZEhOZRzvWJ51JzP077p7i9-7JQw6Tr0-giuTa6ND6AkA9FbSqBV3meM-gzRnUWn2Qt6XogMlHAikPDAEq3VewnBFFuiR0uXl9Lx8ouGL2IZ1leGYMNJ_pv9T_w-qC34JIc3EdBTbHgdZd91d6J3FKBF6P8G2xulx1of2f25X4uCcc_acFV9FZJxJN-KuADG5C9QppWYtIA_z4b75iqWuXmSYmIgM3qZRvbQGaV4NBd8F8XtQCQNHYfDGVHkmN_afGk6oidgZthEi4mzALKeDwicqRnmTjaYkcdO8WcMWuTiRIGtFKnzZdcBQjrkvihYjWI5Lq2ZwkctepTAknlvxMFVZND99pDC-0-IrPTaBmII1cEFFBZMYR2PMAbtji-cau04FRkEOPdb-k6nJYuAxV4TfnxS_dsL3p6sCUMBehhhXpx3W_icGByWMT4Qww4Hy9BAf6HyA3hquBQL7jJZVg_HPx5al41-jwVukcSw1PvK_E9pxQWKmU5qLBKbcsZ_m0PNyYrBM44fTQcGnHADVxdc84gcH89rQ28zh_mvoRWYZVRvBtpd0lC3Np8BxRFJpdoX3tU4QaujSVvGf3WEfYRopyzb_r-16hemm9qd8NrF8m4X7KM6NrDKvln43_Pr8QjAOt87cIIQl1t8PsqmsGnNBM-_TJ5qe1CEhggIpnV7TW_Hv1AcxCuhP1x1vbfyvlOpOWD9BH-Dz75Hqkfe8_a6J9-sG22fwOEVyI5dr7atde6YXSG9iPx4P9p8YZlGBiyFMn_9LhJZrPtFGMSlvuZM8SDw3sh7Ujbqt1Icq5_fKDROaWEVVPtQmoEwMGE63xTadTI1gJbzMn2PA4fCS4H127j1ZxAosh8gMohUZ_bAbJFy8gvkYsWTQmogkyA2FMtPTcPAaPZF6TqLLzLLItcRI5VPAeL63_TevApbZMMcPPtwPHA_Y_1PQpCWvQzmSLUHUetPGVR6o5Dvylrok4aNjIh3L7XlJsy8CDttK0QTjHFdQUa8jLzSqYWLYCua6eQMXAmVGTWfgtKQg2OhiGM5vEukX4FJ8J5m8tbkueGrnNQGHl8f3FaLX_eJi0XhsMlHDQa_93evAJmH-pW_rQtKX1gtvgp&cid=CAQSTADICaaNyW0sJJPmEOfFhdBZB5kaifHCoRFUExw9rBJlaHW24uqccAw_UGL_8_uUxL3dDpPOI8ZAMG51ptKNuaRKcpd-PTDjqHrIvZkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsanovnikat.com%2F&ds=l&xdt=1&iif=1&cor=16945681009573680000&adk=497053795&idt=136&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:54:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11587
x-xss-protection
0
server
cafe
etag
192838463742493612
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 16:54:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame B7F8
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpJimT4LjC61bLSs6RK3Av2nqw_6DCVTdLYThcscGP_NbgZg8J3g87fyUEneR14NSjR2unN2xcSw5F4CXamIKR7Xbzrg&cry=1&dbm_d=AKAmf-AXljVxN-bKWmAbKf6lpypyriwwfQ4hVgsdXoES7CLh2915Ew_wM8x15_vxQNVXP91EYE4xnorsmffHm8-t5Nyft-yYTwiD4nl5ObPq08nUk4wtgmFXtn3l6GgAXHDD_BXXRkjzMYhsWWDd13hDtM676vTQKJCdYcRxTyYZC8DFWLOYQwG7qL-S3t2Uc0iNtZ6VPYCGorcQMgHHhZ3KJV-EUqd3TcKXdifxGpYvjgvbFVjsbE2odn5AwAORkdBmeXvo6bW68lwJwftxnuL8pz_U5NmFL9pJDKZ1-pk1sJCj0NUMeheL4eX4yrDnBeaW6D1ItT7Pk8tf2UgIEyAscqjC7u3hmZikVF5ydKUszO-s5tyMtzS8LeS2j_6adrWqReTOd0CROkLUB1ec7FkwIVpXkhsVUp4W1XDZLBqyQvZYw56Qur6SK01q83bysoKXMUfO69D5uGCG-xJ0N4CojdiW8rtCHBC1GLntMOTSFtMRFXWpLb9XL8bBsAHeFnCVmIoHTawIzer5z63ucR-wYc5d9SuTxofJU6PMvwEa34Ruj0xIY6b8JfdNAyP7VUlRqYQZ-43Hrau2hvn9nYG44HykR0l6hV30ESuhObvao0tusrkyKmyu5v-GTvlU-9UiSph4s6SjIjWEtP1_Q0_ToJQCjy9KCa2e-t8eW37M5zSSUqpLOdvvrIG2vbwQK3ywv1_Wv4xlAcqJ22EuKDaubR7gQ9tjP5INHJDQAcNynMjOC59WX--dKKxcsl1f_7Vb-Dh_7j40xgai_KkS-pNaJaWOymIEy2mOSvnMkr7HSJJJUPyzBV8wFjXfFzA2iBmlqynxv6CIF1A9wZ_bJvsBCTn0iqI34HjVlqVh74SsbACzEgdQ1lxa-WMYMja5Qv-AcNwitoSJo05nvA-odx6CXsEYquXU0UxW9aH7gJ60uCQltsebkVMlibSYRDD0XkrmNq4SqyHH8Ar_fWW2LYGpQ5MfG0tlf-dLuj6rRzL3M4Cj-8n6mbyVCgt5H4V9dFIKhtGM3mkaBHvou7s3QCoW2b6ZLG32EdAYWdxzDwAkapJ2Fnk2trO9XJiO8Wrdtk3Y0SOMlkIbxN3VXH7SaazChJlhpKBn8nqyUvIB7dm2lFE6AwybJWE5PtzTVBkgyywxmODmtKXu8Yyi_6In_lfDCmIUHDZPfGyUCwCCbZXOll2SHtvv4xJc4LSlw7ckxjF3GUBx_O9VIS8ZVBsSWCi6MAjNWnd4i2P7tECRLaK4NKGBPwurMJbJS15wIM4Zh-npJynvl1dDi6YKZiCydneAyokPbZzPGK3C2unmv33DR8reygnIzKftaLpzz6EaSaKmzDliW03TFMKzBGl8CxRBpMAlzBvZnwROnpwZKGM36IzSNEZ1UhaC4IKnP5Qepm580tNlF0U6E-5NPj2762vbB9Mrj1viKUQt80p7wptnXlNHSrfijsZsRhP89T4da5CQgZEUlMdxMxKph25qVP2oAyNAUDO9FJz4g25-13AFGRhqnVKOfNtpQkSPvc_UFS0MHiYe-zOun4nbR37weD3uyKCGcBdrQKzC078wXBeTYA3QzL8VaRGYEY9u4yf1mdhJr3tLjFmS0CGJeNgGbfcPvuFW3-DVkyS1Qrc2GMuiGq2DVz3TD1j1lVAu9u0ZONZHiSkBy14TRLxrNz1G4gtfZbPzzwXqS2lkIFNZIcMwVsHfXLWcwxbssZUQhW8mPLPfvedy4zJOV_YEd2eHIVpXmJ3j5QYIw7eBexWHbohi70gth_lE1imSiPFuJvn83yL-BdQMV2nBjks7ii9UncjiR4EDJppPfMNQ1WX1N7_DsFguGfI4x645oFH4SJHl4Q-ROPtw9p__b-NpkhLKgDNRZYZPOQW2YP0ErcxsRfHr8JarkrX6ekBorA4rcAnngWD2Po3MawD1s7vDrA2lx6DKFhmI5uvMqmbNRu7FjcKYFrHi0subXrO4vEzBfYsklY0ISwMFIdTIrMXkqr46D1ps9AwbqDNKnjVDYRtwt2fpyTHWYlJsaEtEw2gvf0ZxL8GZIoIqkFK00kHgkvnJtxkummxf1Scbq5uLWtoo2dfIuD2vYJbQf8xc_5tLh__eoRdviTYSFI4UMaFb7V4eXQ3e_0OHbQz_31WEMWgAA7nm6HsWsdaRH1AumRboBlhrYOS5SPF_IhdH2r4ds4zAsuAoeZcYXEJCE15TUje0funkl7-76f_uuu8zMEH3atSGZoC_GS7GMwKIEuRbk77QAI-sxfVBm375353dkKULD4AOOHS9aMD1Qo-2fS_OC_u4gqZVptb9Bd2SWaHfYU9IyWcLGnLdIOpXSV9Gc76Wd0zdFS6X5_4t5MheELNmZWlil1r3fT5WGse1ThCQ-RdwF6DumF1mB_2-YKkYwlNRH4Ss51qYnvbh2LX23D_Fb48A5-5j7zPXtuxV2sv4FTBxrBkRtX_08dKSABAVgJHXArd7b7jzF90Nq8kPyuWQ_vI8ivjRso7KmayDSNxwJjnG-ZpQtCKQxCMKGY0O9beSwM-xdA0ic-DGG-UEM2QaH4l9teDG2W3VQ5OPAyZmZSD4g4J6UTsGGeMUVnFVR3lMykmZ58mQZIjOs76ipO5dgMqG9aRKPV9OI9KkgL3GfVL_vAv3_isr8IL87OXQZy9ZS0Eufj3ZTKQy29F1ZAEg94cNU4eNG68bpNYRzYdSMDsqO3J-glqfO-n4Z5zxd7xB08JNniZ98D4tCksAhvVHysQpZ6q8PmSJHcRXx8sz69b2-IRrru4k3RIoeQM4WwNH2FTQJJToUTnOFuI7l8Xa2gAGmF0RgULjoOOaEi_yzQG0QUgHtVToe3DiCXKtcdhRw1WV6VCr8e4QEdO9uipsP3UN4I-rIXgkDda-umafabpsKkyjujaHIJv5TnOkDAWyXYWBzQKc5KzQxOSqAWKUE0y4oxVX_SJaVvn--3a1BgIiAqgUiKWZY6HHkVS95uSNtuEbb26WH_9pPGFxgTRL63QcmMoEYufhlgraIBPrMEMPKHwotBX1-9CzTziqEJpbB8Utxiu8g8gZUuUuHncglgZdrVkMb_Z7FrCO5i5Z_1PvvOyPPSt1pm-CJ8SFaZId18yf4B5dTJS46kEjnGLLNP1dLDmY0kQ-aa850PgkugNVe4PCtQf8wiemhuA1C7NKA8hnab4lXDuLoR-6NvEcZIgv1UrYFwTVFz38fE-yE-iaJYCiNI9L12FyLtgcALJ5Q10BFHdO-Syo0ZMqGIUaWYjJsJ-wS1KjjicTO2u3OCGUsPz-DKehY--CQQ4MYRnvP5owKkZEhOZRzvWJ51JzP077p7i9-7JQw6Tr0-giuTa6ND6AkA9FbSqBV3meM-gzRnUWn2Qt6XogMlHAikPDAEq3VewnBFFuiR0uXl9Lx8ouGL2IZ1leGYMNJ_pv9T_w-qC34JIc3EdBTbHgdZd91d6J3FKBF6P8G2xulx1of2f25X4uCcc_acFV9FZJxJN-KuADG5C9QppWYtIA_z4b75iqWuXmSYmIgM3qZRvbQGaV4NBd8F8XtQCQNHYfDGVHkmN_afGk6oidgZthEi4mzALKeDwicqRnmTjaYkcdO8WcMWuTiRIGtFKnzZdcBQjrkvihYjWI5Lq2ZwkctepTAknlvxMFVZND99pDC-0-IrPTaBmII1cEFFBZMYR2PMAbtji-cau04FRkEOPdb-k6nJYuAxV4TfnxS_dsL3p6sCUMBehhhXpx3W_icGByWMT4Qww4Hy9BAf6HyA3hquBQL7jJZVg_HPx5al41-jwVukcSw1PvK_E9pxQWKmU5qLBKbcsZ_m0PNyYrBM44fTQcGnHADVxdc84gcH89rQ28zh_mvoRWYZVRvBtpd0lC3Np8BxRFJpdoX3tU4QaujSVvGf3WEfYRopyzb_r-16hemm9qd8NrF8m4X7KM6NrDKvln43_Pr8QjAOt87cIIQl1t8PsqmsGnNBM-_TJ5qe1CEhggIpnV7TW_Hv1AcxCuhP1x1vbfyvlOpOWD9BH-Dz75Hqkfe8_a6J9-sG22fwOEVyI5dr7atde6YXSG9iPx4P9p8YZlGBiyFMn_9LhJZrPtFGMSlvuZM8SDw3sh7Ujbqt1Icq5_fKDROaWEVVPtQmoEwMGE63xTadTI1gJbzMn2PA4fCS4H127j1ZxAosh8gMohUZ_bAbJFy8gvkYsWTQmogkyA2FMtPTcPAaPZF6TqLLzLLItcRI5VPAeL63_TevApbZMMcPPtwPHA_Y_1PQpCWvQzmSLUHUetPGVR6o5Dvylrok4aNjIh3L7XlJsy8CDttK0QTjHFdQUa8jLzSqYWLYCua6eQMXAmVGTWfgtKQg2OhiGM5vEukX4FJ8J5m8tbkueGrnNQGHl8f3FaLX_eJi0XhsMlHDQa_93evAJmH-pW_rQtKX1gtvgp&cid=CAQSTADICaaNyW0sJJPmEOfFhdBZB5kaifHCoRFUExw9rBJlaHW24uqccAw_UGL_8_uUxL3dDpPOI8ZAMG51ptKNuaRKcpd-PTDjqHrIvZkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsanovnikat.com%2F&ds=l&xdt=1&iif=1&cor=16945681009573680000&adk=497053795&idt=136&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:52:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
279
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Oct 2023 16:52:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B7F8
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvSZaBt3X_BEYk8ugtDKAmrzOENNNZVPjjO9wJm3KsRfRBCeCwROjxIeKLB9Qh18OgpG40WlFESmVbjhpMcXae8EbMiM2HkBqUaxBUly7Iqq1LIGyBKcsQrs8b4kZV78Ss2BWKP9M4kkc8q1KMz-rZ99LBl4Ewmq_RHhVeoNiivr3JXIDw9OX_QamSd6Yw8IGKpSBnYWLhfT1E8DVAkNqM0AC0oczgxzjqUN1YoaOPVvVQUt0X2eypIzwEjTbuE06unphJ8BAXPtanVZcFNaEeDWnB0t0_Ev3E3STColNFxrG3GnxSf-x3O4wLu3IebHXgun7uD3t7-5e3MYy2zgMNVHZIQKJOlQoApbzg20V55qCismLTL3mVwDqaf_SjB82pXUcnYg0nbeLoWrmPPx986iklZFpDwWK-ThpHvgFpWzkk3Ll7lEnnQo5U3VQLDXf_MqjT_Cir9odZS0wvk0PCPvLGtT5Zm-DOa-A_Xcc-O16srxzOl-wjCy9NijZ7okFYODSQVgDaWJky38UIUom5EHKHKBwUp9dkEAeFfTna0r9KqSoyIMA-mtGsZ7Yszb34OeYBc48sKON_MTuqXzFdd5XTC7D8r7q0lhxJVOP-cDWMJBkPSTQaE5ch271dSa2KJ_6yliu_fbWkaAgYKEHmbWAjpU-neWlvCNPXK1J8uRpEDlcWhtfbOrx87fjXlKsVrywXDBABen7IczdHEL_wJclL7HMTA79h8Yh3S0Gf19WAm2p1JihaOgsv6avzRbyDPToL-KYrzvqmf04BHdUNevTiLwxXqHGvcW7f8iX94lDaZKri6HvhDWtMTg9klKQH2S9sVzhcupO8ohaoeSvwTGoqki4JC5zR2fBq1gZ0AWg3Sv5zym2Vda4eTxGZPWaPPRYBq-hymZIsFvUQs6zOLma8oitiRqzMkIb2iAh65iKEhInwtV0JeDxUtTZC1EplHdrs7drl4NwpKxdBKrXpBWjwQDuHA0Dhtr_v4Y8RKRvt-SO2arKDk97vzRRIU5NJ6Qk7ZT1EAw-hjfPYyJdvQPnXxPOP4lYWOWDVuGsNquvtSUr9NnsBc06XcMvwYBJkYwv62LDUw-JYW520zZKXhXi2K9Bo3aRVuQw3SgYU-rkGUnlvzIUbIysmhrLrIpoyNNlWr1-SfG98S3NUXj0DCwmChMrrwgsfqricw66fpZ57Ha5XAubkma74UKGmucuxNVP6hRxCJpAo4zUoqBgfgeJrDn3100fwbsMHmUURK4KcW1lC5eYRE0CEJ_j6I2G-Xsh5VTL2RUFHAmjchTuqkvJf6LafqV0lcKCGrUUj6Suth8f1Q7gvrxDpCeSH6qD9DJOhvyXrA-MR8mUIl-yiUtW4S&sai=AMfl-YSYsKv6wLzRU7_XF5TeIruminNkRD4084hTv7u_-2QuMd7yAIwJzFf-Htx_ryyw5l7Lhe2A9I1eCf2K18oFpiDs0xUJ4jF19IkRuDNTWVUGQodFCD6f5xSkqit6ffO5OJn0PMadIgpdFtwe3xdlM6t1-dzdN_6Jdj1bDBjqaZT-w4pfeJ0txxepZrMch2b8FUMzIWEo80-gO9g5ae0oc1-0YdxsHBaIGXFRFksOq-6xfncMftmmXcIzGj5sRTzowgZSriZRuBJtSNKjCXuANZy_ORLsXr4areUR&sig=Cg0ArKJSzHMrWZJNE5NcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230927.00035&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpJimT4LjC61bLSs6RK3Av2nqw_6DCVTdLYThcscGP_NbgZg8J3g87fyUEneR14NSjR2unN2xcSw5F4CXamIKR7Xbzrg&cry=1&dbm_d=AKAmf-AXljVxN-bKWmAbKf6lpypyriwwfQ4hVgsdXoES7CLh2915Ew_wM8x15_vxQNVXP91EYE4xnorsmffHm8-t5Nyft-yYTwiD4nl5ObPq08nUk4wtgmFXtn3l6GgAXHDD_BXXRkjzMYhsWWDd13hDtM676vTQKJCdYcRxTyYZC8DFWLOYQwG7qL-S3t2Uc0iNtZ6VPYCGorcQMgHHhZ3KJV-EUqd3TcKXdifxGpYvjgvbFVjsbE2odn5AwAORkdBmeXvo6bW68lwJwftxnuL8pz_U5NmFL9pJDKZ1-pk1sJCj0NUMeheL4eX4yrDnBeaW6D1ItT7Pk8tf2UgIEyAscqjC7u3hmZikVF5ydKUszO-s5tyMtzS8LeS2j_6adrWqReTOd0CROkLUB1ec7FkwIVpXkhsVUp4W1XDZLBqyQvZYw56Qur6SK01q83bysoKXMUfO69D5uGCG-xJ0N4CojdiW8rtCHBC1GLntMOTSFtMRFXWpLb9XL8bBsAHeFnCVmIoHTawIzer5z63ucR-wYc5d9SuTxofJU6PMvwEa34Ruj0xIY6b8JfdNAyP7VUlRqYQZ-43Hrau2hvn9nYG44HykR0l6hV30ESuhObvao0tusrkyKmyu5v-GTvlU-9UiSph4s6SjIjWEtP1_Q0_ToJQCjy9KCa2e-t8eW37M5zSSUqpLOdvvrIG2vbwQK3ywv1_Wv4xlAcqJ22EuKDaubR7gQ9tjP5INHJDQAcNynMjOC59WX--dKKxcsl1f_7Vb-Dh_7j40xgai_KkS-pNaJaWOymIEy2mOSvnMkr7HSJJJUPyzBV8wFjXfFzA2iBmlqynxv6CIF1A9wZ_bJvsBCTn0iqI34HjVlqVh74SsbACzEgdQ1lxa-WMYMja5Qv-AcNwitoSJo05nvA-odx6CXsEYquXU0UxW9aH7gJ60uCQltsebkVMlibSYRDD0XkrmNq4SqyHH8Ar_fWW2LYGpQ5MfG0tlf-dLuj6rRzL3M4Cj-8n6mbyVCgt5H4V9dFIKhtGM3mkaBHvou7s3QCoW2b6ZLG32EdAYWdxzDwAkapJ2Fnk2trO9XJiO8Wrdtk3Y0SOMlkIbxN3VXH7SaazChJlhpKBn8nqyUvIB7dm2lFE6AwybJWE5PtzTVBkgyywxmODmtKXu8Yyi_6In_lfDCmIUHDZPfGyUCwCCbZXOll2SHtvv4xJc4LSlw7ckxjF3GUBx_O9VIS8ZVBsSWCi6MAjNWnd4i2P7tECRLaK4NKGBPwurMJbJS15wIM4Zh-npJynvl1dDi6YKZiCydneAyokPbZzPGK3C2unmv33DR8reygnIzKftaLpzz6EaSaKmzDliW03TFMKzBGl8CxRBpMAlzBvZnwROnpwZKGM36IzSNEZ1UhaC4IKnP5Qepm580tNlF0U6E-5NPj2762vbB9Mrj1viKUQt80p7wptnXlNHSrfijsZsRhP89T4da5CQgZEUlMdxMxKph25qVP2oAyNAUDO9FJz4g25-13AFGRhqnVKOfNtpQkSPvc_UFS0MHiYe-zOun4nbR37weD3uyKCGcBdrQKzC078wXBeTYA3QzL8VaRGYEY9u4yf1mdhJr3tLjFmS0CGJeNgGbfcPvuFW3-DVkyS1Qrc2GMuiGq2DVz3TD1j1lVAu9u0ZONZHiSkBy14TRLxrNz1G4gtfZbPzzwXqS2lkIFNZIcMwVsHfXLWcwxbssZUQhW8mPLPfvedy4zJOV_YEd2eHIVpXmJ3j5QYIw7eBexWHbohi70gth_lE1imSiPFuJvn83yL-BdQMV2nBjks7ii9UncjiR4EDJppPfMNQ1WX1N7_DsFguGfI4x645oFH4SJHl4Q-ROPtw9p__b-NpkhLKgDNRZYZPOQW2YP0ErcxsRfHr8JarkrX6ekBorA4rcAnngWD2Po3MawD1s7vDrA2lx6DKFhmI5uvMqmbNRu7FjcKYFrHi0subXrO4vEzBfYsklY0ISwMFIdTIrMXkqr46D1ps9AwbqDNKnjVDYRtwt2fpyTHWYlJsaEtEw2gvf0ZxL8GZIoIqkFK00kHgkvnJtxkummxf1Scbq5uLWtoo2dfIuD2vYJbQf8xc_5tLh__eoRdviTYSFI4UMaFb7V4eXQ3e_0OHbQz_31WEMWgAA7nm6HsWsdaRH1AumRboBlhrYOS5SPF_IhdH2r4ds4zAsuAoeZcYXEJCE15TUje0funkl7-76f_uuu8zMEH3atSGZoC_GS7GMwKIEuRbk77QAI-sxfVBm375353dkKULD4AOOHS9aMD1Qo-2fS_OC_u4gqZVptb9Bd2SWaHfYU9IyWcLGnLdIOpXSV9Gc76Wd0zdFS6X5_4t5MheELNmZWlil1r3fT5WGse1ThCQ-RdwF6DumF1mB_2-YKkYwlNRH4Ss51qYnvbh2LX23D_Fb48A5-5j7zPXtuxV2sv4FTBxrBkRtX_08dKSABAVgJHXArd7b7jzF90Nq8kPyuWQ_vI8ivjRso7KmayDSNxwJjnG-ZpQtCKQxCMKGY0O9beSwM-xdA0ic-DGG-UEM2QaH4l9teDG2W3VQ5OPAyZmZSD4g4J6UTsGGeMUVnFVR3lMykmZ58mQZIjOs76ipO5dgMqG9aRKPV9OI9KkgL3GfVL_vAv3_isr8IL87OXQZy9ZS0Eufj3ZTKQy29F1ZAEg94cNU4eNG68bpNYRzYdSMDsqO3J-glqfO-n4Z5zxd7xB08JNniZ98D4tCksAhvVHysQpZ6q8PmSJHcRXx8sz69b2-IRrru4k3RIoeQM4WwNH2FTQJJToUTnOFuI7l8Xa2gAGmF0RgULjoOOaEi_yzQG0QUgHtVToe3DiCXKtcdhRw1WV6VCr8e4QEdO9uipsP3UN4I-rIXgkDda-umafabpsKkyjujaHIJv5TnOkDAWyXYWBzQKc5KzQxOSqAWKUE0y4oxVX_SJaVvn--3a1BgIiAqgUiKWZY6HHkVS95uSNtuEbb26WH_9pPGFxgTRL63QcmMoEYufhlgraIBPrMEMPKHwotBX1-9CzTziqEJpbB8Utxiu8g8gZUuUuHncglgZdrVkMb_Z7FrCO5i5Z_1PvvOyPPSt1pm-CJ8SFaZId18yf4B5dTJS46kEjnGLLNP1dLDmY0kQ-aa850PgkugNVe4PCtQf8wiemhuA1C7NKA8hnab4lXDuLoR-6NvEcZIgv1UrYFwTVFz38fE-yE-iaJYCiNI9L12FyLtgcALJ5Q10BFHdO-Syo0ZMqGIUaWYjJsJ-wS1KjjicTO2u3OCGUsPz-DKehY--CQQ4MYRnvP5owKkZEhOZRzvWJ51JzP077p7i9-7JQw6Tr0-giuTa6ND6AkA9FbSqBV3meM-gzRnUWn2Qt6XogMlHAikPDAEq3VewnBFFuiR0uXl9Lx8ouGL2IZ1leGYMNJ_pv9T_w-qC34JIc3EdBTbHgdZd91d6J3FKBF6P8G2xulx1of2f25X4uCcc_acFV9FZJxJN-KuADG5C9QppWYtIA_z4b75iqWuXmSYmIgM3qZRvbQGaV4NBd8F8XtQCQNHYfDGVHkmN_afGk6oidgZthEi4mzALKeDwicqRnmTjaYkcdO8WcMWuTiRIGtFKnzZdcBQjrkvihYjWI5Lq2ZwkctepTAknlvxMFVZND99pDC-0-IrPTaBmII1cEFFBZMYR2PMAbtji-cau04FRkEOPdb-k6nJYuAxV4TfnxS_dsL3p6sCUMBehhhXpx3W_icGByWMT4Qww4Hy9BAf6HyA3hquBQL7jJZVg_HPx5al41-jwVukcSw1PvK_E9pxQWKmU5qLBKbcsZ_m0PNyYrBM44fTQcGnHADVxdc84gcH89rQ28zh_mvoRWYZVRvBtpd0lC3Np8BxRFJpdoX3tU4QaujSVvGf3WEfYRopyzb_r-16hemm9qd8NrF8m4X7KM6NrDKvln43_Pr8QjAOt87cIIQl1t8PsqmsGnNBM-_TJ5qe1CEhggIpnV7TW_Hv1AcxCuhP1x1vbfyvlOpOWD9BH-Dz75Hqkfe8_a6J9-sG22fwOEVyI5dr7atde6YXSG9iPx4P9p8YZlGBiyFMn_9LhJZrPtFGMSlvuZM8SDw3sh7Ujbqt1Icq5_fKDROaWEVVPtQmoEwMGE63xTadTI1gJbzMn2PA4fCS4H127j1ZxAosh8gMohUZ_bAbJFy8gvkYsWTQmogkyA2FMtPTcPAaPZF6TqLLzLLItcRI5VPAeL63_TevApbZMMcPPtwPHA_Y_1PQpCWvQzmSLUHUetPGVR6o5Dvylrok4aNjIh3L7XlJsy8CDttK0QTjHFdQUa8jLzSqYWLYCua6eQMXAmVGTWfgtKQg2OhiGM5vEukX4FJ8J5m8tbkueGrnNQGHl8f3FaLX_eJi0XhsMlHDQa_93evAJmH-pW_rQtKX1gtvgp&cid=CAQSTADICaaNyW0sJJPmEOfFhdBZB5kaifHCoRFUExw9rBJlaHW24uqccAw_UGL_8_uUxL3dDpPOI8ZAMG51ptKNuaRKcpd-PTDjqHrIvZkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsanovnikat.com%2F&ds=l&xdt=1&iif=1&cor=16945681009573680000&adk=497053795&idt=136&cac=0&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 02 Oct 2023 16:57:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B7F8
41 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpJimT4LjC61bLSs6RK3Av2nqw_6DCVTdLYThcscGP_NbgZg8J3g87fyUEneR14NSjR2unN2xcSw5F4CXamIKR7Xbzrg&cry=1&dbm_d=AKAmf-AXljVxN-bKWmAbKf6lpypyriwwfQ4hVgsdXoES7CLh2915Ew_wM8x15_vxQNVXP91EYE4xnorsmffHm8-t5Nyft-yYTwiD4nl5ObPq08nUk4wtgmFXtn3l6GgAXHDD_BXXRkjzMYhsWWDd13hDtM676vTQKJCdYcRxTyYZC8DFWLOYQwG7qL-S3t2Uc0iNtZ6VPYCGorcQMgHHhZ3KJV-EUqd3TcKXdifxGpYvjgvbFVjsbE2odn5AwAORkdBmeXvo6bW68lwJwftxnuL8pz_U5NmFL9pJDKZ1-pk1sJCj0NUMeheL4eX4yrDnBeaW6D1ItT7Pk8tf2UgIEyAscqjC7u3hmZikVF5ydKUszO-s5tyMtzS8LeS2j_6adrWqReTOd0CROkLUB1ec7FkwIVpXkhsVUp4W1XDZLBqyQvZYw56Qur6SK01q83bysoKXMUfO69D5uGCG-xJ0N4CojdiW8rtCHBC1GLntMOTSFtMRFXWpLb9XL8bBsAHeFnCVmIoHTawIzer5z63ucR-wYc5d9SuTxofJU6PMvwEa34Ruj0xIY6b8JfdNAyP7VUlRqYQZ-43Hrau2hvn9nYG44HykR0l6hV30ESuhObvao0tusrkyKmyu5v-GTvlU-9UiSph4s6SjIjWEtP1_Q0_ToJQCjy9KCa2e-t8eW37M5zSSUqpLOdvvrIG2vbwQK3ywv1_Wv4xlAcqJ22EuKDaubR7gQ9tjP5INHJDQAcNynMjOC59WX--dKKxcsl1f_7Vb-Dh_7j40xgai_KkS-pNaJaWOymIEy2mOSvnMkr7HSJJJUPyzBV8wFjXfFzA2iBmlqynxv6CIF1A9wZ_bJvsBCTn0iqI34HjVlqVh74SsbACzEgdQ1lxa-WMYMja5Qv-AcNwitoSJo05nvA-odx6CXsEYquXU0UxW9aH7gJ60uCQltsebkVMlibSYRDD0XkrmNq4SqyHH8Ar_fWW2LYGpQ5MfG0tlf-dLuj6rRzL3M4Cj-8n6mbyVCgt5H4V9dFIKhtGM3mkaBHvou7s3QCoW2b6ZLG32EdAYWdxzDwAkapJ2Fnk2trO9XJiO8Wrdtk3Y0SOMlkIbxN3VXH7SaazChJlhpKBn8nqyUvIB7dm2lFE6AwybJWE5PtzTVBkgyywxmODmtKXu8Yyi_6In_lfDCmIUHDZPfGyUCwCCbZXOll2SHtvv4xJc4LSlw7ckxjF3GUBx_O9VIS8ZVBsSWCi6MAjNWnd4i2P7tECRLaK4NKGBPwurMJbJS15wIM4Zh-npJynvl1dDi6YKZiCydneAyokPbZzPGK3C2unmv33DR8reygnIzKftaLpzz6EaSaKmzDliW03TFMKzBGl8CxRBpMAlzBvZnwROnpwZKGM36IzSNEZ1UhaC4IKnP5Qepm580tNlF0U6E-5NPj2762vbB9Mrj1viKUQt80p7wptnXlNHSrfijsZsRhP89T4da5CQgZEUlMdxMxKph25qVP2oAyNAUDO9FJz4g25-13AFGRhqnVKOfNtpQkSPvc_UFS0MHiYe-zOun4nbR37weD3uyKCGcBdrQKzC078wXBeTYA3QzL8VaRGYEY9u4yf1mdhJr3tLjFmS0CGJeNgGbfcPvuFW3-DVkyS1Qrc2GMuiGq2DVz3TD1j1lVAu9u0ZONZHiSkBy14TRLxrNz1G4gtfZbPzzwXqS2lkIFNZIcMwVsHfXLWcwxbssZUQhW8mPLPfvedy4zJOV_YEd2eHIVpXmJ3j5QYIw7eBexWHbohi70gth_lE1imSiPFuJvn83yL-BdQMV2nBjks7ii9UncjiR4EDJppPfMNQ1WX1N7_DsFguGfI4x645oFH4SJHl4Q-ROPtw9p__b-NpkhLKgDNRZYZPOQW2YP0ErcxsRfHr8JarkrX6ekBorA4rcAnngWD2Po3MawD1s7vDrA2lx6DKFhmI5uvMqmbNRu7FjcKYFrHi0subXrO4vEzBfYsklY0ISwMFIdTIrMXkqr46D1ps9AwbqDNKnjVDYRtwt2fpyTHWYlJsaEtEw2gvf0ZxL8GZIoIqkFK00kHgkvnJtxkummxf1Scbq5uLWtoo2dfIuD2vYJbQf8xc_5tLh__eoRdviTYSFI4UMaFb7V4eXQ3e_0OHbQz_31WEMWgAA7nm6HsWsdaRH1AumRboBlhrYOS5SPF_IhdH2r4ds4zAsuAoeZcYXEJCE15TUje0funkl7-76f_uuu8zMEH3atSGZoC_GS7GMwKIEuRbk77QAI-sxfVBm375353dkKULD4AOOHS9aMD1Qo-2fS_OC_u4gqZVptb9Bd2SWaHfYU9IyWcLGnLdIOpXSV9Gc76Wd0zdFS6X5_4t5MheELNmZWlil1r3fT5WGse1ThCQ-RdwF6DumF1mB_2-YKkYwlNRH4Ss51qYnvbh2LX23D_Fb48A5-5j7zPXtuxV2sv4FTBxrBkRtX_08dKSABAVgJHXArd7b7jzF90Nq8kPyuWQ_vI8ivjRso7KmayDSNxwJjnG-ZpQtCKQxCMKGY0O9beSwM-xdA0ic-DGG-UEM2QaH4l9teDG2W3VQ5OPAyZmZSD4g4J6UTsGGeMUVnFVR3lMykmZ58mQZIjOs76ipO5dgMqG9aRKPV9OI9KkgL3GfVL_vAv3_isr8IL87OXQZy9ZS0Eufj3ZTKQy29F1ZAEg94cNU4eNG68bpNYRzYdSMDsqO3J-glqfO-n4Z5zxd7xB08JNniZ98D4tCksAhvVHysQpZ6q8PmSJHcRXx8sz69b2-IRrru4k3RIoeQM4WwNH2FTQJJToUTnOFuI7l8Xa2gAGmF0RgULjoOOaEi_yzQG0QUgHtVToe3DiCXKtcdhRw1WV6VCr8e4QEdO9uipsP3UN4I-rIXgkDda-umafabpsKkyjujaHIJv5TnOkDAWyXYWBzQKc5KzQxOSqAWKUE0y4oxVX_SJaVvn--3a1BgIiAqgUiKWZY6HHkVS95uSNtuEbb26WH_9pPGFxgTRL63QcmMoEYufhlgraIBPrMEMPKHwotBX1-9CzTziqEJpbB8Utxiu8g8gZUuUuHncglgZdrVkMb_Z7FrCO5i5Z_1PvvOyPPSt1pm-CJ8SFaZId18yf4B5dTJS46kEjnGLLNP1dLDmY0kQ-aa850PgkugNVe4PCtQf8wiemhuA1C7NKA8hnab4lXDuLoR-6NvEcZIgv1UrYFwTVFz38fE-yE-iaJYCiNI9L12FyLtgcALJ5Q10BFHdO-Syo0ZMqGIUaWYjJsJ-wS1KjjicTO2u3OCGUsPz-DKehY--CQQ4MYRnvP5owKkZEhOZRzvWJ51JzP077p7i9-7JQw6Tr0-giuTa6ND6AkA9FbSqBV3meM-gzRnUWn2Qt6XogMlHAikPDAEq3VewnBFFuiR0uXl9Lx8ouGL2IZ1leGYMNJ_pv9T_w-qC34JIc3EdBTbHgdZd91d6J3FKBF6P8G2xulx1of2f25X4uCcc_acFV9FZJxJN-KuADG5C9QppWYtIA_z4b75iqWuXmSYmIgM3qZRvbQGaV4NBd8F8XtQCQNHYfDGVHkmN_afGk6oidgZthEi4mzALKeDwicqRnmTjaYkcdO8WcMWuTiRIGtFKnzZdcBQjrkvihYjWI5Lq2ZwkctepTAknlvxMFVZND99pDC-0-IrPTaBmII1cEFFBZMYR2PMAbtji-cau04FRkEOPdb-k6nJYuAxV4TfnxS_dsL3p6sCUMBehhhXpx3W_icGByWMT4Qww4Hy9BAf6HyA3hquBQL7jJZVg_HPx5al41-jwVukcSw1PvK_E9pxQWKmU5qLBKbcsZ_m0PNyYrBM44fTQcGnHADVxdc84gcH89rQ28zh_mvoRWYZVRvBtpd0lC3Np8BxRFJpdoX3tU4QaujSVvGf3WEfYRopyzb_r-16hemm9qd8NrF8m4X7KM6NrDKvln43_Pr8QjAOt87cIIQl1t8PsqmsGnNBM-_TJ5qe1CEhggIpnV7TW_Hv1AcxCuhP1x1vbfyvlOpOWD9BH-Dz75Hqkfe8_a6J9-sG22fwOEVyI5dr7atde6YXSG9iPx4P9p8YZlGBiyFMn_9LhJZrPtFGMSlvuZM8SDw3sh7Ujbqt1Icq5_fKDROaWEVVPtQmoEwMGE63xTadTI1gJbzMn2PA4fCS4H127j1ZxAosh8gMohUZ_bAbJFy8gvkYsWTQmogkyA2FMtPTcPAaPZF6TqLLzLLItcRI5VPAeL63_TevApbZMMcPPtwPHA_Y_1PQpCWvQzmSLUHUetPGVR6o5Dvylrok4aNjIh3L7XlJsy8CDttK0QTjHFdQUa8jLzSqYWLYCua6eQMXAmVGTWfgtKQg2OhiGM5vEukX4FJ8J5m8tbkueGrnNQGHl8f3FaLX_eJi0XhsMlHDQa_93evAJmH-pW_rQtKX1gtvgp&cid=CAQSTADICaaNyW0sJJPmEOfFhdBZB5kaifHCoRFUExw9rBJlaHW24uqccAw_UGL_8_uUxL3dDpPOI8ZAMG51ptKNuaRKcpd-PTDjqHrIvZkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsanovnikat.com%2F&ds=l&xdt=1&iif=1&cor=16945681009573680000&adk=497053795&idt=136&cac=0&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
295127
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 06:58:24 GMT
17871898491057709803
s0.2mdn.net/simgad/ Frame B7F8
88 KB
88 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/17871898491057709803
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=309&slotname=3249978591&adk=1088673156&adf=1183831810&pi=t.ma~as.3249978591&w=370&fwrn=4&lmt=1696258630&rafmt=11&format=370x309&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830387&bpp=5&bdt=1126&idt=5&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZQQguldsjp&p=https%3A//sanovnikat.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37d58ebb37b791f3e696c2efe73875ac843f2b738508b44a63009a19a0b0bacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 19:25:50 GMT
x-content-type-options
nosniff
age
336681
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90089
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 08:59:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 Sep 2024 19:25:50 GMT
truncated
/ Frame B7F8
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09b75aeeb59889393d1401972bf509746603fd34d5c192499714dd19646e7543

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js
pagead2.googlesyndication.com/bg/ Frame 6132
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:38:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
508743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14917
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:38:08 GMT
AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js
pagead2.googlesyndication.com/bg/ Frame A87F
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:38:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
508743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14917
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:38:08 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B7F8
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvSZaBt3X_BEYk8ugtDKAmrzOENNNZVPjjO9wJm3KsRfRBCeCwROjxIeKLB9Qh18OgpG40WlFESmVbjhpMcXae8EbMiM2HkBqUaxBUly7Iqq1LIGyBKcsQrs8b4kZV78Ss2BWKP9M4kkc8q1KMz-rZ99LBl4Ewmq_RHhVeoNiivr3JXIDw9OX_QamSd6Yw8IGKpSBnYWLhfT1E8DVAkNqM0AC0oczgxzjqUN1YoaOPVvVQUt0X2eypIzwEjTbuE06unphJ8BAXPtanVZcFNaEeDWnB0t0_Ev3E3STColNFxrG3GnxSf-x3O4wLu3IebHXgun7uD3t7-5e3MYy2zgMNVHZIQKJOlQoApbzg20V55qCismLTL3mVwDqaf_SjB82pXUcnYg0nbeLoWrmPPx986iklZFpDwWK-ThpHvgFpWzkk3Ll7lEnnQo5U3VQLDXf_MqjT_Cir9odZS0wvk0PCPvLGtT5Zm-DOa-A_Xcc-O16srxzOl-wjCy9NijZ7okFYODSQVgDaWJky38UIUom5EHKHKBwUp9dkEAeFfTna0r9KqSoyIMA-mtGsZ7Yszb34OeYBc48sKON_MTuqXzFdd5XTC7D8r7q0lhxJVOP-cDWMJBkPSTQaE5ch271dSa2KJ_6yliu_fbWkaAgYKEHmbWAjpU-neWlvCNPXK1J8uRpEDlcWhtfbOrx87fjXlKsVrywXDBABen7IczdHEL_wJclL7HMTA79h8Yh3S0Gf19WAm2p1JihaOgsv6avzRbyDPToL-KYrzvqmf04BHdUNevTiLwxXqHGvcW7f8iX94lDaZKri6HvhDWtMTg9klKQH2S9sVzhcupO8ohaoeSvwTGoqki4JC5zR2fBq1gZ0AWg3Sv5zym2Vda4eTxGZPWaPPRYBq-hymZIsFvUQs6zOLma8oitiRqzMkIb2iAh65iKEhInwtV0JeDxUtTZC1EplHdrs7drl4NwpKxdBKrXpBWjwQDuHA0Dhtr_v4Y8RKRvt-SO2arKDk97vzRRIU5NJ6Qk7ZT1EAw-hjfPYyJdvQPnXxPOP4lYWOWDVuGsNquvtSUr9NnsBc06XcMvwYBJkYwv62LDUw-JYW520zZKXhXi2K9Bo3aRVuQw3SgYU-rkGUnlvzIUbIysmhrLrIpoyNNlWr1-SfG98S3NUXj0DCwmChMrrwgsfqricw66fpZ57Ha5XAubkma74UKGmucuxNVP6hRxCJpAo4zUoqBgfgeJrDn3100fwbsMHmUURK4KcW1lC5eYRE0CEJ_j6I2G-Xsh5VTL2RUFHAmjchTuqkvJf6LafqV0lcKCGrUUj6Suth8f1Q7gvrxDpCeSH6qD9DJOhvyXrA-MR8mUIl-yiUtW4S&sai=AMfl-YSYsKv6wLzRU7_XF5TeIruminNkRD4084hTv7u_-2QuMd7yAIwJzFf-Htx_ryyw5l7Lhe2A9I1eCf2K18oFpiDs0xUJ4jF19IkRuDNTWVUGQodFCD6f5xSkqit6ffO5OJn0PMadIgpdFtwe3xdlM6t1-dzdN_6Jdj1bDBjqaZT-w4pfeJ0txxepZrMch2b8FUMzIWEo80-gO9g5ae0oc1-0YdxsHBaIGXFRFksOq-6xfncMftmmXcIzGj5sRTzowgZSriZRuBJtSNKjCXuANZy_ORLsXr4areUR&sig=Cg0ArKJSzHMrWZJNE5NcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=86&vt=11&dtpt=84&dett=2&cstd=0&cisv=r20230927.00035&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpJimT4LjC61bLSs6RK3Av2nqw_6DCVTdLYThcscGP_NbgZg8J3g87fyUEneR14NSjR2unN2xcSw5F4CXamIKR7Xbzrg&cry=1&dbm_d=AKAmf-AXljVxN-bKWmAbKf6lpypyriwwfQ4hVgsdXoES7CLh2915Ew_wM8x15_vxQNVXP91EYE4xnorsmffHm8-t5Nyft-yYTwiD4nl5ObPq08nUk4wtgmFXtn3l6GgAXHDD_BXXRkjzMYhsWWDd13hDtM676vTQKJCdYcRxTyYZC8DFWLOYQwG7qL-S3t2Uc0iNtZ6VPYCGorcQMgHHhZ3KJV-EUqd3TcKXdifxGpYvjgvbFVjsbE2odn5AwAORkdBmeXvo6bW68lwJwftxnuL8pz_U5NmFL9pJDKZ1-pk1sJCj0NUMeheL4eX4yrDnBeaW6D1ItT7Pk8tf2UgIEyAscqjC7u3hmZikVF5ydKUszO-s5tyMtzS8LeS2j_6adrWqReTOd0CROkLUB1ec7FkwIVpXkhsVUp4W1XDZLBqyQvZYw56Qur6SK01q83bysoKXMUfO69D5uGCG-xJ0N4CojdiW8rtCHBC1GLntMOTSFtMRFXWpLb9XL8bBsAHeFnCVmIoHTawIzer5z63ucR-wYc5d9SuTxofJU6PMvwEa34Ruj0xIY6b8JfdNAyP7VUlRqYQZ-43Hrau2hvn9nYG44HykR0l6hV30ESuhObvao0tusrkyKmyu5v-GTvlU-9UiSph4s6SjIjWEtP1_Q0_ToJQCjy9KCa2e-t8eW37M5zSSUqpLOdvvrIG2vbwQK3ywv1_Wv4xlAcqJ22EuKDaubR7gQ9tjP5INHJDQAcNynMjOC59WX--dKKxcsl1f_7Vb-Dh_7j40xgai_KkS-pNaJaWOymIEy2mOSvnMkr7HSJJJUPyzBV8wFjXfFzA2iBmlqynxv6CIF1A9wZ_bJvsBCTn0iqI34HjVlqVh74SsbACzEgdQ1lxa-WMYMja5Qv-AcNwitoSJo05nvA-odx6CXsEYquXU0UxW9aH7gJ60uCQltsebkVMlibSYRDD0XkrmNq4SqyHH8Ar_fWW2LYGpQ5MfG0tlf-dLuj6rRzL3M4Cj-8n6mbyVCgt5H4V9dFIKhtGM3mkaBHvou7s3QCoW2b6ZLG32EdAYWdxzDwAkapJ2Fnk2trO9XJiO8Wrdtk3Y0SOMlkIbxN3VXH7SaazChJlhpKBn8nqyUvIB7dm2lFE6AwybJWE5PtzTVBkgyywxmODmtKXu8Yyi_6In_lfDCmIUHDZPfGyUCwCCbZXOll2SHtvv4xJc4LSlw7ckxjF3GUBx_O9VIS8ZVBsSWCi6MAjNWnd4i2P7tECRLaK4NKGBPwurMJbJS15wIM4Zh-npJynvl1dDi6YKZiCydneAyokPbZzPGK3C2unmv33DR8reygnIzKftaLpzz6EaSaKmzDliW03TFMKzBGl8CxRBpMAlzBvZnwROnpwZKGM36IzSNEZ1UhaC4IKnP5Qepm580tNlF0U6E-5NPj2762vbB9Mrj1viKUQt80p7wptnXlNHSrfijsZsRhP89T4da5CQgZEUlMdxMxKph25qVP2oAyNAUDO9FJz4g25-13AFGRhqnVKOfNtpQkSPvc_UFS0MHiYe-zOun4nbR37weD3uyKCGcBdrQKzC078wXBeTYA3QzL8VaRGYEY9u4yf1mdhJr3tLjFmS0CGJeNgGbfcPvuFW3-DVkyS1Qrc2GMuiGq2DVz3TD1j1lVAu9u0ZONZHiSkBy14TRLxrNz1G4gtfZbPzzwXqS2lkIFNZIcMwVsHfXLWcwxbssZUQhW8mPLPfvedy4zJOV_YEd2eHIVpXmJ3j5QYIw7eBexWHbohi70gth_lE1imSiPFuJvn83yL-BdQMV2nBjks7ii9UncjiR4EDJppPfMNQ1WX1N7_DsFguGfI4x645oFH4SJHl4Q-ROPtw9p__b-NpkhLKgDNRZYZPOQW2YP0ErcxsRfHr8JarkrX6ekBorA4rcAnngWD2Po3MawD1s7vDrA2lx6DKFhmI5uvMqmbNRu7FjcKYFrHi0subXrO4vEzBfYsklY0ISwMFIdTIrMXkqr46D1ps9AwbqDNKnjVDYRtwt2fpyTHWYlJsaEtEw2gvf0ZxL8GZIoIqkFK00kHgkvnJtxkummxf1Scbq5uLWtoo2dfIuD2vYJbQf8xc_5tLh__eoRdviTYSFI4UMaFb7V4eXQ3e_0OHbQz_31WEMWgAA7nm6HsWsdaRH1AumRboBlhrYOS5SPF_IhdH2r4ds4zAsuAoeZcYXEJCE15TUje0funkl7-76f_uuu8zMEH3atSGZoC_GS7GMwKIEuRbk77QAI-sxfVBm375353dkKULD4AOOHS9aMD1Qo-2fS_OC_u4gqZVptb9Bd2SWaHfYU9IyWcLGnLdIOpXSV9Gc76Wd0zdFS6X5_4t5MheELNmZWlil1r3fT5WGse1ThCQ-RdwF6DumF1mB_2-YKkYwlNRH4Ss51qYnvbh2LX23D_Fb48A5-5j7zPXtuxV2sv4FTBxrBkRtX_08dKSABAVgJHXArd7b7jzF90Nq8kPyuWQ_vI8ivjRso7KmayDSNxwJjnG-ZpQtCKQxCMKGY0O9beSwM-xdA0ic-DGG-UEM2QaH4l9teDG2W3VQ5OPAyZmZSD4g4J6UTsGGeMUVnFVR3lMykmZ58mQZIjOs76ipO5dgMqG9aRKPV9OI9KkgL3GfVL_vAv3_isr8IL87OXQZy9ZS0Eufj3ZTKQy29F1ZAEg94cNU4eNG68bpNYRzYdSMDsqO3J-glqfO-n4Z5zxd7xB08JNniZ98D4tCksAhvVHysQpZ6q8PmSJHcRXx8sz69b2-IRrru4k3RIoeQM4WwNH2FTQJJToUTnOFuI7l8Xa2gAGmF0RgULjoOOaEi_yzQG0QUgHtVToe3DiCXKtcdhRw1WV6VCr8e4QEdO9uipsP3UN4I-rIXgkDda-umafabpsKkyjujaHIJv5TnOkDAWyXYWBzQKc5KzQxOSqAWKUE0y4oxVX_SJaVvn--3a1BgIiAqgUiKWZY6HHkVS95uSNtuEbb26WH_9pPGFxgTRL63QcmMoEYufhlgraIBPrMEMPKHwotBX1-9CzTziqEJpbB8Utxiu8g8gZUuUuHncglgZdrVkMb_Z7FrCO5i5Z_1PvvOyPPSt1pm-CJ8SFaZId18yf4B5dTJS46kEjnGLLNP1dLDmY0kQ-aa850PgkugNVe4PCtQf8wiemhuA1C7NKA8hnab4lXDuLoR-6NvEcZIgv1UrYFwTVFz38fE-yE-iaJYCiNI9L12FyLtgcALJ5Q10BFHdO-Syo0ZMqGIUaWYjJsJ-wS1KjjicTO2u3OCGUsPz-DKehY--CQQ4MYRnvP5owKkZEhOZRzvWJ51JzP077p7i9-7JQw6Tr0-giuTa6ND6AkA9FbSqBV3meM-gzRnUWn2Qt6XogMlHAikPDAEq3VewnBFFuiR0uXl9Lx8ouGL2IZ1leGYMNJ_pv9T_w-qC34JIc3EdBTbHgdZd91d6J3FKBF6P8G2xulx1of2f25X4uCcc_acFV9FZJxJN-KuADG5C9QppWYtIA_z4b75iqWuXmSYmIgM3qZRvbQGaV4NBd8F8XtQCQNHYfDGVHkmN_afGk6oidgZthEi4mzALKeDwicqRnmTjaYkcdO8WcMWuTiRIGtFKnzZdcBQjrkvihYjWI5Lq2ZwkctepTAknlvxMFVZND99pDC-0-IrPTaBmII1cEFFBZMYR2PMAbtji-cau04FRkEOPdb-k6nJYuAxV4TfnxS_dsL3p6sCUMBehhhXpx3W_icGByWMT4Qww4Hy9BAf6HyA3hquBQL7jJZVg_HPx5al41-jwVukcSw1PvK_E9pxQWKmU5qLBKbcsZ_m0PNyYrBM44fTQcGnHADVxdc84gcH89rQ28zh_mvoRWYZVRvBtpd0lC3Np8BxRFJpdoX3tU4QaujSVvGf3WEfYRopyzb_r-16hemm9qd8NrF8m4X7KM6NrDKvln43_Pr8QjAOt87cIIQl1t8PsqmsGnNBM-_TJ5qe1CEhggIpnV7TW_Hv1AcxCuhP1x1vbfyvlOpOWD9BH-Dz75Hqkfe8_a6J9-sG22fwOEVyI5dr7atde6YXSG9iPx4P9p8YZlGBiyFMn_9LhJZrPtFGMSlvuZM8SDw3sh7Ujbqt1Icq5_fKDROaWEVVPtQmoEwMGE63xTadTI1gJbzMn2PA4fCS4H127j1ZxAosh8gMohUZ_bAbJFy8gvkYsWTQmogkyA2FMtPTcPAaPZF6TqLLzLLItcRI5VPAeL63_TevApbZMMcPPtwPHA_Y_1PQpCWvQzmSLUHUetPGVR6o5Dvylrok4aNjIh3L7XlJsy8CDttK0QTjHFdQUa8jLzSqYWLYCua6eQMXAmVGTWfgtKQg2OhiGM5vEukX4FJ8J5m8tbkueGrnNQGHl8f3FaLX_eJi0XhsMlHDQa_93evAJmH-pW_rQtKX1gtvgp&cid=CAQSTADICaaNyW0sJJPmEOfFhdBZB5kaifHCoRFUExw9rBJlaHW24uqccAw_UGL_8_uUxL3dDpPOI8ZAMG51ptKNuaRKcpd-PTDjqHrIvZkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsanovnikat.com%2F&ds=l&xdt=1&iif=1&cor=16945681009573680000&adk=497053795&idt=136&cac=0&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 42E9
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
44649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 04:33:02 GMT
expires
Tue, 01 Oct 2024 04:33:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js
pagead2.googlesyndication.com/bg/ Frame 42E9
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:38:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
508743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14917
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:38:08 GMT
csi
csi.gstatic.com/ Frame FA22
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ln94vo65&c=1458904453383&slotId=729452226691.5&qqid=CIGqq9Lq14EDFT-afwQdGMIKeQ&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C44803996%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230925_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c1f::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FA22
9 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 21:26:59 GMT
x-content-type-options
nosniff
age
156612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 21:26:59 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FA22
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 01:26:25 GMT
x-content-type-options
nosniff
age
574246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Sep 2024 01:26:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FA22
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 16:50:19 GMT
x-content-type-options
nosniff
age
432412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Sep 2024 16:50:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA22
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C_dm3ZvYaZYHfM7-0_tMPmISryAfuksXncJSC9MD3EfAuEAEgiJeNDGCV6oaCmAegAYLk69ApyAEFqAMByAObBKoEmgJP0N3LTIYDcmH6TTLtLi-aqp4LRiee3B-DbreUymCwFlWe7VNUld3Z_HP-eo4IUhPW7dtNlwrMYrROvE36K39_j7QnCRxIDUYXoYFBIZI8XDLgWjwoG-9_2ZOtEsfDGp8ZBo50LnPXsu5446KxDUO3OJEc9h3j0aBsJPOEccZ_gXe4-CyC_Hdflx_ddPQogIz3AjTNg8e2nRH1_5_-2eOf0YJKqS_3K_1Ocs02WjOjZMPRwNgPPVqPRRtqhr3K_BwL2Zew5MbumDb_OedoYXeMUr7SlwfqMmPft04Tg-7lAKKNyFh9yXvwSYTwDs3SUcWHwcuV9vVBNBgw62WB_GI8uj8gviCVs5FFyhgqnah-dP2t6qMD6R7NVhzABOftyIq4BOAEA4gF2-7MokuQBgGgBnmAB4KcvLAEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGqDQJERcgNAbAT0bXhFNATANgTDYgUAdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1696265831487&ai=C_dm3ZvYaZYHfM7-0_tMPmISryAfuksXncJSC9MD3EfAuEAEgiJeNDGCV6oaCmAegAYLk69ApyAEFqAMByAObBKoEmgJP0N3LTIYDcmH6TTLtLi-aqp4LRiee3B-DbreUymCwFlWe7VNUld3Z_HP-eo4IUhPW7dtNlwrMYrROvE36K39_j7QnCRxIDUYXoYFBIZI8XDLgWjwoG-9_2ZOtEsfDGp8ZBo50LnPXsu5446KxDUO3OJEc9h3j0aBsJPOEccZ_gXe4-CyC_Hdflx_ddPQogIz3AjTNg8e2nRH1_5_-2eOf0YJKqS_3K_1Ocs02WjOjZMPRwNgPPVqPRRtqhr3K_BwL2Zew5MbumDb_OedoYXeMUr7SlwfqMmPft04Tg-7lAKKNyFh9yXvwSYTwDs3SUcWHwcuV9vVBNBgw62WB_GI8uj8gviCVs5FFyhgqnah-dP2t6qMD6R7NVhzABOftyIq4BOAEA4gF2-7MokuQBgGgBnmAB4KcvLAEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGqDQJERcgNAbAT0bXhFNATANgTDYgUAdgUAdAVAfgWAYAXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame FA22
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ln94vo74&c=1458904453383&slotId=729452226691.5&qqid=CIGqq9Lq14EDFT-afwQdGMIKeQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.le&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230925_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c1f::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame FA22
25 KB
17 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BqcCKDiRpH87wlaLAJUDXbtArsAMWuuUs5wHAYtoyUmWZiB0kNSctni0eSFWaE6QOu9ME8bikeXqalD-dIptLLX8Xteg&cry=1&dbm_d=AKAmf-Dm3k6KXYMY2KCYy6P4sjvd6Etc1nbbfY1ZMJu15kRA_PJ4rBscut8xSEGQ9Nwv87rSQPgNfSGpAfDommh5YKRDarYerO0DiUemdlIu8Ei-_0Tb8SG6mY1ZfsOunZPg7pnw8QSNPZLq4G4yTpKNMob6ZMIYG0M8Njnhxp-YOb3xwT1c0zPoUDKnwVquxx5I_t9MPNrMnVOsOEUn6h2FmPWOwIYSfiMFx3EWqRBoDDfyPfLDfzLplpqQ12_KGpYNCSz97su8vASPmoW6ROL2xn8pjYClWWNsAVl-kTckcRiEol1d4RVsvl2VmGoBE6d-i51XN8_pjHtPxFBOwgAsNHSL9ITd9yeWO765mNUER4vxg1zSL7ME6beJYvrjkFKYYCQyJVjXF6uXI9ohdtTtLjy3lGVsGsrYT3B_fjyrpOYTHuXgCiId64-YUUDk4t4ZCr7yGS2nKc2VpQGy-0HGp8XWEyZQZuogVKDtAupHO5KbTmvk-ohtpwn6rUOp42w5TE5cqhEWQcT9yhl6hnkQSZadisBqNEVRLO7z4k7LQJIc93tI-AkgY1C7IVLcFXo2fA92jxXIjT0K_Rozizts1_T8BzB1jrA02n4OhVEZFfm72I2pD7agU-oL_Jj6El-xQWtbTwJxKJevP7G7fo0S_QZj8BudS1DHueFJTdIapaRr9cnrOQNIR8U0fMFhe-F6ARLcNiarDGyrwp-3lMa2n0PYKv8WgVVkWo-h7LzZ0n2ZfZHb5Pmfb1Pf-N76qW3vbt1LX2wTTYDtrVSXe0XndezZpdkfOsFGywixjzq5NjCBcIHJ-zBLZKh9RCvpkordj_1x-3iuVlfwSPoHf1FatDDdu88B68BvBD_5CmFD-FOJK9F6tXIQs0BJDndA4d6UmEpAlZrUUL_MmaxihYywHK_U5u1nwZthdupDYJOn3JO8ZPAE17BOhuYHoJNKezfN5yf1jF1hVpmw2bub1HS1M_vlYxnJgBT34-wAPspu1Cd4cMPHHVy6FriWjSgxSr6AYfkmSp4F69obSLZB4D5osgstqhuOuOypO4iSwtZ-xwxiE4i3OC3SOoNC2yUAJsb8FUqmMNuzvo8tduAg0yJ-TYif3CitF82hyIULY5fsh35idAiS3EX0kHHKzZHSC1zIb4zruQHdsgwSbX6Zp1KCehrYjThQ3UqIVG7DGd7N0HKIp0qtImGlRBnWwTt_chzGdCD-hBc79LFXz8K1d3uKbRHbgTH-nD4VLvo4ScG8zA5kLnvqEVK9s9AthCT75TSRTaCCM81y5LC2gzLjSkNvbU77Zu1Y0ptEV-vosPapFTzT1NOdLSEmQmeQDwpYOpPbtpHQp97EPFCW2HuCYC5LRWtuV66oTjsL8mQaU3xs1gewhAyyLnR4QYnWTtj__4mkb_paWI35jvtDqNgxdgHBu7dqaJgWy4gVi3YPhxtTGFUYRSSBI_PP6AN5HeD8yIAmlsEHgMSz76OWz0NTcdA98C_vRx-BKbSsLnAEeZsD1VasWgznEq5hIiNtdRon2PZPQKdeJh7HXOXsByjWlLwlwqH5nh1_1GncJvjcVJcnNMrXc8RmeQhSaJKIEEat_wLxwy6GZLTRmbfPDZGN7hM2DC8ociStmoiZ2y8DTu3BbuwpFwlqEDsyWHOl7kEksPr3knC__zp7JeWdTHaHmRDptAdJrKvUwjbWCZplycrrBNwd60_wizY4O_d1B6cQInl1iq_otJ9u7pf6mwk2Jo5_8kiwEHRXl32rVQwztGH16JsI4mVtdXpppJEyU62JMErPPftfYmnNMzvx-vSJ55pRRE4WB3XmFTz4NVoeelHQZynIfJU4jS68caltK9uss0fA4dqcEFdiI6aqg3Uui1vRcGyraGufrLCpMYIRi3qu8FUSeQ4BeVkOwK9KR9rntqIQv9uPbSkF80Caw8bU1zil1MANhjH10xFLbtmtXjp9MhJjDjswKLc5i4-o4wTwIsi6Pn3mMSVZN2GD9lREBgZiK8EQ8nFwOnahZrqzOruqUMFIOSwnTycW2vZqTV1NCnrtkjiuoMNFRqYvd-SoFtEZUrbg5Mp-Hi9WoeS-LZStN9aNTWOPvrAIB8e8DYrexaUWM_3RVGixPCEzy5MEP1EmQD4dVHAb7QghTERFWAUhAR_DZdSS_Hl8OtKIUh5ALTWEPkhaEebqqFmScMNTiyUMMog9iQc1_gt5uyCXkpoX8O-N8KILNPNsboU_Wh-DVURbbjFjh8ptbw4l2nnC2nlJJQOwAo0SpoOMtz5H99PlfQaxShGRBQblSFQOBlar7peKCrlelA5NUa79DRH1RAe8jedOuGtONA4ri4kIvsn7tS4J0wG8Civs5rGTy9Yzw8bcqxmcoJUdxXOje2b4toIx-RzCy-OEh4ETpJgX2bV2bxmtlwxm31y97C1Ci_j3yZPtOwGfghuUZfPHIxe3WULgkk-bjstooXwZIu50jWxCmT17yYDiGEdWP_hmZdt_dzHgCsQFB18XxkOidgbaDEEpOrQPN19z6eSu91rrsLbYYIq9_HicPZk07rsZPbVGRibdLXGRZ7Htk16gmENzpved_GJSr6-pN1RCk68R3elLlW6O41k4smOIu8rhJpt4k3NNyy7NQjS-CX0OFAg0hfatSu82PQVhIndlLAIaS4_UbkubMHLXYJuMjPzYOxvIN3_71N1wibnFo1wqvNvu_OBVJ_AVr8rLsT-11H8cVYfpoAA34FPpLVz6HNzJKOKfj-q9BtWf9wMLBJb6Dpluxqtjv_2HafGqbiUbRHIAgYhEH6b8F07yxPlc7GzBmKMB03En3eje5_i6i_13HFYzDAXkiGCWADP22qYrwCXAzJQ4NQSDa6AWNKUntxijpUEGXM4raHR4F6DWKDqPOXcc0TO9H1YjDWOdYfj7hlEcSKEI9diXhVNiaFx5RR-4XN1uwKn4gAZjrY8V6X1GDawlgZsfUhkCfu6t3l6CM9rMmjdtL2I1wfrPSKf6Cz9vat6tdMBBjxrJz19Xx4JPaCdNP8p7Kt_ecUI06aAl9ZxSDQ0jSSQw2C0pdVYLQeZDzAjGUy1sKUyTVwGg8lb6sgywZFuALFfVU9Jb_fTZqYlf0kr5Y6EwNK0_yWbX6sDTJXrX8kqTMweuAA68qi8NN0rqAZfVIxYTkINa-T-fQJXQ6R14FeI7XlcZvsYwqu9tqbsYmeZERO2m_I3P0CSEKRueebm7ZBN0_KVWpRmugzG3lmkKb1vLdPVJNn7_lF5KCvcOyKbhWRLIh8rJNp-_72t6BvFcy1WQTkW4VtdC0-x6gHV2srRCjA3vr5UaWMS8D2kSuQH6V74wIGBYZPFxO-jmobXfXtHqD8nEYSZ5hUrctA_wC_KG4knSxXeQMWHnspfJCZaJVc8Sx9lYhayvVx8qR5Tz-uos8qc05AiWmJbqOJtU1wY63fIGrW6fjxTH3t-PEMQkhGjxEtSvdmKBkEwlnZ7PRsvPv-xZr-h4HredRRrnYj8tMayBbdXoXHAoPi5udr-VlqxHBBDuDTj-nbffwy3nkF1NRrssOG_-6iF6tJdEyBcFqX280gcvavUhg9j2pkkbfYHDnBnxPRNLlsuUt-O69fq2b-1Wdo3BdT7BV2VCc2MslP7NuJBzRKFZuWfr0WthRh5eEkmI8pjrABodSjck3czBUrVSBDcOTxunNLHWyH56Fr-zz5gr2-MWb4Gr5TnJgrD843vb6ml53Z_iKXJ02ilgWNuvZ9ZTT7VPQSeUXH7pZMGLAhBLEzYDIRtMSaN0WIf3E97p-rj7Gbkvajtv1XCx3GRu7oBGNYELmsAfFBYuOaLlxKtF0UVoDZcGOnxHMxXPwLxNx3KNMvQS8U6rRskTZcK59cuScoKhvpyLxFw2AdLhcorA95nHNXIcTElVeokiu6U5BYiLgTzcbgZNDw8mLLQHjaKCa4-o0fdRsR_SQeqDtCtB2ediZ84eFBp2R_S1DgDGRpFmNtoxkztVcZeMCxNkzOHNIANJDeJL-9c8Sx0-0rtM781q2XMceouCxmAAZUDVUruTWPMxPnyKTiSNMUOPAu5av6kdqTQCXjuR5IIVb9xfFV7jrdK9h5fkZkFvaV-xo77RBpVhzWx5edq2DmAElTOkNs8sf0SfBZI2OxOw58BronWuvHy34_LjWAuKoSfatdQIBWO2DPolBIzeQxbPcFFVaqT66Oz49uOp4wg6UZ6fMcC4MtQWCZvgThMHlrroTl88b_reTEGHj5GKHn-1uCx5Ps-6SAOhoseILjIk5mkMN-AVvNNkHhngC9zygq9I90ueWwpeJI-Cd6-kVbIcnINCz27NHNugT4f4vjQUwYYaVC3uqREBsi7_I_yeE-CZt-_o3kEOxdjYIByqhKm2oA&cid=CAQSPADICaaNNf2LvhVaxaBc6TarXQHxQb-_ZHiJmz5DY23utYdVNOvKWcIAPUFXEQpr5evjQI1CsMzXLEuCkBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230925_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f156.1e100.net
Software
cafe /
Resource Hash
82e09faf9500f44251ad137d730b62da13d8485f96cb813d9e7c6e9d1da8917f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16553
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3D4C
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Tue, 03 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FA22
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
738b3fa282c4c9db3cf6c2c247203ed637909a6745f0c26ed6eabc193e31451a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6132
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5ikIZvYaZdftCpOD_tMP0cey6AcAAAAAOAHgBAI&bg=!Q0ClQA_NAAZN1Q_XbdU7ADQBe5WfOMgHw8JFfKMFz1zSA-jI4cEfe-kOWlkAkHtAYgjX6K571FoS32h9HvDd5w-VTfywAgAAAP9SAAAACWgBB5kDAtetToWue9JI1Z1AcfscAKQ8y4zcczBuCv69FeQVL2HFChHvfsCUMl7h12kUjKjeRrMZ2d956NOujofN0CUu4MD61M8UoAUq_5S4NCH-EPrOqiKjLgfnK4VdLRHMIvRKU911lRtvU132q8YngPpsd4XFjl3aCG0sIdJUlevNszqJz28SA7Ts7m-71py5M6A4aCKSVvBlogvz8ikmaiqSqsLtfLFsAHrCxihZWHuhcBeSf49zoR4_C71vyAawDJkOjFbNlEc17RqLIVXnmIVFlTQ_7QyZJLCMaoPsF_n3nlkYoUeIPrt8LvCnxgK-1aOtCJy9iiwRixUlmqtZMHgret34x_nv5vPBt5zIaF7wxmQZXiQzD98q8TKo0FriXg6UU7R10sp9RczDo4Dikfo8SamlnxpOd4JACvjn0FLcqteNVccPrr73dJfGVSQrMVriw_ip3c_QThB8HPa1Darex48VCIfHQGRrpv3pW8U5wiT64bqsBHW9QwzxvUqx1leOqhIGb_qk2QFDxes5UPn3B09Bjf_l7psLMFJ9OjMBg3wgtpze6ukgpN2AzbsW8OKH05vSnFmeUJDCPu3LDk1oilkQ8wLve3JwU3YSvAqCttwL3uRzDEHKJmoXv4UqH0Nk_6u6HVAS41qbRXOiUrHlObXCJsEybEmLzkfQcC-1C8wWwYcl3Kab-lAXC7rPOxDZa5-48_vXydXxAV3XTdtXoVYHvT09htainmilhuFkkKy7qOSB3b2AMCp2m5M1-e3aMqZVhXM1o0s2OXSCdsR0gxhfWD2dTyT7I7vca8SwmdkzwWmZSwwmfzZ3SEeXVDEkyzzwKtqCcNaa-bxYPTIDWqbawoGIuGlytR_SDpjwE2Ichb49qEoUBPG_ohjJIrCqRF1aIoMKZRwcDPaNnJ9FOiZF6UnHAnEUB5-tI4WOs5DwJfhqo7Z6_gYIAx_HTL-8QnUovd--p_8Mzqhr1bA8FJ-8kO09obAtLfVFcl2YxTPTa_Ouy6cplkwm-T2JQLjLoVu4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A87F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGtDAZvYaZdjtCpOD_tMP0cey6AcAAAAAOAHgBAI&bg=!S0ilSAfNAAZN1Q_XbdU7ADQBe5WfONugFb_bPiW-b_AZuVwjeb4JSMZrl2-TyAMbuDzEFHTrHeTzRYhxl7DN5qH3sHE_AgAAAP9SAAAAB2gBBwoAgn5V5bHvUKbaojZp4kb2WeOlQtJ3yMMTmr2G-hKoOynXR4IIS9slGmuiL1PwidQB0h7Cyh5aP9Ubj1BPZQeCcFugWV3pBzso2xFoCtLY7c24ToVWmbhbSPkDveoETMMiqPg1_LnXVxRdQAEcvek0RAp5IU-Gg9LAV07KkLIKoBMagDmZAv0Wp4kIiO1vAJ3ZAfJgg-P21h7t-nKbWgIbzNRt1zuzYmNo5QWCKA9ToLLTg44R1Kcrj0jr0P6wbOye3hiPV4VOZ4rLK66GIco6XqBM6lX39GtUi-vlg_iKWBc_R8TmGv-mfLnOpS54c3wXHOlcnJBSFKEXYkgaiilxgXmATNqHNL7DeSWAYJbkdn33K5ZPLg4wbXRk-f2Ucsr-pLbDS0wV4iEBIdwJNTjqFt7wW2VpZ1Q08BeAuPBwEBCdVS49iU2ZAycM5jncsLyl6UzYcGXPC3Bz-Y7kEyKoph2E98iOBzh-x1p1_mg42Qy4WPoxAkB-cPGWM6PbHSFosUNLEb8UY7jdwSZVGv4kHV6J5kvHq1pUCFrF1Cs-OM9Ph4i50ZUJhZfxqKpCo2klnkyEzvfoWKbrB0YzT0hT0Iqi40O07vXch2ZNDtSIknQbgWxJuT9kysVAZ7_GJVJegr-IYoRWhva9gXBdUIiNFDTh2Du_Kr_PaqQNIv5UpPvnoE09e_2byK7UQ4X-R3ocw627iTpAdoBwrbIgHaPoPBxQJvL9mPHTAKau69BS1Y6EddgjkE5LVV5_7XZlcKBCf_8xftaxXvJQJaiu4etafuaN1LmRIvyPMoeNtsrHYfuxqTA7NL4QevKxeK464nBfvJ6DwzTUoKUDjEvwbQqKswaXTciYIgAd-rEhzwaTdYDULwFB-bNRoYmHnEqZkuyOZBtnVhFwwFaXcrtxfhZvs4fF9AuqQK684VTRMNKfOU06LpDl5vhd2IEWBYoK4wagWVrfO7C25IQAFtKOrpsM0wEc_yT2mMVW85fV_GVArLmxVe0g29vRm6_Z3N3HUKCi_dijuNozwtVeuC7H3ovYY6McW-FRSXuOtjdYLU6xbBX2LQo5_juS_a_XIOZqfnmRpgFDKcXg90Vs4psoNiQk9FkgSLXsp2bmm4EzDDhmT_au0swBozdagXUAhenL06dIzxkjyB5mo3GLot3uey0d0JR3GYJdymP4wbscvyxNp8Y8dNc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3D4C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM3pSxaX8wPjkJuMMtpLg4U&google_cver=1&google_push=AXcoOmQXr0cIKJ2EsrjUlAA9B2jDWOTNkWRBprIVl8C0A5OZHdrSGLCF90GTIfhMVk_oGjFxQNYVVEfBvwrwBHgvB_lWM3AALHE1a...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY2NDI3Njc4NjE1NDA3NDg0OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqmJTBK5kSDsUgCnndwtSQ&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqmJTBK5kSDsUgCnndwtSQ&google_cver=1
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqmJTBK5kSDsUgCnndwtSQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 3D4C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGVR_cfx3vva6Il01BrLihQ&google_cver=1&google_push=AXcoOmTbjT07MOv50oEnXo2YM4kLpJ8VhZ5uSuREw3D2caC_V0iCzji7Eek8j3JseR4GXnjlqLSO8LI-ayBijW96C4ojXAF8y5fkV...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGVR_cfx3vva6Il01BrLihQ&google_cver=1&google_push=AXcoOmTbjT07MOv50oEnXo2YM4kLpJ8VhZ5uSuREw3D2caC_V0iCzji7Eek8j3JseR4GXnjlqLSO8LI-ayBijW96C4ojXAF8y5f...
43 B
451 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGVR_cfx3vva6Il01BrLihQ&google_cver=1&google_push=AXcoOmTbjT07MOv50oEnXo2YM4kLpJ8VhZ5uSuREw3D2caC_V0iCzji7Eek8j3JseR4GXnjlqLSO8LI-ayBijW96C4ojXAF8y5fkVq-AveZrMlVr9Th8NLllBu5_0nTW_qkapMOOkMj5D8hhsdUYb5tviYvS-u4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTbjT07MOv50oEnXo2YM4kLpJ8VhZ5uSuREw3D2caC_V0iCzji7Eek8j3JseR4GXnjlqLSO8LI-ayBijW96C4ojXAF8y5fkVq-AveZrMlVr9Th8NLllBu5_0nTW_qkapMOOkMj5D8hhsdUYb5tviYvS-u4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:12 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
80fe7ba9bf382c42-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
141
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGVR_cfx3vva6Il01BrLihQ&google_cver=1&google_push=AXcoOmTbjT07MOv50oEnXo2YM4kLpJ8VhZ5uSuREw3D2caC_V0iCzji7Eek8j3JseR4GXnjlqLSO8LI-ayBijW96C4ojXAF8y5fkVq-AveZrMlVr9Th8NLllBu5_0nTW_qkapMOOkMj5D8hhsdUYb5tviYvS-u4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTbjT07MOv50oEnXo2YM4kLpJ8VhZ5uSuREw3D2caC_V0iCzji7Eek8j3JseR4GXnjlqLSO8LI-ayBijW96C4ojXAF8y5fkVq-AveZrMlVr9Th8NLllBu5_0nTW_qkapMOOkMj5D8hhsdUYb5tviYvS-u4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
80fe7ba85de32c42-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 3D4C
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPlJa1rmAZS5FUL5MfWhwuA&google_cver=1&google_push=AXcoOmTH2UgyVBp6F9X4HTyNbhDNow_IKHuJl4X-mXAO0BCPHIGoSFrxkIyaU9NzNsFcwvg6yM9xmt-26-O4J6bXam8zOyD3-R9R4Wi6JXTutGnoeLN0fRFmGdQ8lFIpREU3XL0UNiEvZ4BwpuOjAhIVLc-r-98
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.113.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-113-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 3D4C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMjwMb397hH41bQJYNMu864&google_cver=1&google_push=AXcoOmTZok-5H4seNuDbWixubQYYVXQ2QdxYC-8eyIkaaLsL3bv4VsHdn_rODcIpgGYtiSZkb36PNfgS38l4mFDQDi_B7e5...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTZok-5H4seNuDbWixubQYYVXQ2QdxYC-8eyIkaaLsL3bv4VsHdn_rODcIpgGYtiSZkb36PNfgS38l4mFDQDi_B7e5LCa9rT8DPJIqt-orIzs5HA1sGX7bIp_zvHxN2I...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTZok-5H4seNuDbWixubQYYVXQ2QdxYC-8eyIkaaLsL3bv4VsHdn_rODcIpgGYtiSZkb36PNfgS38l4mFDQDi_B7e5LCa9rT8DPJIqt-orIzs5HA1sGX7bIp_zvHxN2Iu9BaW28xrsc_-YA69iuFkUvbw&google_hm=eS1NUU1qcUlsRTJwSGhCaEpfSTl2c09FVHlYbDRsRGdtX35B
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 02 Oct 2023 16:57:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTZok-5H4seNuDbWixubQYYVXQ2QdxYC-8eyIkaaLsL3bv4VsHdn_rODcIpgGYtiSZkb36PNfgS38l4mFDQDi_B7e5LCa9rT8DPJIqt-orIzs5HA1sGX7bIp_zvHxN2Iu9BaW28xrsc_-YA69iuFkUvbw&google_hm=eS1NUU1qcUlsRTJwSGhCaEpfSTl2c09FVHlYbDRsRGdtX35B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 3D4C
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRit9yJAonGXH4aUJgu2-h1i7LeP1y88knVtvDi__uxikCWb798xIcOxWtx5QfScq4VZVhQxLH3PWQabrHje94mobT-whW_4asbn3UEu6UUDMuLYFcbhv-KAFH1hxZS22O12V0tzcYJdYhV1pCivlkViOk&google_gid=CAESEO4FdJlK2NKE1_XzcZGe2uI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
195566
expires
Mon, 02 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D4C
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEKNMcAY4rO-hBy2Fgp7wsFQ&c_param1=AXcoOmQBrVnGr9af8T833ya1qhZgUiLTD1Zwbfc4_KpGIxjLfm0Q6CFxZTpexnxpx0pcMl3YBMu_jMChsXcd3SstwBVz7FsdBd7QW_hPaLgpGDKQzS6...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQBrVnGr9af8T833ya1qhZgUiLTD1Zwbfc4_KpGIxjLfm0Q6CFxZTpexnxpx0pcMl3YBMu_jMChsXcd3SstwBVz7FsdBd7QW_hPaLgpGDKQzS6fnT8o1dRa42A8XxcDP...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQBrVnGr9af8T833ya1qhZgUiLTD1Zwbfc4_KpGIxjLfm0Q6CFxZTpexnxpx0pcMl3YBMu_jMChsXcd3SstwBVz7FsdBd7QW_hPaLgpGDKQzS6fnT8o1dRa42A8XxcDPPRs2xoEwbrWrBPIfsrReJPby_4
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQBrVnGr9af8T833ya1qhZgUiLTD1Zwbfc4_KpGIxjLfm0Q6CFxZTpexnxpx0pcMl3YBMu_jMChsXcd3SstwBVz7FsdBd7QW_hPaLgpGDKQzS6fnT8o1dRa42A8XxcDPPRs2xoEwbrWrBPIfsrReJPby_4
date
Mon, 02 Oct 2023 16:57:11 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3D4C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOnhfyAAtIh_d8sLMFd7ArY&google_cver=1&google_push=AXcoOmTvkw30gqe_CerMxudzih2czcW43HaZIuV3sG9EdkMH4O0J4Q-iKHq8rYiS0OV99qUdX30fVz9K...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOnhfyAAtIh_d8sLMFd7ArY&google_cver=1&google_push=AXcoOmTvkw30gqe_CerMxudzih2czcW43HaZIuV3sG9EdkMH4O0J4Q-iKHq8rYiS0OV99qUdX30...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIxODEyMzM4NDU5MDE0MzkyOQ&google_push=AXcoOmTvkw30gqe_CerMxudzih2czcW43HaZIuV3sG9EdkMH4O0J4Q-iKHq8rYiS0OV99qUdX30fVz...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIxODEyMzM4NDU5MDE0MzkyOQ&google_push=AXcoOmTvkw30gqe_CerMxudzih2czcW43HaZIuV3sG9EdkMH4O0J4Q-iKHq8rYiS0OV99qUdX30fVz9KL-FiJZcUyajnF8MUDzNOTQHHXjVesrey4_IvWQPfaXRu9YoAnbW4lST_8SkZrB4dRPamUthqvVjvfd8
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIxODEyMzM4NDU5MDE0MzkyOQ&google_push=AXcoOmTvkw30gqe_CerMxudzih2czcW43HaZIuV3sG9EdkMH4O0J4Q-iKHq8rYiS0OV99qUdX30fVz9KL-FiJZcUyajnF8MUDzNOTQHHXjVesrey4_IvWQPfaXRu9YoAnbW4lST_8SkZrB4dRPamUthqvVjvfd8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 3D4C
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K4xWTJ1VHWOkw3LLQkFUMBpvHQ6zN3EsBRM6PnEDsZ1T1FsmBcouCMdRd8Ou75ie6PakNZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 42E9
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOoEiZ_YaZfGYA6ScjuwP__augA0AAAAAOAHgBAI&bg=!lpWlldrNAAZN1Q_XbdU7ADQBe5WfOLk208CAPRy4Ba9d13Ss_FDnVHqqYjVh3lfGkf66Feu5wijUBAzUghAiOZr48lfbAgAAANZSAAAAB2gBB5kC_z1DXFBHhaFsQ5rCJ_soJUoi4oMqsSxfc3e023Vp_Ye31tR-4d51DmP81AFmtl1xomq78EvN4vkTgJbln0ELT8iO8NtX7TJkRB2sOm4n_YgiMNzvCTda9m2AbDxnKkeFvepASA4O0iySRSRd6jAhW0knaxvVWZizVzcdCUL1xOgkEAUl8zQtfX540wzXQJfkw6TcKIF8A-7msWOhxPSoodMswVZ8ERCen25sQigorf_DsZ6Xd_340r9Wo3KjwwYdW99TcRn66x3Y-LM7Ik6mX4jAn5olOLRZVyT2jVxNnp5MkwBmSPhzwNmmwuu3mGSMJo3QkawLE0TYPdjCZEP0dtAV5Qcc4nozs60CgZpkOMl28mK9WWDM7RHObEpMa03M-Z0HDiyz1tm_-TwnRRL8Z2q3T-RE3osn_tx1oRdvGpyPa4OV4bVEfR8S-7nDSpYxPbBlP7vFeY8RR4kYTCVNfn76to38tDGx8Fuo5Yt-MmXtqu-JNhatxXpoYNjP9qutEtDEWKro3FB4b0_XxcK_xpo-18YeacqHxSbJy9Pb1zpMcVgAvPvcykebLGgFOgN5qoIWCU0Rd5zuUkE9YkN_7_2idrubAj1g1UK1R89iGVVchGX0wK27Rv27rCMoGoPZUHMQRytCpTiB_8ijd469cSFW79XmjLH8AnLHUq0za7lvmfDAtaxRqHf9DnfEIBfIvqWCX3BrLn41FYm-ImTo-mahrE7NHPpzXJL-HZy3d4uWyn3yDDOshBzRu6Bxe23OkpO2o0t-oV3oKwHHNeuExrRi1COAiDV67KvQeM83pj4yyFLLO8ol6v_Zks-K-cuxdrKjvKvvEUIYJApnEBSoH-qHoQKycje17hnADJIiASaEECsTosOILF2E1RE6WVVHi6mYNNmgy2qU4aBtQ6oRSGKXbgR9X0IAU0NGeFl0G5jnASBOXBq4fp98Goxh6Tlqd0lFBISX6MZdY16uqvu0pIWQ44G6uM9TYRLJrbYCTSYCvZdjHH-DMXKjO_lEY06k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=309&slotname=3249978591&adk=1088673156&adf=1183831810&pi=t.ma~as.3249978591&w=370&fwrn=4&lmt=1696258630&rafmt=11&format=370x309&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830387&bpp=5&bdt=1126&idt=5&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200&nras=1&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&rplot=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=343&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ZQQguldsjp&p=https%3A//sanovnikat.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FA22
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZ8kuZvYaZYHfM7-0_tMPmISryAfuksXncJSC9MD3EfAuEAEgiJeNDGCV6oaCmAegAYLk69ApyAEFqAMBqgSXAk_Q3ctMhgNyYfpNMu0uL5qqngtGJ57cH4Nut5TKYLAWVZ7tU1SV3dn8c_56jghSE9bt202XCsxitE68Tforf3-PtCcJHEgNRhehgUEhkjxcMuBaPCgb73_Zk60Sx8ManxkGjnQuc9ey7njjorENQ7c4kRz2HePRoGwk84Rxxn-Bd7j4LIL8d1-XH9109CiAjPcCNM2Dx7adEfX_n_7Z45_RgkqpL_cr_U5yzTZaM6Nkw9HA2A89Wo9FG2qGvcr8HAvZl7Dkxu6YNv8552hhd4xSvtKXB-oyY4e21OYQfKKSORcbZ_YaR2-hwG_mhSW-m3YGCpre_GgsjuccO3AxqhGUJ7oG0NEsW5vhNDIEBrVLdotTu8WGZcAE5-3IirgE4AQDiAXb7syiS5IFBggDEAEYAZIFBggbEAEYAZIFCwgiEAMYAUjXsPsBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ5gAeCnLywBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKELGEBhit26vsAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGwE9G14RTIE-Dv9OID0BMA2BMNiBQB2BQB0BUBgBcBshccChoIABIUcHViLTA3MzExODA3MDkxNTAzOTUYAA&sigh=ZBNWumhD4LI&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNNf2LvhVaxaBc6TarXQHxQb-_ZHiJmz5DY23utYdVNOvKWcIAPUFXEQpr5evjQI1CsMzXLEuCkBgB&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0731180709150395&output=html&h=280&adk=3868775074&adf=2187934188&pi=t.aa~a.2162043785~i.16~rp.1&w=708&fwrn=4&fwrnh=100&lmt=1696258630&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1095310004&ad_type=text_image&format=708x280&url=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&fwr=0&pra=3&rh=177&rw=708&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696265830723&bpp=2&bdt=1462&idt=2&shv=r20230927&mjsv=m202309210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85fed554ae801e3c-22336aa324df0080%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg&gpic=UID%3D00000c8a56c5dd09%3AT%3D1696265830%3ART%3D1696265830%3AS%3DALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw&prev_fmts=0x0%2C1200x200%2C370x309%2C708x280&nras=3&correlator=4218111838503&frm=20&pv=1&ga_vid=548593582.1696265830&ga_sid=1696265830&ga_hid=1976156223&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078297%2C44804173&oid=2&pvsid=2089408493050378&tmod=574582089&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=aiTvGP8Xj7&p=https%3A//sanovnikat.com&dtd=11
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 02 Oct 2023 16:57:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame FA22
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ln94vo7p&c=1458904453383&slotId=729452226691.5&qqid=CIGqq9Lq14EDFT-afwQdGMIKeQ&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230925_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c1f::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
vast.doubleverify.com/v3/ Frame FA22
18 KB
4 KB
XHR
General
Full URL
https://vast.doubleverify.com/v3/vast?_media=3&ctx=1828362&cmp=189093&sid=18330&plc=6689122&adsrv=29&blk=1&aubndl=&turl=https://sanovnikat.com/%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA/%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0/&auxch=1&pltfrm=1&ausite=45036155347&autt=4&ppid=103&prr=1&auevent=ABAjH0gtq544iLuLAJJgHP0lIBH3&c1=3060631&auorder=1012742112&aulitem=20205221723&aucrtv=495644077&aufilter1=3060631&audeal=&_vast=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F8%2F189093%3B6689122%3B208%3Bxml%3BDV360%3BDV360FY23StockPSPAudXDEDSKVID1920x1080%2F%3Fgdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%7Bs1%7D%26us_privacy%3D%7Bs2%7D%26pbMethods%3D%7Bs3%7D%7C%7Bs4%7D%7C%7Bs5%7D%26cachebuster%3D%7Bs6%7D&_s1=&_s2=${US_PRIVACY}&_s3=[PLAYBACKMETHODS]&_s4=[CONTINUOUSPLAY]&_s5=[TIMESINCEINTERACTION]&_s6=[CACHEBUSTER]&_api=[APIFRAMEWORKS]&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=&gdpr_consent=&_abm=[APPBUNDLE]&_pum=[PAGEURL]
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230925_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ed50f2f5783fb081ffa5974309fd65cbd3c4ab802b93b3646a496faed27e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:11 GMT
content-encoding
br
server
cloudflare
vary
origin, Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
https://vpaid.doubleverify.com
link
<https://vpaid.doubleverify.com>; rel=preconnect, <https://cdn.flashtalking.com>; rel=preconnect, <https://cdn.doubleverify.com>; rel=preconnect, <https://servedby.flashtalking.com>; rel=preconnect, <https://d9.flashtalking.com>; rel=preconnect, <https://tpsc-video-eu.doubleverify.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect, <https://ad-events.flashtalking.com>; rel=preconnect, <https://rtb0.doubleverify.com>; rel=preconnect, <https://tps.doubleverify.com>; rel=preconnect
alt-svc
h3=":443"; ma=86400
cf-ray
80fe7ba93d5c9280-FRA
csi
csi.gstatic.com/ Frame FA22
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ln94vodv&c=1458904453383&slotId=729452226691.5&qqid=CIGqq9Lq14EDFT-afwQdGMIKeQ&fb=outstream-lima&vmfc=7&vhc=0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=FTPrivacy&icdi=16x16&ccc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230925_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c1f::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:12 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame FA22
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230925_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sun, 01 Oct 2023 22:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66263
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Sep 2024 22:32:49 GMT
consumer-privacy-logo-16.png
secure.flashtalking.com/oba/icon/ Frame FA22
7 KB
7 KB
Image
General
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo-16.png
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Mon, 02 Oct 2023 16:57:12 GMT
Last-Modified
Thu, 06 May 2021 18:54:24 GMT
Server
Flashtalking (AKA)
ETag
W/"ea9218504eec09a337676178d9020356"
Content-Type
image/png
X-Varnish
255755981 255314571
Cache-Control
max-age=602
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7281
Expires
Mon, 02 Oct 2023 17:07:14 GMT
FY22Q4_Stock_Stock_Stock_DE_DE_WorldOfStockMorning15s_VID_1920_1080_25000_3000.mp4
cdn.flashtalking.com/165457/ Frame FA22
38 MB
0
Media
General
Full URL
https://cdn.flashtalking.com/165457/FY22Q4_Stock_Stock_Stock_DE_DE_WorldOfStockMorning15s_VID_1920_1080_25000_3000.mp4
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 02 Oct 2023 16:57:12 GMT
Last-Modified
Thu, 31 Aug 2023 17:38:23 GMT
Server
Flashtalking (AKA)
ETag
"3f6c36e00f902196539cadaf01014a9e"
Content-Type
video/mp4
X-Varnish
271362905
Content-Range
bytes 0-46631915/46631916
Cache-Control
max-age=30
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46631916
Expires
Mon, 02 Oct 2023 16:57:42 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 9CFB
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
49984
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 03:04:08 GMT
expires
Tue, 01 Oct 2024 03:04:08 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
pagead2.googlesyndication.com/bg/ Frame 9CFB
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 19:38:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
508725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14789
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Sep 2024 19:38:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CFB
0
21 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BIS7UZ_YaZbDzKI6Q-wbn7JmACwAAAAA4AeAEAg&bg=!hoWlhcrNAAZN1Q_XbdU7ADQBe5WfOOopHf9A-GUVDv7PbqvGevvg4pLbYjq0jkJL7s_eAa91jqfvwQ_PGbJ4r4pNkTJKAgAAAIBSAAAACGgBB5kC1Fd4kOseO_IZqBemloCyRPyrv91Js9mFwTgQc86peFr1GHoetnasUXVdLggqvnSuWLakcyaG8pY7mzUoXkwPNbgIBIfLmvdDIv2bpOXx2dC2Ns5nNEyogK8RJxEpswqZ9qynfdCLX_bN6bdd_7vNsBezeKXXeNuD8nJl6vc2VTY-kL8QgbVuiWTJJ7zLdn8EeSz-zYT2IEPk-y1DdjMrkDXPLhrP_UNIYS_w7pu9OE1aGoPeihxgxifd22_8x_4V8U9VhDf9YogObxTuyMKXsT7NS2HZP2Y3aBLDCUAW44aM-mOlOkx_WpuL3RF_YlYRo7AOhQDLo2Es80F7VPLT8xBsVQH1GhS_xuN9wSqFH6eAJbMl4wExZJNEN4Z0OSdDmeiFLcD4KrgErAcaoy_JfDGJ-JBSgChNgJ_BdsAaOuRQBh2BlsZI3TnNLK2uoJnrtXGRGnfuzBUcs-q6QEC7b1ao--gPgzzbJHMKAMH1PiwvvDFZUq9GBZ-7xRYAAtfmE-3wjBLs5z-2tNRpo-UGWdeW5UEgsrutNE279mob-LCkFzC9kcYek0w9L31BdMVMdyeozA4O6S68vpqsClg5Df7QmVwYD66Qwj8F4XFEQufXtsytyK7VduUSLqiEo0_hRO18HmMOqmCZeOG9GWDwNgTqS2gPNJh1biuTq1Zb40EbznkrTDhF0BIM1wZXHY52a-jJqEB_0AJLI02i53UAHdA1VSKhoRmr-jEJIYScP6U03hC2jkb7Rf3G6wrl3HzrbVkp-NO-HLBcKopytnfEoal6pZwy6dFqf6OE3m3HfEfq_yzGdcoZkGTM9BsJa2CXgKW5V89Yj9S8_GKwOfL4hUhCZxu5gFKSBmCDogyUAuF9pi5IZ-jim8RW7MqNqv7w4mIsIxdB4vJznntIBkU2vI51tF-ChTns4DIYCMFTm2tP07N339YCIpWL_wVPtDooGer48dU
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame FA22
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~ln94vokm&c=1458904453383&slotId=729452226691.5&qqid=CIGqq9Lq14EDFT-afwQdGMIKeQ&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=6&smb=Infinity&br=25000&mt=video%2Fmp4&vs=1920x1080&msm=1&aits=0&webm=0&vp9=0&vamt=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=true&vms=1&bit=0&hcn=0&met.4=arp_a_e.yq~atrd.zi~vil.1ab&ua_e=1&umsem=0&ape=1&ple=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230925_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4001:c1f::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:12 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0731180709150395&plah=sanovnikat.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef5aa09684b9a20f017d1dbb7659b5c9de49a248899f569d39d5aaf59bc23c1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12029
x-xss-protection
0
truncated
/ Frame BD1F
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b103b38ccefdad066e3fec9c42d8b790919dda1d17a7663ea1b3964fb14cb56f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame BD1F
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvOktmWu4gzdxcgOSXa-ZeFWzw51dkydO1WL3oroHetNm5H1LTZ7bNx9Xy95Z41IBn8lJdJggm8VZa-eaawcXdZGworocvxdCAOv8q8cX7dGTCzd1T_k5B3yBuonA2W9tuXYl_mfCyJRtL9DXN8Rh_MX4bb0iPpQbpp2kFb7QQHxeb__LyFZYiH0jZ-3u7soGBZzuUnKedwlPui5IrTXXAHNcSqU21DBWpM3yQciJSdyqUzS7bFrhbFX-Oy1e-fE_G-ForPS1Ugp9b7PqagcvAUOo9p1U_W_Mc3artiD_9_IPbRoBbbU37oYIYuMvvBaGl-zXvCbxHwn5syc0TMR-M5pDg3Nt71e8v6ScARlsQkzhzJ19_ZO5Hfqv52NIwSxEKk39L2VFS_ES9BhTCmD-_57sXWIGshofvdTgHzaT4kBRP4M8G9CfcYI-Cefs15uXU0NJo3M0SNrr-eL5rIEQ7vTz9cbTsPGpjUGZSyM9CNBON9JTkXrbQMIS-cpf4yVtgdzzIuYY_lbmljs79Hez5DAHAsxknQGSbBn5K-AhqXwv7X7EEdvqgCJ9o7pJjzQIPhUd5fuf3W6bzL2PgPO384jR6-bU40JPE1wwnP7Xkt7bjov7OtBb0qJhNgEtXRJLoXi7EyAW0ujkzcC07j-bfe59Cn1iJRvXbptx3g0vJqgm4YVtA4xwIP4IYhTh-c4t59IvAmVTS0tfJE6T8W2flw_69nOUQRwXLarfrKTRZ7CO6RplCV406sp4_haCzuu6IU3Pqudz29-tz84N69DGhPMjx1fa2rd195AEt1RilGwoluMnxoQN9Lt3KS55ZQcDUdGA8IxRiTWuhNtpBVOsiZMktlkS9xHbXbJZtc-Wn_yufclbfxipdqSXk9DfiZpsyzOWBhqF752ApY781PrFWyYtaLXMOYLx-JUKZ-SI4DDjo137rCkylV3rOOWl0baJinHqn8cQttoX01vliwvytgghrVsciV5ADNGSr0wgO_NioKzNHob5Cc0muGK1pu3UbkWc4HWAlzTsg11-QvUeIVWufy-0tF4YejZgZFp4uWYLSm8Z-1-QBDYhYBiFpYwQ9japY3UJQFnM1_krpNF4UyTvDk-BW7cBM3TyFFKuShZhkQPWVggCs_rXfa4jUjI3NTbgcQSq03B1HJtLxlNTph_DiflK-1H8mkv246l3dmoNqTYR03FRkHbF4F1mjTvTIrMthKlYZZeVvnDq796ZWFp0LTEY1ZBH2kMkKtpOfzZ6_hg7U3m-b_eP5EahaeVSnTcyMNdNN7XE_uskrrgWlqL0&sai=AMfl-YSPcU_Df2xMV44lToiDhR-GCzeb8HVSWJAGXWRCkV_CERWqt4X_mncojq9pCkQBPg022pxHT5Yy7_-K2S3nF9hIYtlFWH4i0NOR7YA3ax_JjisCVRwa5cxWZXWEk4F57ovVy4wY5tk14ptISyp1nNmbWDh7cV9tDOfdk1r3yGaBA2SGlLSnIDh7qvYA5-Wm5CjxS3F-FZ8Hc_2tMnQKMxImnjJyNO9mxwxEPRaSqsPxjRek5IfeizHS&sig=Cg0ArKJSzJk301kiPVncEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2785&cbvp=2&dett=2&cstd=1&cisv=r20230927.52624&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: sanovnikat.com
URL: https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 02 Oct 2023 16:57:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0731180709150395&plah=sanovnikat.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 Oct 2023 16:57:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8EF1
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sanovnikat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14927
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 12:48:26 GMT
expires
Tue, 01 Oct 2024 12:48:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 41A5
829 B
561 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
46f4cb05b9f5e2dac28dd71236f628dc7e9f517fa94a58e76541b7f1af5c2411
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xynBGjfEQwStW9qJ1md5OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sanovnikat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-xynBGjfEQwStW9qJ1md5OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 02 Oct 2023 16:57:13 GMT
expires
Mon, 02 Oct 2023 16:57:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
pagead2.googlesyndication.com/bg/ Frame 8EF1
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 12:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
14926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14550
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Oct 2024 12:48:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 41A5
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=2089408493050378&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 8EF1
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?fTo9vA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7F8
0
25 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1409387200410&version=m202309260101&ct=76&x=1&cor=16945681009573680000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B7F8
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1f9AhX78YOVQ9CLZ3QmMaLGVURtQz6moSxpoo82ABli44yHgtKUA0m5QI2RHb0DgAv113nQFjw8_IynhCUwN7s93O3lWTrelVot1L2-2SPVesLGSt0IvMQGLGS0kmfLOHHlByLSY3jqwN&sai=AMfl-YRUfnAyh_8empgmn8zD3R-NJt_cqoMBvA6ez411p9jG7DIKK7aGwmWQ7B2n5Nh9bFJSD9CsrfDaMBGnsT2H_2B22jBj4uXVmNN8fjyrJteoVcKqz_b4jM3nFvm0YUruNZYbvz7nUe3aCTnUYg&sig=Cg0ArKJSzJ3yoSK0ywsnEAE&cid=CAQSTADICaaNyW0sJJPmEOfFhdBZB5kaifHCoRFUExw9rBJlaHW24uqccAw_UGL_8_uUxL3dDpPOI8ZAMG51ptKNuaRKcpd-PTDjqHrIvZkYAQ&id=lidar2&mcvt=1014&p=0,0,250,300&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1088673156&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696265830837&rpt=2748&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=2089408493050378&bg=!-_il-LfNAAYEJRtnJCU7ADQBe5WfOHiNdrc8haRb1w8DZuFI5nmQqHx7k-H7cfkOQHZVbUdmKssEYmYFoTm1XeeSKyvcAgAAAHtSAAAAImgBBwoAnBpHUPxH5Tg-zJG5Mc8PnUp538E1hl7jKaM39ud3vCPwEwV1IHwdXQB4OJ3fJoI219kc1j6YORa3bIEj6oUW-Gg3HUWQS73R9lllmOaVvj9ylO2eLo-k8OwIdV5BVAo2cWc7NbiDASR9u2uEjszsDqv4YLbTfzErjFzsKkrFYB_fJhPs2tiiLX3ejNFGoAI88vMXVnCda21sxLv8gZkCuXo5MqQRRUZbk-d9dAyGazTZD0rXwK2bem6sGHaqWCLQNylmLGlTD7hTR_-ZTq5fRm01NdgHfHg5WDgPYKOlb5anXmvPd29-YGPK2RBowHhp2w4tJcx4NIZp2TUuIZGIfB-2j8GCHHlpJcFylghb0IRys8h0RumLFheP39lSgUIdvm1MVILrU71T3ExefwccN4dKbKx_CUxaav16_y5m3fMCe8GeHwh3l6saryuK9RK7dzDoX0Qf8jbIMbjJbqg6AR_wYIwhiAeLmuUMLXs70mMoCO3pHFlJ1LvkbD4wOAm4EONUNtsNAjAgSEoM8Zto6lyvJXRetXyJhbIiZJ7FTgBh1rdKj3H8oN02PBOxxXKLKyb3K6pWBG9ToCcmuGn2OGUt2wbALEVEW9i-t53a1Eer-WtTXYbAeZu5KXas4SRxbqsPls9_r6Bo96h_wZByR0uAkN6QpJYad8N6VFjllg2DrIZMstXyiwxy0-9WWIp2Xo5UgkJhFf3UdN86tnz_Nxe5CTU5tZs0C_1R6tCgGkqSO_nFofaKlreqO0y9_ZleBnMCWYqHOYpA29mNBexzwPXZOyMOSiuNS1cu-ITB9N3RPfk8I-IMZinwtn-t7FSZdudN-dOvZEPhq_9RiZIdy8cWoalP-KbOiZcWkx3loWJbLvRhY9PfPEyRUH4hApVSQEZuh0QS69U1nEj1sU-cx9-poxuVP2kJlPexqQu3C6anWbmH1DUNAdmXKnu961tScUrt1byFDCz4QvMLgqgU1D_Dn6hNqotL5CIAeWox1KmiIgfU7Z70ZzOjgxdqcGEd7caxGNkw0nyvRXInZVKlw-DyL3jJ9-Vc6OCa2EBx8ILoJngIdW8kcLfrRJtm4yHwZwtojN7Wr_6TvQmfw6_1UaENB0PsYCiVGjjR3R4UXRdC0kGnM8yFDT8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sanovnikat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame BD1F
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDlh3mowdERACgmcGkLAxe9g3iVE6S6o7ZfiiQQ3o9ashdSe0CCuYh0N7l4PDVHfF3-CobwjKHKItEWNsZYi65_HsXD9qPdyWJ6zG8NHv_ItMovQFrFXe1MIRVWlK83A8oTOqPZ-Lp5qfY&sai=AMfl-YRobzfqXMCieud6XV6yeNr6S3WhqxNYkya0ociMfEpommYUPYcgNXY2mMeCrif48ZJaM_g9Q7yfnmX_&sig=Cg0ArKJSzKQtncxcIwbDEAE&cid=CAQSGwDICaaN-FJsqor8PpTBBbCeiJIp7HFc3UJPChgB&id=lidar2&mcvt=1000&p=0,0,1204,160&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&vu=1&app=0&itpl=20&adk=2969136043&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696265830902&rpt=2732&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-YBFHPC76SD&gtm=45je39r0&_p=1976156223&cid=548593582.1696265830&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1696265829&sct=1&seg=0&dl=https%3A%2F%2Fsanovnikat.com%2F%25D1%2581%25D1%258A%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BD%25D0%25B8%25D0%25BA%2F%25D1%2582%25D1%258A%25D1%2580%25D1%2581%25D0%25B8%2520%25D0%25B3%25D0%25BE%25D0%25BB%25D0%25B0%2520%25D0%25B6%25D0%25B5%25D0%25BD%25D0%25B0%2520%25D0%25BC%25D0%25B0%25D1%2581%25D1%2582%25D1%2583%25D1%2580%25D0%25B1%25D0%25B8%25D1%2580%25D0%25B0%2F&dt=%D0%A1%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0%2C%20%D0%B4%D0%B0%20%D1%81%D1%8A%D0%BD%D1%83%D0%B2%D0%B0%D1%88%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0%20-%20sanovnikat.com&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YBFHPC76SD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sanovnikat.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sanovnikat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c_ajax.php
sanovnikat.com/
0
503 B
XHR
General
Full URL
https://sanovnikat.com/c_ajax.php?action=get_ajax_inf&post=1022&um=77d17ddce1de0c7d4c0bb6c501a74fec
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Oct 2023 16:57:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4FcUJ2MIiWU49sP%2FMCE%2BLQD%2Fdgdkh4VniugGRtHBUrEAtRjfX9yrrJRXbwhwHBrYcJZSGiwzixAK3lWAcMCSkej121CyfBVchvrInEevP7pYNXt8CNiAI3z%2BpBbWvQHWUvNlz8joR710ymqEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
no-cache, must-revalidate, max-age=0
x-robots-tag
noindex
cf-ray
80fe7bc848b0b76c-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
views.php
sanovnikat.com/
46 B
478 B
XHR
General
Full URL
https://sanovnikat.com/views.php?post_id=1022
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e292d0f3755cb7c14ff4f3889a95abd8d1bfa673d85d1fcede45d645d1ddd325

Request headers

Accept
*/*
Referer
https://sanovnikat.com/%D1%81%D1%8A%D0%BD%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA/%D1%82%D1%8A%D1%80%D1%81%D0%B8%20%D0%B3%D0%BE%D0%BB%D0%B0%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%81%D1%82%D1%83%D1%80%D0%B1%D0%B8%D1%80%D0%B0/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 16:57:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yh6A5okwLAUjR%2BnI%2BxxpPxxvsdRAIsQYdMum3ifRN8Lsa729BWlOJSvTFEEsKU8E3sPrUsNipYRcsW5L8rLDcyXWOBMrxUioG7MfDYvauL2Tk6s3XKF29C0vCX31pCJ0AXWJqmdlW02rk%2Fy0sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
80fe7bc848b2b76c-AMS
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture function| $ function| jQuery object| tie object| adsbygoogle object| retrievedData object| checkB string| c function| loadCSS function| gtag object| dataLayer object| cookieLaw object| google_tag_manager object| google_tag_data object| $doc object| $window object| $body object| $themeHeader object| $mainNav object| $container boolean| is_RTL number| intialWidth boolean| isDuringAjax boolean| adBlock boolean| scrollBarWidth boolean| mobileMenu boolean| isMobile function| tie_animate_element function| tie_animate_reviews function| setFavs function| setFavsRec function| setSrchs function| MmenuLight object| favs object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint object| googletag object| gaGlobal function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| CleverCore boolean| CleverCoreLoaded object| gaplugins object| gaData object| google_llp object| gapi object| ___jsl object| GoogleGcLKhOms

23 Cookies

Domain/Path Name / Value
.sanovnikat.com/ Name: _ga
Value: GA1.2.548593582.1696265830
.sanovnikat.com/ Name: _gid
Value: GA1.2.765598916.1696265830
.sanovnikat.com/ Name: _gat_gtag_UA_40048317_1
Value: 1
.sanovnikat.com/ Name: __gads
Value: ID=85fed554ae801e3c-22336aa324df0080:T=1696265830:RT=1696265830:S=ALNI_MbPvgE450aV38SZ0mIvAK8jHC3UKg
.sanovnikat.com/ Name: __gpi
Value: UID=00000c8a56c5dd09:T=1696265830:RT=1696265830:S=ALNI_MaVpm4P2k4SFPIDi2cviFIvbAdecw
.google.com/ Name: NID
Value: 511=ewNJdMQ9ELnYitbgEHC3R26hcMHmHw8ympgrxb5IGLeHhYgopL_4dknjj5Dw0BpJXKRF2RC7FND4n5w6a6t-7Vrd4d-HF3VQ-7WkqTfadnCFyFl_1NM5vgIO65kDAxQ1HbkjaMq0bmyY2Uq3IN2nF2PKwlBiTTO_Dx6WFLzUqrI
.youtube.com/ Name: YSC
Value: mUid1P15TRo
.doubleclick.net/ Name: APC
Value: AfxxVi7_3SRY_wrLp8yecbL1ZC2UKZgVa5_uzXvlXX98N1i7xugC-Q
.casalemedia.com/ Name: CMID
Value: ZRr2Z8Ia.sD-VOW3hgs1ygAA
.casalemedia.com/ Name: CMPS
Value: 2179
.casalemedia.com/ Name: CMPRO
Value: 2179
.doubleclick.net/ Name: IDE
Value: AHWqTUnMEIPTesMSpz6MG2SYyJbl-NTxlGHWQaAhQdUJwVLgYuqxLesS8dzsNBzVytw
.adnxs.com/ Name: uuid2
Value: 1065347635629785915
.awin1.com/ Name: awpv37018
Value: 302675|1696265831
.awin1.com/ Name: AWSESS
Value: 448851:3454817
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?kp7S[u!]tbPl1M>e)ZlrFUfJ+tGXxpGL[Bk4I+xI*C[e5l^(<RoQkZMv^NFel^C1w#3If)y3KL9D3I?+n6B^9j
.sanovnikat.com/ Name: _ga_YBFHPC76SD
Value: GS1.1.1696265829.1.0.1696265831.58.0.0
.adform.net/ Name: C
Value: 1
.uuidksinc.net/ Name: jcsuuid
Value: npau9OsSp1BYZ8fA4lzD
.adform.net/ Name: uid
Value: 6218123384590143929
.yahoo.com/ Name: A3
Value: d=AQABBGf2GmUCEJL7D4ZHUEivfPCe_EPeka0FEgEBAQFHHGUkZQAAAAAA_eMAAA&S=AQAAAoqxMKOFEFtnZtc9Xn1yIEw
.turn.com/ Name: uid
Value: 2664276786154074849
.tribalfusion.com/ Name: ANON_ID
Value: arnt6ZaNZaiMjAmemFnSwbP197LT8yQA6parWRMIVL36oUYWJGgiXUvJXxuIP2JA9i0GlfHCWk34S6nE3d3QZbbPZdu8tNai

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a1.awin1.com
ad.turn.com
apis.google.com
bid.g.doubleclick.net
c1.adform.net
call.cleverwebserver.com
cdn.flashtalking.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csi.gstatic.com
dis.criteo.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
sanovnikat.com
scripts.cleverwebserver.com
secure.flashtalking.com
stats.g.doubleclick.net
tpc.googlesyndication.com
ui.cleverwebserver.com
ui2.awin.com
vast.doubleverify.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.18.27.193
104.18.36.54
142.250.186.34
178.250.7.11
18.196.113.49
184.30.20.47
185.89.211.12
2.17.100.202
2001:4860:4802:34::36
216.58.206.34
23.56.205.163
2606:4700:3032::6815:1e70
2606:4700:4400::ac40:919c
2606:4700::6811:190e
2606:4700::6812:19ad
2607:f8b0:4001:c1f::78
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:813::2001
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:400c:c00::9a
2a05:d018:d29:3601:5a14:618c:2256:ed23
31.220.27.134
37.157.4.28
46.228.164.11
64.233.184.156
65.9.66.77
0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
067f93a01b09217821ab208ead95cc31cb9b091e035e29d43da08c8f3d187bbb
099b19959f1e898131d984358c16ebb8e0d8eef35a28a7a5bc9d17c7b8ace743
09b75aeeb59889393d1401972bf509746603fd34d5c192499714dd19646e7543
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c501c0333d3d89536728f3e2b8175238ebb2b726b16bc18c1dc86d29d397f87
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1b3188e444c19ad046ee79336e51e8314068cd06e2e646b348cae69b3fe550d1
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
204479c68a95567abb9c8713ba8a2c5a1bebdce713bec89b40eedefb64d3f36b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c289ae146bc7ae37b9e5cd50137a52a2dd21f96b45fadf22c367d8ceb6f5f3f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
379ad0aa6ed004df96525180315c66a1f17433e72dc6c864b9be79c60528c740
37d58ebb37b791f3e696c2efe73875ac843f2b738508b44a63009a19a0b0bacd
3dc773bcc8762b962cd23d0002c3e322e0de95d8d4e901fff9b0a5154f5fa17b
46f4cb05b9f5e2dac28dd71236f628dc7e9f517fa94a58e76541b7f1af5c2411
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b7d10831e640f8a441656c74398520bab0bb856770a6d5ef45a0c7db67e39b
49e5a3998c52bf8468c903158c514385ad4b6f092dd21c60a324ebca335aff29
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51d44c25ac94f585478221aaa2b8970a2a1c9602adf29c9953f81076758bbb7a
52be6530147dbdf4e02ca8cd2dfe32475771524a951f1c9d82078ce374feea60
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ad26396de01eaa101321ee6044978198ee7f998eba675e56b288dba98be716f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6ad1c55369a5a5ae758580a5b35fa24d8a0e81e7835a626d3ba8dcee4182794e
6b190232800b349bb4390f656b869c5f010f87c796cf9371fde332e25c82f7ed
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6f5a60334c5c447d1d0aa9c7f1e0c2ffb0c478512005a11d59b5c58f17a19e7b
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
71ffeec8488658ec0b5408a9cd194cdce943905bc5c726bde84a1a4ded2535f8
738b3fa282c4c9db3cf6c2c247203ed637909a6745f0c26ed6eabc193e31451a
7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb
82e09faf9500f44251ad137d730b62da13d8485f96cb813d9e7c6e9d1da8917f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
865c078913e1b17254df6a89c5e66b2c8c7a80f01707de698d9934b73da26a4f
89eb83bb17a9cf33d918455a9a1bb4417fa7e76b3d5de749aaba346250d2896d
92540f4c834981b343c377cb46158a614a633dac2ee307c06ddf7335a9075089
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
96be6646b5927a82d9f25e29a7a8ad8c0a5632e7ae7e535da83e0ad0c2f462eb
97ed50f2f5783fb081ffa5974309fd65cbd3c4ab802b93b3646a496faed27e26
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a42643906d1869df05a2fa2c7ec6166510ecf2039596e7e946083eacaa3f731
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b931de30c306be214ba6e10865deccb8751ef0dda989ce0aaa96c686aefb680
9f70cd7f01ee52df6cd6b065dd27e40c281f009cba96cebff60070e6b1145d9b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a14905b85669a60640659e75d93b815f0c019e09069570591fdb2d9bbde613ce
a9dbe5df0df4a57d6ad83217b882a6bcbdbf5b4b4ebd73f7bcdd8481862a165c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad0e31795c6d4ebccd7be3ff459bdc2345f2c5373ffacfb9358533f40a769a3a
b103b38ccefdad066e3fec9c42d8b790919dda1d17a7663ea1b3964fb14cb56f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b54a08f85d6bb3354b2c3bd119b1b09e413cfae2c18a0380d4368a03e204acff
b85fb99c4170e2e9841ce9a8f536fa4e6f13f50a9ef1e7bb0265c192317c08a8
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
d1f30944e2f2b0e21ecbf80f926ef8733d4f73d8b7d538629e630c3ebc3fc06e
d534081afc65f3bf3ef98ad0dc75b3ea4194b65c62d2d47264be43eb5ca7af65
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d79b5b6b39664f8c1afd4153ed9f59f6c80c38113dfe582993af5f25252bb500
d7f5badf1463759d0cfcedbd16e23befa1c84c18ecad7d3277ec45e527da0ceb
dcd283fcb6016b74f7b269aad2aa42f1a9e15b2372c4b92bc953e1eebdac19f7
ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1117a7a5e4dcd73b550eef4d8ad43e4e82ff62707bf4936f3c8d53bdacb69f6
e1bce2d623320499967a52f9df542e777a10294a16c56680fd6f36599791cb39
e292d0f3755cb7c14ff4f3889a95abd8d1bfa673d85d1fcede45d645d1ddd325
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5385b3406883e1fc93ac43ba9fc33de7a5a129d279d713112a8547200f717af
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ecfb48718a6edc5e924f385d0ed226cde5dfdebde87049970779bd5d9f86c435
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5aa09684b9a20f017d1dbb7659b5c9de49a248899f569d39d5aaf59bc23c1b
eff81fc04bf29cce33da16685a890955cebde676c09fdb000377513d7d76cb5d
f55f1258a40af31664214d65e2420cec3658fbdfacc8bb0fb0dd5dc7a6b2c052
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d