podelki.guru Open in urlscan Pro
2a03:f480:1:f::d1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://podelki.guru/
Submission Tags: analytics-framework
Submission: On April 21 via api (April 21st 2023, 11:46:04 am UTC) from US — Scanned from DE

Summary HTTP 146 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 24 domains to perform 146 HTTP transactions. The main IP is 2a03:f480:1:f::d1, located in Estonia and belongs to PAGM-AS, EE. The main domain is podelki.guru.
TLS certificate: Issued by R3 on April 11th 2023. Valid for: 3 months.

This is the only time podelki.guru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2a03:f480:1:f... 2a03:f480:1:f::d1	198068 (PAGM-AS) (PAGM-AS)
5	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
9	62.76.25.28 62.76.25.28	61400 (NETRACK-AS) (NETRACK-AS)
1	92.38.252.165 92.38.252.165	12695 (DINET-AS) (DINET-AS)
2	157.90.33.68 157.90.33.68	24940 (HETZNER-AS) (HETZNER-AS)
5 14	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
31	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	157.90.33.122 157.90.33.122	24940 (HETZNER-AS) (HETZNER-AS)
1	141.8.194.191 141.8.194.191	35278 (SPRINTHOST) (SPRINTHOST)
1	92.63.103.84 92.63.103.84	29182 (RU-JSCIOT) (RU-JSCIOT)
10	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	193.176.79.47 193.176.79.47	198610 (BEGET-AS) (BEGET-AS)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
146	27

14 2a03:f480:1:f::d1 (Estonia)

ASN198068 (PAGM-AS, EE)

podelki.guru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 62.76.25.28 (Russian Federation)

ASN61400 (NETRACK-AS, RU)

zslhmw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wezrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.38.252.165 (Reutov, Russian Federation)

ASN12695 (DINET-AS, RU)

allstat-pp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.33.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub1.1push.io

push-sdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.33.122 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub3.1push.io

uidsync.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.8.194.191 (Russian Federation)

ASN35278 (SPRINTHOST, RU)
PTR: rym.from.sh

cleacom.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.63.103.84 (Moscow, Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: i1.imageban.ru

i1.imageban.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.176.79.47 (Russian Federation)

ASN198610 (BEGET-AS, RU)

mpsuadv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	496 KB
16	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	151 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	146 KB
14	podelki.guru podelki.guru	1 MB
11	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 7652	4 KB
8	wezrad.com wezrad.com	215 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	2 MB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	195 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	20 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2437	74 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5261	696 B
2	uidsync.net uidsync.net — Cisco Umbrella Rank: 44908	706 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	132 KB
2	push-sdk.com push-sdk.com — Cisco Umbrella Rank: 96580	15 KB
1	mpsuadv.ru mpsuadv.ru — Cisco Umbrella Rank: 132476	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	603 B
1	imageban.ru i1.imageban.ru — Cisco Umbrella Rank: 193518	34 KB
1	cleacom.ru cleacom.ru	52 KB
1	allstat-pp.ru allstat-pp.ru — Cisco Umbrella Rank: 539849	4 KB
1	zslhmw.com zslhmw.com	27 KB
146	24

	Domain	Requested by
31	pagead2.googlesyndication.com	podelki.guru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.gstatic.com www.googletagservices.com
20	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net podelki.guru tpc.googlesyndication.com
14	podelki.guru	podelki.guru
11	mc.yandex.com	3 redirects podelki.guru mc.yandex.ru
10	www.gstatic.com	googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com podelki.guru googleads.g.doubleclick.net
8	wezrad.com	podelki.guru
5	s0.2mdn.net	podelki.guru s0.2mdn.net googleads.g.doubleclick.net
5	fonts.googleapis.com	podelki.guru googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net podelki.guru
4	fonts.gstatic.com	fonts.googleapis.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	mc.yandex.ru	2 redirects podelki.guru
2	googleads4.g.doubleclick.net	podelki.guru
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	uidsync.net	push-sdk.com
2	www.googletagmanager.com	podelki.guru www.googletagmanager.com
2	push-sdk.com	podelki.guru push-sdk.com
1	region1.google-analytics.com	www.googletagmanager.com
1	mpsuadv.ru	podelki.guru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	i1.imageban.ru	podelki.guru
1	cleacom.ru	podelki.guru
1	allstat-pp.ru	podelki.guru
1	zslhmw.com	podelki.guru
146	30

This site contains no links.

Subject Issuer	Validity	Valid
podelki.guru R3	`2023-04-11` - `2023-07-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
zslhmw.com R3	`2023-02-18` - `2023-05-19`	3 months	crt.sh
wezrad.com R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
allstat-pp.ru R3	`2023-03-05` - `2023-06-03`	3 months	crt.sh
push-sdk.com R3	`2023-02-22` - `2023-05-23`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
uidsync.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
cleacom.ru R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.imageban.ru AlphaSSL CA - SHA256 - G2	`2022-08-18` - `2023-09-19`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
mpsuadv.ru R3	`2023-03-02` - `2023-05-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://podelki.guru/
Frame ID: B1F7D5B60274D8AE60F16B7AD06158BF
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: C35AC5CD787E1BB76ACA459315EE9B07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2151775154385927&output=html&adk=1812271804&adf=1573534164&lmt=1681558082&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fpodelki.guru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682077555543&bpp=8&bdt=405&idt=222&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1208753596367&frm=20&pv=2&ga_vid=2110404728.1682077556&ga_sid=1682077556&ga_hid=1959082537&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31074025%2C44788443&oid=2&pvsid=2201762622473768&tmod=381537123&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=264
Frame ID: 1BFBD3DFB6C2D125DE1844D39CE563AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0BA03A8065BAF5BECAE16832F3F4E487
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: 71DB4D91F843DEC5799E93BD3A219962
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: 45D9BDCC061ABF0E8D8A7795524E6D36
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: 74463C8BE41BE5F64C30A5DAA1395942
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYudypzQEwAQ&v=APEucNVFW09b2aiyBKcjxmWcta2fEIGVgV_9Wmw5dTv0rk1m13OLhA0Gfu7tA-LNkmPxRAKdW22scllMdUQtJKkrPEjb6JB4HwsFEoBM84htP6MQBktR9Wc49LzOcYOdMMxeKUfPi1YdciDWtE8hixvs4z3B-naCQMO3dAgc_nUQwjUrJDArDYM
Frame ID: AF012E4A8EB39780F73A9624D91F5C1F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 9B6830D67D831E9CC97124619E06A1C0
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A632DE668ABDAA03FE15DB6061012712
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 196EF2CA3BC042CFBCDF1ADBB14CACF1
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/8e3adedd6f76ceb5825dd9d6f211c14b.js?tag=client_fast_engine_2019
Frame ID: 0F3D4D9298654DF59E4621616C8C0DD2
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BFD8497DDEF805B2D350AE75CA0583AD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: D26C4D20B4BE12AE0CD3AFC85A03FCA5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Frame ID: E2597852C8A83C7595B1C01284792549
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9743144358537290442/Domes-728x90-banner-SLOW.html
Frame ID: 710EC40FB9F701B0127EEC944469BA75
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 03F265410799B18499F59FA09C8497ED
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Творческий портал Podelki.GURU - мастер-классы по рукоделию, практичные советы по дому, вязанию, вышивке и декупажу

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

146
Requests

95 %
HTTPS

58 %
IPv6

24
Domains

30
Subdomains

27
IPs

5
Countries

5134 kB
Transfer

9142 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9980.HAwOR0aejyNcz2SWtH0ibviWnVMtUVj-uzYKQOzCPv3wsV3Mpxx33y8zUMPF4iN8.Sa1YaiMHilW-XvqTiJFZ2gRXGfs%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9980.7TQF_pD3Pydvenzm_It5D0sWz1YaRlrfwfk_AUsaw_ie7sU9m_GGcPgSCJmezFrmWrLCaKmMiC5GpyOaO3XGZvzsoY8eN1Mh2zyQWtPTk3c%2C.d1NXmxw-FilQ1Ni84M8mycBWGWI%2C

Request Chain 46

https://mc.yandex.com/watch/51191387?wmode=7&page-url=https%3A%2F%2Fpodelki.guru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A1%3Adp%3A0%3Als%3A194393816929%3Ahid%3A355027351%3Az%3A0%3Ai%3A20230421114555%3Aet%3A1682077556%3Ac%3A1%3Arn%3A1000578649%3Arqn%3A1%3Au%3A1682077556623166405%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A45%2C84%2C90%2C43%2C%2C0%2C%2C35%2C0%2C%2C%2C%2C298%3Aco%3A0%3Acpf%3A1%3Ans%3A1682077554915%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682077556%3At%3A%D0%A2%D0%B2%D0%BE%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Podelki.GURU%20-%20%D0%BC%D0%B0%D1%81%D1%82%D0%B5%D1%80-%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D1%8B%20%D0%BF%D0%BE%20%D1%80%D1%83%D0%BA%D0%BE%D0%B4%D0%B5%D0%BB%D0%B8%D1%8E%2C%20%D0%BF%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D0%BC%D1%83%2C%20%D0%B2%D1%8F%D0%B7%D0%B0%D0%BD%D0%B8%D1%8E%2C%20%D0%B2%D1%8B%D1%88%D0%B8%D0%B2%D0%BA%D0%B5%20%D0%B8%20%D0%B4%D0%B5%D0%BA%D1%83%D0%BF%D0%B0%D0%B6%D1%83&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/51191387/1?wmode=7&page-url=https%3A%2F%2Fpodelki.guru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A1%3Adp%3A0%3Als%3A194393816929%3Ahid%3A355027351%3Az%3A0%3Ai%3A20230421114555%3Aet%3A1682077556%3Ac%3A1%3Arn%3A1000578649%3Arqn%3A1%3Au%3A1682077556623166405%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A45%2C84%2C90%2C43%2C%2C0%2C%2C35%2C0%2C%2C%2C%2C298%3Aco%3A0%3Acpf%3A1%3Ans%3A1682077554915%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682077556%3At%3A%D0%A2%D0%B2%D0%BE%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Podelki.GURU%20-%20%D0%BC%D0%B0%D1%81%D1%82%D0%B5%D1%80-%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D1%8B%20%D0%BF%D0%BE%20%D1%80%D1%83%D0%BA%D0%BE%D0%B4%D0%B5%D0%BB%D0%B8%D1%8E%2C%20%D0%BF%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D0%BC%D1%83%2C%20%D0%B2%D1%8F%D0%B7%D0%B0%D0%BD%D0%B8%D1%8E%2C%20%D0%B2%D1%8B%D1%88%D0%B8%D0%B2%D0%BA%D0%B5%20%D0%B8%20%D0%B4%D0%B5%D0%BA%D1%83%D0%BF%D0%B0%D0%B6%D1%83&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 47

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9980.horsvXvFALlCV3kdt7Ma07r_iQwzjXnyEds5pKP7fpSqZEWS3sTUdFSa-kUm8hgi.lCz0-x4CJubwsjV63ev0sX_3hJo%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9980.GUFFQ8CjiiaZMmZDnFOt_iEij5PaZLPkuGKyIKTlp0JQcnQ-q9SLTEhAiHuuNNGVJmrXgtZz5L-1IfgmvfsO8qAoNNGnjxXw4As4KyT2ypk%2C.TDlATV4C8HRTcTm5Ok3VrreXuIs%2C

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7dxepibIZ-3XX5o4tMQm4&google_cver=1

Request Chain 113

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEJ3dY1Q3XgyVBDnNXk8iAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7dxepibIZ-3XX5o4tMQm4&google_cver=1

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPyftn7dWciUB24g-hFwpfs&google_cver=1

Request Chain 115

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2NzYxNzg2ODk0NTg1MTc4NQ%3D%3D

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

146 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
podelki.guru/ 331 KB
59 KB 219ms
90ms Document
text/html 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://podelki.guru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 2c4d07ef6b10d43982fc1ed3da53841453fb0fef0f43ae5be639ee956b2286b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=3, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 59817
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Apr 2023 11:45:55 GMT
Expires: Fri, 21 Apr 2023 11:45:58 GMT
Last-Modified: Sat, 15 Apr 2023 11:28:02 GMT
Server: nginx/1.20.2
Vary: Accept-Encoding,Cookie

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 68ms
26ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&display=swap

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a866ac73d4abbc18f90614d28e39899b140abf5e0a7b93b8afc88dcd8ab00f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 11:27:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 11:45:55 GMT

GET
H2 200 qvu876ypkzh.php Show response
zslhmw.com/yax71l/912/vli0pm30y/h8q786/ 90 KB
27 KB 198ms
78ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zslhmw.com/yax71l/912/vli0pm30y/h8q786/qvu876ypkzh.php
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 16d83770ec5d7dba2239bc276348daf2533b92fc709aa8b3cb30b63934e549d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 10:42:08 GMT
server: nginx/1.14.2
etag: "64256780-6a6d"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 27245

GET
H2 200 03y8qh768vqu768ypkkrxmd.php Show response
wezrad.com/kxe7l1921vlim0p/ 90 KB
27 KB 204ms
78ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wezrad.com/kxe7l1921vlim0p/03y8qh768vqu768ypkkrxmd.php
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 16d83770ec5d7dba2239bc276348daf2533b92fc709aa8b3cb30b63934e549d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 10:42:08 GMT
server: nginx/1.14.2
etag: "64256780-6a6d"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 27245

GET
H2 200 vqu786pky03cp9.php Show response
wezrad.com/qpvl17/291/vilm0py30qh8786/ 90 KB
27 KB 245ms
119ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wezrad.com/qpvl17/291/vilm0py30qh8786/vqu786pky03cp9.php
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 16d83770ec5d7dba2239bc276348daf2533b92fc709aa8b3cb30b63934e549d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 10:42:08 GMT
server: nginx/1.14.2
etag: "64256780-6a6d"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 27245

GET
H2 200 867ykp583ojd.php Show response
wezrad.com/w2317l129lvi0mp/0y38qh687quv/ 90 KB
27 KB 247ms
121ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wezrad.com/w2317l129lvi0mp/0y38qh687quv/867ykp583ojd.php
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 16d83770ec5d7dba2239bc276348daf2533b92fc709aa8b3cb30b63934e549d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 10:42:08 GMT
server: nginx/1.14.2
etag: "64256780-6a6d"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 27245

GET
H2 200 qvu786pyktkosmf.php Show response
wezrad.com/gb1l71129vlimp003y8qh/867/ 90 KB
27 KB 247ms
122ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wezrad.com/gb1l71129vlimp003y8qh/867/qvu786pyktkosmf.php
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 16d83770ec5d7dba2239bc276348daf2533b92fc709aa8b3cb30b63934e549d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 10:42:08 GMT
server: nginx/1.14.2
etag: "64256780-6a6d"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 27245

GET
H2 200 pykfuovy.php Show response
wezrad.com/18271l219lvim0p0y3/8qh678qvu/867/ 90 KB
27 KB 247ms
122ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wezrad.com/18271l219lvim0p0y3/8qh678qvu/867/pykfuovy.php
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 16d83770ec5d7dba2239bc276348daf2533b92fc709aa8b3cb30b63934e549d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 10:42:08 GMT
server: nginx/1.14.2
etag: "64256780-6a6d"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 27245

GET
H2 200 ivlmp030yqh8786uqv768ypkhiuy.php Show response
wezrad.com/n6v71l/219/ 90 KB
27 KB 247ms
122ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wezrad.com/n6v71l/219/ivlmp030yqh8786uqv768ypkhiuy.php
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 16d83770ec5d7dba2239bc276348daf2533b92fc709aa8b3cb30b63934e549d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 10:42:08 GMT
server: nginx/1.14.2
etag: "64256780-6a6d"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 27245

GET
H2 200 0mp30y8hq876qvu678kpylk.php Show response
wezrad.com/nd317l192vli/ 90 KB
27 KB 116ms
116ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wezrad.com/nd317l192vli/0mp30y8hq876qvu678kpylk.php
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 16d83770ec5d7dba2239bc276348daf2533b92fc709aa8b3cb30b63934e549d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 10:42:08 GMT
server: nginx/1.14.2
etag: "64256780-6a6d"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 27245

GET
H2 200 678kpy2f39.php Show response
wezrad.com/nvo71l129lvimp003yqh8/786uqv/ 90 KB
27 KB 116ms
116ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wezrad.com/nvo71l129lvimp003yqh8/786uqv/678kpy2f39.php
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 16d83770ec5d7dba2239bc276348daf2533b92fc709aa8b3cb30b63934e549d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 10:42:08 GMT
server: nginx/1.14.2
etag: "64256780-6a6d"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 27245

GET
H/1.1 200
OK logo_4.png
podelki.guru/wp-content/uploads/2020/11/ 6 KB
6 KB 41ms
41ms Image
image/png 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://podelki.guru/wp-content/uploads/2020/11/logo_4.png
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: f0e842acad1efd108872b43b8a10fe3fed030c29adf5f86af87a970799ca886f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:45:55 GMT
Last-Modified: Fri, 28 May 2021 13:59:16 GMT
Server: nginx/1.20.2
ETag: "60b0f734-16b7"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5815

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81f5a03e1b49cbe1692501481bd08328870b21f448be669a04666ae2a6c96855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 150 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d47a786c6b9e0f114e0ff0c92a8ff81d27d822447e41279494336c84560ea675

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 d9e72c4ea0aa4f78b995c0bf4241ec446d332998.js Show response
allstat-pp.ru/1007596/ 14 KB
4 KB 150ms
45ms Script
application/javascript 92.38.252.165
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://allstat-pp.ru/1007596/d9e72c4ea0aa4f78b995c0bf4241ec446d332998.js
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 92.38.252.165 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d0f0e70bd428af140fc6eb6b7d8c97e7158a4080f123c8552f12502b4e1e8ee6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
last-modified: Tue, 28 Feb 2023 07:35:37 GMT
server: nginx/1.16.1
etag: W/"63fdaec9-3785"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sdk.js Show response
push-sdk.com/f/ 51 KB
14 KB 64ms
15ms Script
application/javascript 157.90.33.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://push-sdk.com/f/sdk.js?z=861839
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub1.1push.io
Software: nginx /
Resource Hash: bc46e0b26b783ab6d41a72312ac1326e0727eb2029626b932e5aa0021883fe44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
server: nginx
content-length: 14465
content-type: application/javascript; charset=utf-8

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 213 KB
73 KB 234ms
108ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d02406cd88a47de122e1e34f06500c9fa249d0ee521af39e6906243e9f8c22a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 19 Apr 2023 15:07:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "643fd964-1237b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74619
expires: Fri, 21 Apr 2023 12:45:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 205ms
110ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31eed66625e90745ed3f3bea526dc0b896e5c85da0dc50062d4aa13510f1a201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47633
x-xss-protection: 0
server: cafe
etag: 8716964281468833333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 11:45:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 93ms
33ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-197624320-1

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4c2b49b267fd3d1759918255483b5fca6a63135efe277f1ee609dcea967b8bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61846
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 11:45:55 GMT

GET
H/1.1 200
OK lazyload.min.js Show response
podelki.guru/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 41ms
41ms Script
application/javascript 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://podelki.guru/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:45:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 10:57:10 GMT
Server: nginx/1.20.2
ETag: W/"60b0cc86-1ed2"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 59ms
15ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://podelki.guru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options: nosniff
age: 121263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 02:04:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 56ms
17ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://podelki.guru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 04:13:13 GMT
x-content-type-options: nosniff
age: 113562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 04:13:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 44ms
27ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://podelki.guru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 19:35:07 GMT
x-content-type-options: nosniff
age: 58248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 19:35:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 41ms
33ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://podelki.guru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:09:09 GMT
x-content-type-options: nosniff
age: 103006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 07:09:09 GMT

POST
H2 200 event
push-sdk.com/ 0
525 B 15ms
12ms Ping
text/plain 157.90.33.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://push-sdk.com/event?z=861839
Requested by: Host: push-sdk.com
URL: https://push-sdk.com/f/sdk.js?z=861839
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub1.1push.io
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://podelki.guru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:55 GMT
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://podelki.guru
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length: 0
expires: Tue, 11 Jan 1994 00:00:00 GMT

GET
H2 200 sync Show response
uidsync.net/ 62 B
706 B 37ms
13ms Fetch
application/json 157.90.33.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uidsync.net/sync?user_id=LlxClvOM724jPjk7G47lfh
Requested by: Host: push-sdk.com
URL: https://push-sdk.com/f/sdk.js?z=861839
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub3.1push.io
Software: nginx /
Resource Hash: 78a7110edc7b630a830a8e648bbddce08b32cb1ae499c6fef4181d7aa18f0cec

Request headers

Referer: https://podelki.guru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:55 GMT
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://podelki.guru
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length: 62
expires: Tue, 11 Jan 1994 00:00:00 GMT

OPTIONS
H2 204 sync
uidsync.net/ Frame 0
0 54ms
12ms Preflight 157.90.33.122
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uidsync.net/sync?user_id=LlxClvOM724jPjk7G47lfh
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.33.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sub3.1push.io
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://podelki.guru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://podelki.guru
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
date: Fri, 21 Apr 2023 11:45:55 GMT
expires: Tue, 11 Jan 1994 00:00:00 GMT
pragma: no-cache
server: nginx

GET
H/1.1 200
OK kartinki_s_dnem_rozhdeniya_muzhchine_2.png
podelki.guru/wp-content/uploads/2019/06/ 115 KB
115 KB 86ms
45ms Image
image/png 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://podelki.guru/wp-content/uploads/2019/06/kartinki_s_dnem_rozhdeniya_muzhchine_2.png
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 48675a80eba986528852a45b94302b3e008579b71406ea6677a1754415ce723a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:45:55 GMT
Last-Modified: Fri, 28 May 2021 10:59:17 GMT
Server: nginx/1.20.2
ETag: "60b0cd05-1cbf2"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 117746

GET
H/1.1 200
OK kak_svyazat_manishku_37.jpg
podelki.guru/wp-content/uploads/2018/12/ 122 KB
122 KB 158ms
87ms Image
image/jpeg 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://podelki.guru/wp-content/uploads/2018/12/kak_svyazat_manishku_37.jpg
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: b78eac8c0fb172a5dec93cf39fbfd108b2b3732a65c2f563cac32095d1baa6da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:45:55 GMT
Last-Modified: Fri, 28 May 2021 10:58:53 GMT
Server: nginx/1.20.2
ETag: "60b0cced-1e898"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 125080

GET
H/1.1 200
OK tajny-starogo-teatra-strashnaja-versija-1-2017-11-11.jpg
podelki.guru/wp-content/uploads/2023/04/ 73 KB
73 KB 170ms
82ms Image
image/jpeg 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://podelki.guru/wp-content/uploads/2023/04/tajny-starogo-teatra-strashnaja-versija-1-2017-11-11.jpg
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: cbf0fddb9f6970a1c7d9e8b3adf3807c29a5a1828a585bc34d7aaf6e9608641b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:45:55 GMT
Last-Modified: Sat, 15 Apr 2023 11:23:57 GMT
Server: nginx/1.20.2
ETag: "643a894d-12505"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75013

GET
H/1.1 200
OK 3d7b274d2da891f0a5d5910aebf53a6e.jpg
podelki.guru/wp-content/uploads/2023/04/ 88 KB
88 KB 134ms
83ms Image
image/jpeg 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://podelki.guru/wp-content/uploads/2023/04/3d7b274d2da891f0a5d5910aebf53a6e.jpg
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 430f4e0ad923bffd639b07349b1375ac12f4c80aa08a04069cd72b3d14c248b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:45:55 GMT
Last-Modified: Thu, 13 Apr 2023 06:57:17 GMT
Server: nginx/1.20.2
ETag: "6437a7cd-1601e"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90142

GET
H/1.1 200
OK plastikovie_konteyneri.jpg
podelki.guru/wp-content/uploads/2023/04/ 48 KB
48 KB 132ms
84ms Image
image/jpeg 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://podelki.guru/wp-content/uploads/2023/04/plastikovie_konteyneri.jpg
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 2b05eb8835ff6e97270d751e40898421aa2cbee311f6269c987473053ddc085c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:45:55 GMT
Last-Modified: Tue, 11 Apr 2023 05:19:29 GMT
Server: nginx/1.20.2
ETag: "6434ede1-c06c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49260

GET
H/1.1 200
OK teploe5.jpg
podelki.guru/wp-content/uploads/2023/04/ 76 KB
76 KB 175ms
86ms Image
image/jpeg 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://podelki.guru/wp-content/uploads/2023/04/teploe5.jpg
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: ad01397dff5457b30f5e390f24a9d12a4aa8bf6144a3a010aa31a3ba7c4723ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:45:55 GMT
Last-Modified: Mon, 10 Apr 2023 09:16:20 GMT
Server: nginx/1.20.2
ETag: "6433d3e4-12f26"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77606

GET
H/1.1 200
OK kak-vzyat-ipoteku-na-stroitelstvo-doma.png
podelki.guru/wp-content/uploads/2023/03/ 242 KB
242 KB 44ms
44ms Image
image/png 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://podelki.guru/wp-content/uploads/2023/03/kak-vzyat-ipoteku-na-stroitelstvo-doma.png
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 436a42eb8534863f40e8e684a31442a674a5af32580ae83de3ded73f360c6487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:45:55 GMT
Last-Modified: Wed, 15 Mar 2023 07:10:04 GMT
Server: nginx/1.20.2
ETag: "64116f4c-3c84b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 247883

GET
H2 200 krotder2.jpg
cleacom.ru/wp-content/uploads/2021/10/ 52 KB
52 KB 174ms
42ms Image
image/jpeg 141.8.194.191
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cleacom.ru/wp-content/uploads/2021/10/krotder2.jpg
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 141.8.194.191 , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS: rym.from.sh
Software: openresty /
Resource Hash: eae092528c8d2547c7cd42543380bc7c86bc0ccd617114c2d13e1d0c08dee4e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
last-modified: Fri, 15 Oct 2021 08:23:24 GMT
server: openresty
etag: "61693a7c-cfeb"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 53227
expires: Fri, 28 Apr 2023 11:45:55 GMT

GET
H/1.1 200
OK sensoriki-i-intuity-2-tys-izobrazhenij-najdeno-v-yandeks-kartinkah-opera.jpg
podelki.guru/wp-content/uploads/2023/02/ 58 KB
59 KB 47ms
46ms Image
image/jpeg 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://podelki.guru/wp-content/uploads/2023/02/sensoriki-i-intuity-2-tys-izobrazhenij-najdeno-v-yandeks-kartinkah-opera.jpg
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: f0c389620e914ad1faacd0308f3fe3324a9004abf10dac1c219d63d5eee107c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:45:55 GMT
Last-Modified: Mon, 13 Feb 2023 07:53:25 GMT
Server: nginx/1.20.2
ETag: "63e9ec75-e984"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59780

GET
H2 200 b2426a89b44e99dd1f6075ce3939a9b5.jpg
i1.imageban.ru/out/2022/11/16/ 34 KB
34 KB 235ms
112ms Image
image/jpeg 92.63.103.84
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.imageban.ru/out/2022/11/16/b2426a89b44e99dd1f6075ce3939a9b5.jpg
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.63.103.84 Moscow, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: i1.imageban.ru
Software: nginx/1.14.2 /
Resource Hash: 6605236e268c9a7a62527cd156d0b8286088972168c33cc1b9ec5a50a3a38303

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
last-modified: Wed, 16 Nov 2022 10:02:52 GMT
server: nginx/1.14.2
accept-ranges: bytes
etag: "6374b54c-881b"
content-length: 34843
content-type: image/jpeg

GET
H/1.1 200
OK kartina-po-nomeram-2-tys-izobrazhenij-najdeno-v-yandeks-kartinkah-opera.jpglshhshh.jpg
podelki.guru/wp-content/uploads/2023/01/ 132 KB
133 KB 47ms
47ms Image
image/jpeg 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://podelki.guru/wp-content/uploads/2023/01/kartina-po-nomeram-2-tys-izobrazhenij-najdeno-v-yandeks-kartinkah-opera.jpglshhshh.jpg
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: fd470571ef920f76ebbf40dcb2108312cba38daa20ac244b0a0b380201dd757d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:45:55 GMT
Last-Modified: Wed, 11 Jan 2023 15:04:26 GMT
Server: nginx/1.20.2
ETag: "63becffa-211be"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 135614

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/ 354 KB
119 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2151775154385927&plah=podelki.guru&bust=31074025

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0768590a72bb669643401a639f0a9685c41aad4319982342a6b20a88c43fa384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121777
x-xss-protection: 0
server: cafe
etag: 15198300683632481345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 11:45:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame C35A 10 KB
5 KB 53ms
14ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://podelki.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 23:40:46 GMT
etag: 2378337311435320485
expires: Thu, 04 May 2023 23:40:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9980.HAwOR0aejyNcz2SWtH0ibviWnVMtUVj-uzYKQOzCPv3wsV3Mpxx33y8zUMPF4iN8.Sa1YaiMHilW-XvqTiJFZ2gRXGfs%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9980.7TQF_pD3Pydvenzm_It5D0sWz1YaRlrfwfk_AUsaw_ie7sU9m_GGcPgSCJmezFrmWrLCaKmMiC5GpyOaO3XGZvzsoY8eN1Mh2zyQWtPTk3c%2C.d1NXmxw-FilQ1Ni84M8mycBWGWI%2C

43 B
67 B

68ms
67ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9980.7TQF_pD3Pydvenzm_It5D0sWz1YaRlrfwfk_AUsaw_ie7sU9m_GGcPgSCJmezFrmWrLCaKmMiC5GpyOaO3XGZvzsoY8eN1Mh2zyQWtPTk3c%2C.d1NXmxw-FilQ1Ni84M8mycBWGWI%2C

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9980.7TQF_pD3Pydvenzm_It5D0sWz1YaRlrfwfk_AUsaw_ie7sU9m_GGcPgSCJmezFrmWrLCaKmMiC5GpyOaO3XGZvzsoY8eN1Mh2zyQWtPTk3c%2C.d1NXmxw-FilQ1Ni84M8mycBWGWI%2C
date: Fri, 21 Apr 2023 11:45:55 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 58ms
56ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 19 Apr 2023 15:07:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "643fd964-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 21 Apr 2023 12:45:55 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
603 B 90ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=podelki.guru&callback=_gfp_s_&client=ca-pub-2151775154385927

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2151775154385927&plah=podelki.guru&bust=31074025

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abca467b6abf08eef3e2d84d74a5a6e2d35a75253cca280e320083dc57faf051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 121ms
25ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=podelki.guru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 66ms
22ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=podelki.guru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1BFB 502 KB
93 KB 792ms
791ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2151775154385927&output=html&adk=1812271804&adf=1573534164&lmt=1681558082&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fpodelki.guru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682077555543&bpp=8&bdt=405&idt=222&shv=r20230418&mjsv=m202304180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1208753596367&frm=20&pv=2&ga_vid=2110404728.1682077556&ga_sid=1682077556&ga_hid=1959082537&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31074025%2C44788443&oid=2&pvsid=2201762622473768&tmod=381537123&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=264

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd56c61bf37fedac57d1b16377a7200db11afdd69460753d02cf685229f0808a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://podelki.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 94990
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 11:45:56 GMT
expires: Fri, 21 Apr 2023 11:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/51191387/
Redirect Chain

https://mc.yandex.com/watch/51191387?wmode=7&page-url=https%3A%2F%2Fpodelki.guru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A337%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.com/watch/51191387/1?wmode=7&page-url=https%3A%2F%2Fpodelki.guru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A337%3Afu%3A0%3Aen%3Autf-8...

454 B
564 B

62ms
61ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/51191387/1?wmode=7&page-url=https%3A%2F%2Fpodelki.guru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A1%3Adp%3A0%3Als%3A194393816929%3Ahid%3A355027351%3Az%3A0%3Ai%3A20230421114555%3Aet%3A1682077556%3Ac%3A1%3Arn%3A1000578649%3Arqn%3A1%3Au%3A1682077556623166405%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A45%2C84%2C90%2C43%2C%2C0%2C%2C35%2C0%2C%2C%2C%2C298%3Aco%3A0%3Acpf%3A1%3Ans%3A1682077554915%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682077556%3At%3A%D0%A2%D0%B2%D0%BE%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Podelki.GURU%20-%20%D0%BC%D0%B0%D1%81%D1%82%D0%B5%D1%80-%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D1%8B%20%D0%BF%D0%BE%20%D1%80%D1%83%D0%BA%D0%BE%D0%B4%D0%B5%D0%BB%D0%B8%D1%8E%2C%20%D0%BF%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D0%BC%D1%83%2C%20%D0%B2%D1%8F%D0%B7%D0%B0%D0%BD%D0%B8%D1%8E%2C%20%D0%B2%D1%8B%D1%88%D0%B8%D0%B2%D0%BA%D0%B5%20%D0%B8%20%D0%B4%D0%B5%D0%BA%D1%83%D0%BF%D0%B0%D0%B6%D1%83&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

63312750cc83331cd518bf5288430069d753c7b50694883d3c2f19ef1afd00ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 21-Apr-2023 11:45:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://podelki.guru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 454
x-xss-protection: 1; mode=block
expires: Fri, 21-Apr-2023 11:45:55 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:55 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 21-Apr-2023 11:45:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/51191387/1?wmode=7&page-url=https%3A%2F%2Fpodelki.guru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A1%3Adp%3A0%3Als%3A194393816929%3Ahid%3A355027351%3Az%3A0%3Ai%3A20230421114555%3Aet%3A1682077556%3Ac%3A1%3Arn%3A1000578649%3Arqn%3A1%3Au%3A1682077556623166405%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A45%2C84%2C90%2C43%2C%2C0%2C%2C35%2C0%2C%2C%2C%2C298%3Aco%3A0%3Acpf%3A1%3Ans%3A1682077554915%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682077556%3At%3A%D0%A2%D0%B2%D0%BE%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Podelki.GURU%20-%20%D0%BC%D0%B0%D1%81%D1%82%D0%B5%D1%80-%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D1%8B%20%D0%BF%D0%BE%20%D1%80%D1%83%D0%BA%D0%BE%D0%B4%D0%B5%D0%BB%D0%B8%D1%8E%2C%20%D0%BF%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D0%BC%D1%83%2C%20%D0%B2%D1%8F%D0%B7%D0%B0%D0%BD%D0%B8%D1%8E%2C%20%D0%B2%D1%8B%D1%88%D0%B8%D0%B2%D0%BA%D0%B5%20%D0%B8%20%D0%B4%D0%B5%D0%BA%D1%83%D0%BF%D0%B0%D0%B6%D1%83&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://podelki.guru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 21-Apr-2023 11:45:55 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9980.horsvXvFALlCV3kdt7Ma07r_iQwzjXnyEds5pKP7fpSqZEWS3sTUdFSa-kUm8hgi.lCz0-x4CJubwsjV63ev0sX_3hJo%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9980.GUFFQ8CjiiaZMmZDnFOt_iEij5PaZLPkuGKyIKTlp0JQcnQ-q9SLTEhAiHuuNNGVJmrXgtZz5L-1IfgmvfsO8qAoNNGnjxXw4As4KyT2ypk%2C.TDlATV4C8HRTcTm5Ok...

43 B
79 B

62ms
62ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9980.GUFFQ8CjiiaZMmZDnFOt_iEij5PaZLPkuGKyIKTlp0JQcnQ-q9SLTEhAiHuuNNGVJmrXgtZz5L-1IfgmvfsO8qAoNNGnjxXw4As4KyT2ypk%2C.TDlATV4C8HRTcTm5Ok3VrreXuIs%2C

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:56 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9980.GUFFQ8CjiiaZMmZDnFOt_iEij5PaZLPkuGKyIKTlp0JQcnQ-q9SLTEhAiHuuNNGVJmrXgtZz5L-1IfgmvfsO8qAoNNGnjxXw4As4KyT2ypk%2C.TDlATV4C8HRTcTm5Ok3VrreXuIs%2C
date: Fri, 21 Apr 2023 11:45:56 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK autoptimize_845d5cf404bf5520b8532b7e6d22bfa2.js Show response
podelki.guru/wp-content/cache/autoptimize/js/ 268 KB
92 KB 45ms
44ms Script
application/javascript 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://podelki.guru/wp-content/cache/autoptimize/js/autoptimize_845d5cf404bf5520b8532b7e6d22bfa2.js
Requested by: Host: podelki.guru
URL: https://podelki.guru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 4fd09f782eb9705ef39ef7ae4fd446cf46fd5ce8488b0814193b0c2a13b1020b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:45:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Apr 2023 06:46:37 GMT
Server: nginx/1.20.2
ETag: W/"6437a54d-42e5c"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK loader.js Show response
mpsuadv.ru/lib/custom/ 1 KB
2 KB 178ms
50ms Script
application/javascript 193.176.79.47
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mpsuadv.ru/lib/custom/loader.js
Requested by: Host: podelki.guru
URL: https://podelki.guru/wp-content/cache/autoptimize/js/autoptimize_845d5cf404bf5520b8532b7e6d22bfa2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.176.79.47 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 1116e6a6f1d8d180c0a37d423c7a1aedcd9591959512b834babe428d24d428ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:45:56 GMT
Last-Modified: Tue, 03 Jan 2023 06:43:04 GMT
Server: nginx/1.20.1
ETag: "63b3ce78-542"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 1346
Expires: Fri, 21 Apr 2023 11:45:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SZEDH5859E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197624320-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5536881fa7ee1dd4ed59a4732f71710c8a1bf80a687e2a90608688a4f23dc06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73115
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 11:45:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 50ms
13ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197624320-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 10:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4691
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 21 Apr 2023 12:27:45 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 61ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SZEDH5859E&gtm=45je34j0&_p=1959082537&cid=2110404728.1682077556&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1682077556&sct=1&seg=0&dl=https%3A%2F%2Fpodelki.guru%2F&dt=%D0%A2%D0%B2%D0%BE%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Podelki.GURU%20-%20%D0%BC%D0%B0%D1%81%D1%82%D0%B5%D1%80-%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D1%8B%20%D0%BF%D0%BE%20%D1%80%D1%83%D0%BA%D0%BE%D0%B4%D0%B5%D0%BB%D0%B8%D1%8E%2C%20%D0%BF%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D0%BC%D1%83%2C%20%D0%B2%D1%8F%D0%B7%D0%B0%D0%BD%D0%B8%D1%8E%2C%20%D0%B2%D1%8B%D1%88%D0%B8%D0%B2%D0%BA%D0%B5%20%D0%B8%20%D0%B4%D0%B5%D0%BA%D1%83%D0%BF%D0%B0%D0%B6%D1%83&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SZEDH5859E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://podelki.guru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 21ms
20ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1959082537&t=pageview&_s=1&dl=https%3A%2F%2Fpodelki.guru%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B2%D0%BE%D1%80%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20Podelki.GURU%20-%20%D0%BC%D0%B0%D1%81%D1%82%D0%B5%D1%80-%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D1%8B%20%D0%BF%D0%BE%20%D1%80%D1%83%D0%BA%D0%BE%D0%B4%D0%B5%D0%BB%D0%B8%D1%8E%2C%20%D0%BF%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%BD%D1%8B%D0%B5%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D0%BC%D1%83%2C%20%D0%B2%D1%8F%D0%B7%D0%B0%D0%BD%D0%B8%D1%8E%2C%20%D0%B2%D1%8B%D1%88%D0%B8%D0%B2%D0%BA%D0%B5%20%D0%B8%20%D0%B4%D0%B5%D0%BA%D1%83%D0%BF%D0%B0%D0%B6%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=51320450&gjid=386363488&cid=2110404728.1682077556&tid=UA-197624320-1&_gid=778681467.1682077556&_r=1&gtm=457e34j0&jsscut=1&z=637761677

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://podelki.guru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://podelki.guru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 92ms
63ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230418&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

559f408b43d53e20d3321215ea3229365b6f3e302e2845503d5f1349e778459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11148
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/ 149 KB
51 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304180101/reactive_library_fy2021.js?bust=31074025

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e52f48d69f6200236c025fbf87db8964c98eaa773733961cfbbe293eecae7b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51689
x-xss-protection: 0
server: cafe
etag: 12451702072181179539
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 11:45:56 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 98ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 11:45:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 26ms
25ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=podelki.guru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 27ms
26ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=podelki.guru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame 0BA0 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://podelki.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 23:40:48 GMT
etag: 2378337311435320485
expires: Thu, 04 May 2023 23:40:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame 71DB 10 KB
4 KB 19ms
14ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://podelki.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 23:40:48 GMT
etag: 2378337311435320485
expires: Thu, 04 May 2023 23:40:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame 45D9 10 KB
4 KB 18ms
14ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://podelki.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 23:40:48 GMT
etag: 2378337311435320485
expires: Thu, 04 May 2023 23:40:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame 7446 10 KB
4 KB 16ms
13ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://podelki.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 23:40:48 GMT
etag: 2378337311435320485
expires: Thu, 04 May 2023 23:40:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 0BA0 4 KB
728 B 26ms
24ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 11:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 09:59:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 11:45:56 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0BA0 205 B
518 B 86ms
16ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 09:06:19 GMT
x-content-type-options: nosniff
age: 9577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 20 Apr 2024 09:06:19 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0BA0 604 B
694 B 87ms
16ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:36:21 GMT
x-content-type-options: nosniff
age: 575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 20 Apr 2024 11:36:21 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 0BA0 19 KB
8 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:01:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 17:01:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 71DB 6 KB
742 B 30ms
28ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 11:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 10:04:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 11:45:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 71DB 2 KB
818 B 213ms
201ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 11:45:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 71DB 21 KB
8 KB 102ms
90ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 11:45:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 71DB 3 KB
1 KB 40ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 09:24:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 09:24:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 71DB 19 KB
8 KB 38ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:45:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71DB 159 KB
49 KB 105ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 11:45:57 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 71DB 32 KB
14 KB 75ms
17ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 12:00:35 GMT

GET
H2 200 8e3adedd6f76ceb5825dd9d6f211c14b.js Show response
www.gstatic.com/mysidia/ Frame 45D9 9 KB
4 KB 69ms
14ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8e3adedd6f76ceb5825dd9d6f211c14b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3832
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 12:18:39 GMT

GET
H2 200 3948120a15a578e7f932062966c168f5.js Show response
www.gstatic.com/mysidia/ Frame 45D9 10 KB
4 KB 70ms
15ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3948120a15a578e7f932062966c168f5.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58ec48d4b2f76f2e63e163a7292d6cf6fe8daee7e4e660dce65eacea9ebf8c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4226
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 02:18:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 45D9 8 KB
966 B 35ms
29ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 11:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 09:57:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 11:45:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 45D9 2 KB
799 B 310ms
304ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 11:45:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 45D9 21 KB
8 KB 135ms
129ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 11:45:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 45D9 3 KB
1 KB 34ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 09:24:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 09:24:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 45D9 19 KB
8 KB 32ms
26ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:45:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 45D9 159 KB
49 KB 122ms
49ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 11:45:57 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 45D9 32 KB
13 KB 81ms
28ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 12:00:35 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AF01 624 B
246 B 82ms
57ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYudypzQEwAQ&v=APEucNVFW09b2aiyBKcjxmWcta2fEIGVgV_9Wmw5dTv0rk1m13OLhA0Gfu7tA-LNkmPxRAKdW22scllMdUQtJKkrPEjb6JB4HwsFEoBM84htP6MQBktR9Wc49LzOcYOdMMxeKUfPi1YdciDWtE8hixvs4z3B-naCQMO3dAgc_nUQwjUrJDArDYM

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 11:45:56 GMT
expires: Fri, 21 Apr 2023 11:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9B68 78 KB
27 KB 176ms
151ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 11:45:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 9B68 3 KB
1 KB 46ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 09:24:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 09:24:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 9B68 19 KB
8 KB 39ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:45:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B68 159 KB
49 KB 110ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 11:45:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B68 42 B
63 B 68ms
47ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBitIZACm0Cnj21Uj0QX5PqLh-pYo1MvaU9igSeyEFVZQolsG0_EexmZ-frvwbE_k_7wuVQ6pN4hkeNSTvhLMHRIdWgOqrJwaN2YHLtSPrIcBt7-0

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B68 0
20 B 69ms
47ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9421894547849804316&x=1&ct=119

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A632 13 KB
5 KB 35ms
27ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://podelki.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6498
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 09:57:38 GMT
expires: Sat, 20 Apr 2024 09:57:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 196E 783 B
1 KB 76ms
23ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1664eba73c9b71842f1f05b3376672b74444281623100582f52312b2c5aac551

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UPwuz6on9f8kvoD0_rktZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://podelki.guru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-UPwuz6on9f8kvoD0_rktZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 11:45:57 GMT
expires: Fri, 21 Apr 2023 11:45:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 8e3adedd6f76ceb5825dd9d6f211c14b.js Show response
www.gstatic.com/mysidia/ Frame 0F3D 9 KB
4 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8e3adedd6f76ceb5825dd9d6f211c14b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3832
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 12:18:39 GMT

GET
H2 200 db21ee93c23f43a69e2982ca8b00ec17.js Show response
www.gstatic.com/mysidia/ Frame 0F3D 111 KB
38 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/db21ee93c23f43a69e2982ca8b00ec17.js?tag=leadgen/new_snom_text

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2780664a467f5a5c1379d96b7cd67b18855534a17e1ec791d35f5dc51ebe10e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39133
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 02:21:20 GMT

GET
H2 200 21eb5d7c47bc016b9c33858ab468091e.js Show response
www.gstatic.com/mysidia/ Frame 0F3D 18 KB
8 KB 35ms
19ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21eb5d7c47bc016b9c33858ab468091e.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95616f34a1e85258e238c14c3aa1ca3fb74a35703e0e8eb2cb4c834a423ee697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:39:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7763
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 10:39:27 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0F3D 6 KB
968 B 39ms
29ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b4bc0dfb1e79d1bcde98a450fb5d26d83eb0af0e8ebe7c01c22c8e0afbf1dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 10:18:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 11:45:57 GMT

GET
H3 200 mdc_list_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 0F3D 27 KB
6 KB 32ms
22ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 20:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
server: cafe
etag: 4758454654811317262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 21 Apr 2023 20:19:39 GMT

GET
H3 200 mdc_menu_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 0F3D 51 KB
11 KB 97ms
88ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11146
x-xss-protection: 0
server: cafe
etag: 2759356358486721826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:45:57 GMT

GET
H3 200 mdc_menu_surface.min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 0F3D 18 KB
5 KB 99ms
89ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4739
x-xss-protection: 0
server: cafe
etag: 18373107336927916518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:45:57 GMT

GET
H3 200 mdc_select_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 0F3D 103 KB
18 KB 99ms
90ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18791
x-xss-protection: 0
server: cafe
etag: 10996637669125113147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:45:57 GMT

GET
H3 200 mdc_textfield_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 0F3D 58 KB
10 KB 25ms
16ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10107
x-xss-protection: 0
server: cafe
etag: 7588401036457704084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 22 Apr 2023 02:02:41 GMT

GET
H3 200 mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 0F3D 31 KB
3 KB 31ms
20ms Stylesheet
text/css 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 06:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3021
x-xss-protection: 0
server: cafe
etag: 18113988596513574663
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 22 Apr 2023 06:54:30 GMT

GET
H3 200 mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 0F3D 3 KB
791 B 63ms
52ms Stylesheet
text/css 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 766
x-xss-protection: 0
server: cafe
etag: 14497039402300002370
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:45:57 GMT

GET
H3 200 mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 0F3D 2 KB
636 B 65ms
55ms Stylesheet
text/css 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 611
x-xss-protection: 0
server: cafe
etag: 18268606943400439583
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:45:57 GMT

GET
H3 200 mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 0F3D 37 KB
4 KB 67ms
57ms Stylesheet
text/css 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3940
x-xss-protection: 0
server: cafe
etag: 17986137158686949241
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:45:57 GMT

GET
H3 200 mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 0F3D 51 KB
5 KB 30ms
19ms Stylesheet
text/css 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 10:54:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4595
x-xss-protection: 0
server: cafe
etag: 17552977722549843295
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 22 Apr 2023 10:54:18 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 0F3D 2 KB
765 B 138ms
127ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 11:45:57 GMT

GET
H2 200 cb349790961166df65fd283867cb26aa.js Show response
www.gstatic.com/mysidia/ Frame 0F3D 21 KB
9 KB 27ms
12ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cb349790961166df65fd283867cb26aa.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d919c65fe953b72f59d9dccc6d0ea816512e7bea96f63e17366c1fb5b6b00ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9250
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jul 2023 02:17:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 0F3D 21 KB
8 KB 68ms
58ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 11:45:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 0F3D 3 KB
1 KB 25ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 09:24:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 09:24:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 0F3D 19 KB
8 KB 25ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:45:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F3D 159 KB
49 KB 70ms
58ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 11:45:57 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AF01
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7dxepibIZ-3XX5o4tMQm4&google_cver=1

43 B
766 B

13ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7dxepibIZ-3XX5o4tMQm4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYudypzQEwAQ&v=APEucNVFW09b2aiyBKcjxmWcta2fEIGVgV_9Wmw5dTv0rk1m13OLhA0Gfu7tA-LNkmPxRAKdW22scllMdUQtJKkrPEjb6JB4HwsFEoBM84htP6MQBktR9Wc49LzOcYOdMMxeKUfPi1YdciDWtE8hixvs4z3B-naCQMO3dAgc_nUQwjUrJDArDYM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 11:45:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7dxepibIZ-3XX5o4tMQm4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AF01
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEJ3dY1Q3XgyVBDnNXk8iAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7dxepibIZ-3XX5o4tMQm4&google_cver=1

43 B
766 B

22ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7dxepibIZ-3XX5o4tMQm4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYudypzQEwAQ&v=APEucNVFW09b2aiyBKcjxmWcta2fEIGVgV_9Wmw5dTv0rk1m13OLhA0Gfu7tA-LNkmPxRAKdW22scllMdUQtJKkrPEjb6JB4HwsFEoBM84htP6MQBktR9Wc49LzOcYOdMMxeKUfPi1YdciDWtE8hixvs4z3B-naCQMO3dAgc_nUQwjUrJDArDYM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 11:45:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7dxepibIZ-3XX5o4tMQm4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame AF01
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPyftn7dWciUB24g-hFwpfs&google_cver=1

43 B
1 KB

12ms
12ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPyftn7dWciUB24g-hFwpfs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYudypzQEwAQ&v=APEucNVFW09b2aiyBKcjxmWcta2fEIGVgV_9Wmw5dTv0rk1m13OLhA0Gfu7tA-LNkmPxRAKdW22scllMdUQtJKkrPEjb6JB4HwsFEoBM84htP6MQBktR9Wc49LzOcYOdMMxeKUfPi1YdciDWtE8hixvs4z3B-naCQMO3dAgc_nUQwjUrJDArDYM

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 11:45:57 GMT
AN-X-Request-Uuid: 7ac60552-f5c4-450a-ac99-086a7b51114c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.142; 178.162.209.142; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPyftn7dWciUB24g-hFwpfs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AF01
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2NzYxNzg2ODk0NTg1MTc4NQ%3D%3D

170 B
243 B

36ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2NzYxNzg2ODk0NTg1MTc4NQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 21 Apr 2023 11:45:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.142; 178.162.209.142; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7888b3ae-0dbf-4d14-9afc-62b2296e87f3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDY2NzYxNzg2ODk0NTg1MTc4NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame A632 36 KB
14 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 14:20:58 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BFD8 143 B
166 B 23ms
14ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 10:56:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F3D 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoMCAEqCFRvd2VyQWxsCgoIAioGc2VydmVyCi4aIWRpc3BsYXlfbGVhZF9mb3JtX3F1ZXN0aW9uX251bWJlciEAAAAAAAAcQDABCg0QKyEAAAAAAIBhQDABCh8aEnJkYV90ZXh0X2xlYWRfZm9ybSEAAAAAAADwPzABEhpDUGZtMHBuenV2NENGVlFNZlFvZDQ4d0NtZyIVbGVhZGdlbi9uZXdfc25vbV90ZXh0KCw=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/21eb5d7c47bc016b9c33858ab468091e.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 196E 0
0 57ms
50ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230418&jk=2201762622473768&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B68 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2381189196954&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B68 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2381189196954&version=m202301230201&ct=119&x=1&cor=9421894547849804000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9B68 82 KB
34 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYBpNSURdKHQLXKRjkdshvLPEcw-t5Wx7GDSBOgkbWSVg4FcyXUh7a8H6QNDkzL2BUI3z__w-9oIFr5BtzMfo_ZZvqKipvNmVKHmPg1bzMGW7q8Ydm1ycGpZYk5R9QOQuJ320lAn9YVlFI3YCYOd5vZihwB4msQPa6Ypc6yfA1lg1Y1CQ&cry=1&dbm_d=AKAmf-CkfNdv169IZ0b6v6hIAXL-fBvfE7guJ1Pb0dA6VykNMV2fyBPF4Wl8X2MN2JVxHZnaUSS7GxB2WwnW5mDSIJBwvZNl4QJgWLGORwe5Hvl-9MWF9pqXPROYKaudKLkReAzw64cusDrTVRaUtMqCMS93Nn3GTuf7Bd9Uj0-yhDNiFZIULzbUdQNOLGg8KDVOAH0KooqIa-dsjYZZnvBZXolNiCamZk-40TYJDNcfkdDd9mwU1woUk2Xe65VO6W-HXeHP1oA21B2zfmhFFqkmRpYLZuJ6paRuHIOJLgc6YtBk0vX6FCHA_pmzmzNObGuBzP1DsI9Cx544__6DxSJ9p2ckKTQpI4i4lum9R_ZyNyFIGGhvQ1istxDKqv-dK72PpZk9xqtc2ms8x9v9A8tNUkUE8p7ZK_y8BjQ56lqaGmKQEVHkeJNLEP-NYY1uu2eQzQrB726zrjSCOQkYRMeyNMN_S00G49LyFTrQDFuLyTSvUZLmaACBYs_p0zCIS1wvj8pCFS9TczI4EdgtAMf7CvMRxm8wGDynRuCowqV7WhRVe_COcxnpjotkJbF9glfmPWYLEGfLSQ0gLDUR4i6yylSWUqYnJbTDEqPoPe85TRPHUzLalhuCetQnSZY2eX9MmpDMC9gzdMRoR67f4kxMRQ3k1nnGQuFhZVwP3rPyxi5EfHrP9uktUNHOMFwL_-3sDLWARp5QUpus2MEAvp4FJMl-ocJNluQnrTK-0inZWtSqBUe9r-6kcjA9CHdvZF9xBnWogvAbSgDP-cCFDcNNlFPB-YvercxF3FBRL1urIgzcYUXY1OB7kHMc7kDUbeBAB_zuRcMFQDq4n_gdsI69F2uqorWOgFCwg8Yhvyg2mq_4IATYk85FSaGnaUIcxJNSHtccrmUUqSj1RoAOf2eO09Cl1ZTbTta5JjpBeJrW5n9LEe0wH1-jq8-EE8kGGIYKke_y3H_z6vSCP9ylKPygZtkiB--fsyQfa8H-luVJBZPdLY81x-dL_J6sMJrIr4rflmqqel3Tw-0IVZ0M6iP0Y2X0wqTVmDVxncgkmilQzq607Iu2vxh1U3Lc0Us8_UuYZ5HJoyFprHfgKGxd3B6YqQsvFrXKrC3fvmCrslOpL6L40CEMO24j9Q8NReHR3yc0HAEsxPJkoDzAP2-Otukye4YrFhy8BRTo4Y6V8jLiHX2FZrBCLHIihOAeDsvSiBoBlw7KMSfiprcRM3i3BGweD0rfbf5cqgo_PSDrOwXFoU-w0V1YlAxjpPOPuGtTKAfNC1zCWdP8SftGfklmLv0l55xXj9naKVY5ZKcE7kRLlVcHeIhWlEWLu2PKk1CuHu5iKy4qLTIXQnRm1nzcm46-RiYerXRDeisv0LiUfcfhS59hYM1jgkG7Y4gYphpS2qH6eogqDLRhYp27Rv23tx5PwLwcF--Dl0wYIHxeSS7z4xeEF9DYabsZbvBbdCaSif2QFUDhjK07Yj1R-wbvOaAjpQn_qjQOLfeUuuzx89kK9TH3qa0s25JigRFfsfAgTAAOpJC4_fR-JeLHHF1tWQIPRbWAGecbMIhCu11HTl1mnaxSl-e0NWR9uekHapvZ8lLyrgaMf9FvOuzz5SxLGGYFMtNr3atQ_2lQFTMO-LK126sFgz3_ZYgT-X0JZdwa2M1LnKAR-0beeYcYxwg-i9jCTTyDnVGYzzw5pTYauWMjGbj0Xjqu2gIXfUfL4G1rP2vbzyTuS2Gu7fWtgfJy2Cs168FkCWZKLveTjhNa2NActY9QoW7t_gYFaOkyNPiJGAZUwII_npasZhkNg5iIW_XM0fzovI274k-b9GwOmHjnfC0-oyLK7oGph6cuXODCiRnGXbLWw_lcl-tqQjluaa23ihEQqONKuihOIJLGTP7Tc59raUdRFZONR-Wipz1HAtvXP7hqZZ5mjBPTKMXNXS1r0ssKGjsXE8PKRhfTzI0EYbA2H-7MCQOMWC6UPeVPgRfVH2l7WM5qQZyzOv_BXHxUhQNIgXXI_jW7Ueesr-rKKfHc8nmosEwulYWghw2upNaOOJGmsa7hu873hdAkY2xHKb_dQdkMkL3BNUgVauNR5_wkc9se6NSxEpxTWHqVrPqFcZ6vHNPB2xgujCaRsIlku7Fcxugzbu4hHi9KgKzAe3s3ExnqAvDC88R8dYbTyaMwrh-Hr9n63TjND8_Yv4p2fufNQA1NnV85EuTHt79-Mm-FgHzu3s_N0qUfDu_Vp0xQyKuoMZg8tkBzkABRXPABUnIBxPfE9DWuj8V5I3o1hTbsIltHIYD5FtvZZ4jF1auW9sE892Emmd_IRusPa1UqLJOXMmG42GSeApVR_MyST2U9ZdzgkKNnwTd2oWSmtmW9fWoec2gNCmsnXcUzVjrsaE2gaNg12AL6IqydKKEQ1pcN3VESXLpz4NkstYUs63D5o8Dipyd1MEZVvUld7wJMGq0w-PJkWN76uXRpGEM9Bxfz3IXgGgAmvinUru-19T3UnJ4uNuQBfsgIgSiwfS-3p8bIH18VwIq2-4xM7scGteeQiu9eWaGhnj7fV2UEW1_YXs_TPRhlIW_UrVAHTfiU3Wo0qODaxDf6Fpxh3AIPcMSa4bkRRqK5Ehp47g-krVxk5XDkAW01hwNu9YlbZoKtq0WurOFki8YC_9TVyExxKudtyirRSJL31PIUpHpIUmjXTyv_yiYtn7YAv8EgvHf2kyaNToBLmBbEMxvvMPjRtMf2k8_yTrH3PXf7JRh1QN0qezRVBCdQd2a1BeUQUa1bCVTTTfWF6t45HCyf-IWLq2igVveLgs_8Bj1gcxadL6wu5KReFlEE9DiuHyc5OcUBSA1nNQrQeZZvMChb3o3mEXIstdMmyPJ8oNI_yzPcL9XTs1TLld8O6yoUnzqLGt5anaHOmuDTOrlBK6L9cHQgZJssipdZUoJ9GVpJA06b1rH_yNBh32Y7g6AHMCO2GuVQspE2hS6UJdOJ9UTUaX7p4SHB1xbUI38h1ZGE9vE-_ScJ5MbASd_UpoMy3Zvuhc0jMkfKWZfPY0WLynnKimxeCJRdpeNd6HsahXVBZXVuZp0bAwL7QWUkjSTNOhPFOtaDodc6wLeLlWEtgQWuFGfM7eraxNCxcH40dvU1OXAgMAep1JRcE9VgdZ0OXZbpph0zJnMVjxQTZRZNBrluyAaBusE8b44FQW981IzqDcJGFQegUCtsaziu_4EXBV-MuQV15Xljb4lRzYdUazDij7Kc-u7bQPYR0pGfS1OlAb7y1vWhDufuBGabnsyspA4e4V_fib0qXfn_Gve38vOFpNRQhDOyUff3Rx3uQvnnRVwU3of7fl1850PBEMz5D-B8R75R7sUQYoH7pvGX8i7dZ2j4uRTFSQrrStRbR2R9vwIxHYOWPFmgVIRw3Ka4421npX3VlePQaOfwrbIQveVoJChvAZ8luOo7Qy7cmTzrBOa5ljQVByT_mye8w2zMauWVAQINjN3d2MgWlw0wEW_OtPDB1H5Dzi9UOYo&cid=CAQSGwBygQiDS2Y7qpl_Bcykeay3BoxqZyQHHmmoTBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpodelki.guru%2F&ds=l&xdt=1&iif=1&cor=9421894547849804000&adk=1726166460&idt=180&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36a51836e21cee65acbee19c15761e5ef56429e324ebf5f97ed7d9886452647f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35280
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BFD8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
30ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 11:45:57 GMT
expires: Fri, 21 Apr 2023 11:45:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 11:45:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame D26C 36 KB
14 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 14:20:58 GMT

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame E259 36 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 14:20:58 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A632 0
10 B 16ms
15ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uD9_QA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 9B68 106 KB
37 KB 82ms
13ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 09:27:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 09:27:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 9B68 11 KB
4 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYBpNSURdKHQLXKRjkdshvLPEcw-t5Wx7GDSBOgkbWSVg4FcyXUh7a8H6QNDkzL2BUI3z__w-9oIFr5BtzMfo_ZZvqKipvNmVKHmPg1bzMGW7q8Ydm1ycGpZYk5R9QOQuJ320lAn9YVlFI3YCYOd5vZihwB4msQPa6Ypc6yfA1lg1Y1CQ&cry=1&dbm_d=AKAmf-CkfNdv169IZ0b6v6hIAXL-fBvfE7guJ1Pb0dA6VykNMV2fyBPF4Wl8X2MN2JVxHZnaUSS7GxB2WwnW5mDSIJBwvZNl4QJgWLGORwe5Hvl-9MWF9pqXPROYKaudKLkReAzw64cusDrTVRaUtMqCMS93Nn3GTuf7Bd9Uj0-yhDNiFZIULzbUdQNOLGg8KDVOAH0KooqIa-dsjYZZnvBZXolNiCamZk-40TYJDNcfkdDd9mwU1woUk2Xe65VO6W-HXeHP1oA21B2zfmhFFqkmRpYLZuJ6paRuHIOJLgc6YtBk0vX6FCHA_pmzmzNObGuBzP1DsI9Cx544__6DxSJ9p2ckKTQpI4i4lum9R_ZyNyFIGGhvQ1istxDKqv-dK72PpZk9xqtc2ms8x9v9A8tNUkUE8p7ZK_y8BjQ56lqaGmKQEVHkeJNLEP-NYY1uu2eQzQrB726zrjSCOQkYRMeyNMN_S00G49LyFTrQDFuLyTSvUZLmaACBYs_p0zCIS1wvj8pCFS9TczI4EdgtAMf7CvMRxm8wGDynRuCowqV7WhRVe_COcxnpjotkJbF9glfmPWYLEGfLSQ0gLDUR4i6yylSWUqYnJbTDEqPoPe85TRPHUzLalhuCetQnSZY2eX9MmpDMC9gzdMRoR67f4kxMRQ3k1nnGQuFhZVwP3rPyxi5EfHrP9uktUNHOMFwL_-3sDLWARp5QUpus2MEAvp4FJMl-ocJNluQnrTK-0inZWtSqBUe9r-6kcjA9CHdvZF9xBnWogvAbSgDP-cCFDcNNlFPB-YvercxF3FBRL1urIgzcYUXY1OB7kHMc7kDUbeBAB_zuRcMFQDq4n_gdsI69F2uqorWOgFCwg8Yhvyg2mq_4IATYk85FSaGnaUIcxJNSHtccrmUUqSj1RoAOf2eO09Cl1ZTbTta5JjpBeJrW5n9LEe0wH1-jq8-EE8kGGIYKke_y3H_z6vSCP9ylKPygZtkiB--fsyQfa8H-luVJBZPdLY81x-dL_J6sMJrIr4rflmqqel3Tw-0IVZ0M6iP0Y2X0wqTVmDVxncgkmilQzq607Iu2vxh1U3Lc0Us8_UuYZ5HJoyFprHfgKGxd3B6YqQsvFrXKrC3fvmCrslOpL6L40CEMO24j9Q8NReHR3yc0HAEsxPJkoDzAP2-Otukye4YrFhy8BRTo4Y6V8jLiHX2FZrBCLHIihOAeDsvSiBoBlw7KMSfiprcRM3i3BGweD0rfbf5cqgo_PSDrOwXFoU-w0V1YlAxjpPOPuGtTKAfNC1zCWdP8SftGfklmLv0l55xXj9naKVY5ZKcE7kRLlVcHeIhWlEWLu2PKk1CuHu5iKy4qLTIXQnRm1nzcm46-RiYerXRDeisv0LiUfcfhS59hYM1jgkG7Y4gYphpS2qH6eogqDLRhYp27Rv23tx5PwLwcF--Dl0wYIHxeSS7z4xeEF9DYabsZbvBbdCaSif2QFUDhjK07Yj1R-wbvOaAjpQn_qjQOLfeUuuzx89kK9TH3qa0s25JigRFfsfAgTAAOpJC4_fR-JeLHHF1tWQIPRbWAGecbMIhCu11HTl1mnaxSl-e0NWR9uekHapvZ8lLyrgaMf9FvOuzz5SxLGGYFMtNr3atQ_2lQFTMO-LK126sFgz3_ZYgT-X0JZdwa2M1LnKAR-0beeYcYxwg-i9jCTTyDnVGYzzw5pTYauWMjGbj0Xjqu2gIXfUfL4G1rP2vbzyTuS2Gu7fWtgfJy2Cs168FkCWZKLveTjhNa2NActY9QoW7t_gYFaOkyNPiJGAZUwII_npasZhkNg5iIW_XM0fzovI274k-b9GwOmHjnfC0-oyLK7oGph6cuXODCiRnGXbLWw_lcl-tqQjluaa23ihEQqONKuihOIJLGTP7Tc59raUdRFZONR-Wipz1HAtvXP7hqZZ5mjBPTKMXNXS1r0ssKGjsXE8PKRhfTzI0EYbA2H-7MCQOMWC6UPeVPgRfVH2l7WM5qQZyzOv_BXHxUhQNIgXXI_jW7Ueesr-rKKfHc8nmosEwulYWghw2upNaOOJGmsa7hu873hdAkY2xHKb_dQdkMkL3BNUgVauNR5_wkc9se6NSxEpxTWHqVrPqFcZ6vHNPB2xgujCaRsIlku7Fcxugzbu4hHi9KgKzAe3s3ExnqAvDC88R8dYbTyaMwrh-Hr9n63TjND8_Yv4p2fufNQA1NnV85EuTHt79-Mm-FgHzu3s_N0qUfDu_Vp0xQyKuoMZg8tkBzkABRXPABUnIBxPfE9DWuj8V5I3o1hTbsIltHIYD5FtvZZ4jF1auW9sE892Emmd_IRusPa1UqLJOXMmG42GSeApVR_MyST2U9ZdzgkKNnwTd2oWSmtmW9fWoec2gNCmsnXcUzVjrsaE2gaNg12AL6IqydKKEQ1pcN3VESXLpz4NkstYUs63D5o8Dipyd1MEZVvUld7wJMGq0w-PJkWN76uXRpGEM9Bxfz3IXgGgAmvinUru-19T3UnJ4uNuQBfsgIgSiwfS-3p8bIH18VwIq2-4xM7scGteeQiu9eWaGhnj7fV2UEW1_YXs_TPRhlIW_UrVAHTfiU3Wo0qODaxDf6Fpxh3AIPcMSa4bkRRqK5Ehp47g-krVxk5XDkAW01hwNu9YlbZoKtq0WurOFki8YC_9TVyExxKudtyirRSJL31PIUpHpIUmjXTyv_yiYtn7YAv8EgvHf2kyaNToBLmBbEMxvvMPjRtMf2k8_yTrH3PXf7JRh1QN0qezRVBCdQd2a1BeUQUa1bCVTTTfWF6t45HCyf-IWLq2igVveLgs_8Bj1gcxadL6wu5KReFlEE9DiuHyc5OcUBSA1nNQrQeZZvMChb3o3mEXIstdMmyPJ8oNI_yzPcL9XTs1TLld8O6yoUnzqLGt5anaHOmuDTOrlBK6L9cHQgZJssipdZUoJ9GVpJA06b1rH_yNBh32Y7g6AHMCO2GuVQspE2hS6UJdOJ9UTUaX7p4SHB1xbUI38h1ZGE9vE-_ScJ5MbASd_UpoMy3Zvuhc0jMkfKWZfPY0WLynnKimxeCJRdpeNd6HsahXVBZXVuZp0bAwL7QWUkjSTNOhPFOtaDodc6wLeLlWEtgQWuFGfM7eraxNCxcH40dvU1OXAgMAep1JRcE9VgdZ0OXZbpph0zJnMVjxQTZRZNBrluyAaBusE8b44FQW981IzqDcJGFQegUCtsaziu_4EXBV-MuQV15Xljb4lRzYdUazDij7Kc-u7bQPYR0pGfS1OlAb7y1vWhDufuBGabnsyspA4e4V_fib0qXfn_Gve38vOFpNRQhDOyUff3Rx3uQvnnRVwU3of7fl1850PBEMz5D-B8R75R7sUQYoH7pvGX8i7dZ2j4uRTFSQrrStRbR2R9vwIxHYOWPFmgVIRw3Ka4421npX3VlePQaOfwrbIQveVoJChvAZ8luOo7Qy7cmTzrBOa5ljQVByT_mye8w2zMauWVAQINjN3d2MgWlw0wEW_OtPDB1H5Dzi9UOYo&cid=CAQSGwBygQiDS2Y7qpl_Bcykeay3BoxqZyQHHmmoTBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpodelki.guru%2F&ds=l&xdt=1&iif=1&cor=9421894547849804000&adk=1726166460&idt=180&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:58:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67633
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:58:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 9B68 28 KB
11 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
server: cafe
etag: 11141491900784070631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 17:53:07 GMT

GET
H3 200 Domes-728x90-banner-SLOW.html Show response
s0.2mdn.net/sadbundle/9743144358537290442/ Frame 710E 6 KB
2 KB 66ms
14ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9743144358537290442/Domes-728x90-banner-SLOW.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0dc9ab032efc5b47313f5b2c55951996f7ae2cdad2f30c73b55ca8ac17130c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 118226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2358
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:55:31 GMT
expires: Fri, 19 Apr 2024 02:55:31 GMT
last-modified: Wed, 15 Jun 2022 08:56:39 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9B68 0
0 127ms
62ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuU8EXDtiIPNMisc83ahMBstmRXb6FVa5_PkOgDmB7jkR2BJMHXbfNGg2wrVJmX0RltM4tnqhcBo2EVTxVkZzV7xIy9lAfP4jwMOj6TkTz8HmTY5im_w2fUm2gfpF86PD-p8L9vBc2F8igocYsGo84Wslkbqdkipy0lYF58WlydS2hzi6HXOl1ZMktZSZmdWAk0Rr8mOlV6Gf3nX6WIt99PvSNEigZaxWcWLaU0fgI_z1y6x8SlcPOgX0u2D3jcx-gY9EdAu0SoUZL_u_IkelZcrGk2piyjFFwswciH5JcX-7v1l-b0xV5oawdNuHHcvKzRkoCVa3Q_C9UyGGTaMz4B5KIPLUfV4xRSfxa8KmasrtrFfdXUzj3AXNfakze1fIf-4AsCh1VhFA4oVxhIOp7MOfa7guLvLabbH2ieTBFJXxsLewI7-K7SvmjtqkJAw2Pf258q0UQXFM_Bjwid1h-RXiBLRwkMxeoqvjrQG78Eev-G1hGiOoXMxUEA1L8MSL2D0xK45DAz2oEmHsKhJENYplHnDuzzsjNpyFJ_ewwwXTv0DnkR2O03ct3NwmghC5BJPfpyQuDgxGE9AVd0IBiBsh35D-l7K0SS09_fb1pxo1jk9xFhxqHiHD_cYW8LlrHnm5DIZMgyNhCcB6d3jN7Q5djQqzJfZuPIESgkDbsclpP4AD73Ps0-LAQGL3L7E0jPeKQWAmajrkVj2cs8Cd5kTEjhqqJhMW-G3aEpRdLokkRR3adSHAx9U3G7B1YkjHRPbePSKSjaBBMt0TN3MuGtma2ZG2UzxasUz-kY6qPvelZrnsrfb5H02rfkAhZvKDRzPwiBPkEX_HIMiS9nP5RnYuZmELL2-e4jCoalCwsLRjxZ0OoyxsKCPE20rjCVaUxuHRucGGu0P10EjRYEiGlnj90FInEHTNQtLK3FXk0QIqdK1xc5iUK2RgbrIO5ewaIMBriaGQAhBkELXsZNAc-ozCWbsQXou6ggZ0wFXQySYQzFFF6w5OFO99UVCUEwSj4e76jZpQFy0X5JvFWRAO_T-Z1a-l25RCxh9saDBsB-Q_u53BBnI-TWmZmpR1doUOYSif-G6gf6MLmaL9Ji-aimo3lkc9Oq_NChiMQegBmopgpj2vnQd0WlSmiGB4z1yPaHcBjggkojHOEzAg8mwA-rVJcinBJVo5nTTHy26EANEASv7h3M1XciBXEaAIg6bg&sai=AMfl-YRC3EX9veLJ8ieYlWeyLyjpyfRVt7y7XnMP2_jcNsOQ4hme-35TT0rOycafrjEROfrh4k8ZgPxycNGwGOdK0dq8zCC2SDWL5A7FmCiDj3ih_qdDzWUW_E8R6YJGNbDd0xPC4AFCQjvBoIhbGRUlLgc_YPinX7ys2EktbTriC8xh7ZkgXCc&sig=Cg0ArKJSzDEMbvtKL8p0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=240&cbvp=1&cstd=231&cisv=r20230418.49514&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 11:45:57 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 21 Apr 2023 11:45:57 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9B68 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 23:50:01 GMT

GET
DATA 200
OK truncated
/ Frame 9B68 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a312e404dd296381b906999cef622ce0bdfd54828a5d14bcd4acacc6fc75e29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 03F2 22 KB
8 KB 14ms
14ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 121396
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:02:41 GMT
expires: Fri, 19 Apr 2024 02:02:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js Show response
pagead2.googlesyndication.com/bg/ Frame 03F2 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 14:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 14:20:58 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 710E 236 KB
63 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9743144358537290442/Domes-728x90-banner-SLOW.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9743144358537290442/Domes-728x90-banner-SLOW.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 11:45:57 GMT

GET
H3 200 Domes-728x90-banner-SLOW.js Show response
s0.2mdn.net/sadbundle/9743144358537290442/ Frame 710E 178 KB
35 KB 15ms
15ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9743144358537290442/Domes-728x90-banner-SLOW.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9743144358537290442/Domes-728x90-banner-SLOW.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fee8dc6f9dc5097c408f4664c08f7c3ebf9098fb953a6248a4a5e6a65a16fb6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9743144358537290442/Domes-728x90-banner-SLOW.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 04:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113659
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36182
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 08:56:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 04:11:38 GMT

GET
H3 200 Domes_728x90_banner_SLOW_atlas_1.jpg
s0.2mdn.net/sadbundle/9743144358537290442/images/ Frame 710E 2 MB
2 MB 33ms
32ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9743144358537290442/images/Domes_728x90_banner_SLOW_atlas_1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c344dad1c8e15367cb6202f9e8ad4edbb93e007f96bc26ff69121f27b2a25a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9743144358537290442/Domes-728x90-banner-SLOW.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:16:53 GMT
x-content-type-options: nosniff
age: 124144
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2227781
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 08:56:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 01:16:53 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9B68 0
0 55ms
54ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuU8EXDtiIPNMisc83ahMBstmRXb6FVa5_PkOgDmB7jkR2BJMHXbfNGg2wrVJmX0RltM4tnqhcBo2EVTxVkZzV7xIy9lAfP4jwMOj6TkTz8HmTY5im_w2fUm2gfpF86PD-p8L9vBc2F8igocYsGo84Wslkbqdkipy0lYF58WlydS2hzi6HXOl1ZMktZSZmdWAk0Rr8mOlV6Gf3nX6WIt99PvSNEigZaxWcWLaU0fgI_z1y6x8SlcPOgX0u2D3jcx-gY9EdAu0SoUZL_u_IkelZcrGk2piyjFFwswciH5JcX-7v1l-b0xV5oawdNuHHcvKzRkoCVa3Q_C9UyGGTaMz4B5KIPLUfV4xRSfxa8KmasrtrFfdXUzj3AXNfakze1fIf-4AsCh1VhFA4oVxhIOp7MOfa7guLvLabbH2ieTBFJXxsLewI7-K7SvmjtqkJAw2Pf258q0UQXFM_Bjwid1h-RXiBLRwkMxeoqvjrQG78Eev-G1hGiOoXMxUEA1L8MSL2D0xK45DAz2oEmHsKhJENYplHnDuzzsjNpyFJ_ewwwXTv0DnkR2O03ct3NwmghC5BJPfpyQuDgxGE9AVd0IBiBsh35D-l7K0SS09_fb1pxo1jk9xFhxqHiHD_cYW8LlrHnm5DIZMgyNhCcB6d3jN7Q5djQqzJfZuPIESgkDbsclpP4AD73Ps0-LAQGL3L7E0jPeKQWAmajrkVj2cs8Cd5kTEjhqqJhMW-G3aEpRdLokkRR3adSHAx9U3G7B1YkjHRPbePSKSjaBBMt0TN3MuGtma2ZG2UzxasUz-kY6qPvelZrnsrfb5H02rfkAhZvKDRzPwiBPkEX_HIMiS9nP5RnYuZmELL2-e4jCoalCwsLRjxZ0OoyxsKCPE20rjCVaUxuHRucGGu0P10EjRYEiGlnj90FInEHTNQtLK3FXk0QIqdK1xc5iUK2RgbrIO5ewaIMBriaGQAhBkELXsZNAc-ozCWbsQXou6ggZ0wFXQySYQzFFF6w5OFO99UVCUEwSj4e76jZpQFy0X5JvFWRAO_T-Z1a-l25RCxh9saDBsB-Q_u53BBnI-TWmZmpR1doUOYSif-G6gf6MLmaL9Ji-aimo3lkc9Oq_NChiMQegBmopgpj2vnQd0WlSmiGB4z1yPaHcBjggkojHOEzAg8mwA-rVJcinBJVo5nTTHy26EANEASv7h3M1XciBXEaAIg6bg&sai=AMfl-YRC3EX9veLJ8ieYlWeyLyjpyfRVt7y7XnMP2_jcNsOQ4hme-35TT0rOycafrjEROfrh4k8ZgPxycNGwGOdK0dq8zCC2SDWL5A7FmCiDj3ih_qdDzWUW_E8R6YJGNbDd0xPC4AFCQjvBoIhbGRUlLgc_YPinX7ys2EktbTriC8xh7ZkgXCc&sig=Cg0ArKJSzDEMbvtKL8p0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=390&vt=11&dtpt=150&dett=3&cstd=231&cisv=r20230418.49514&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: podelki.guru
URL: https://podelki.guru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 11:45:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 11:45:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 03F2 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKC0hdXdCZNuVEofY3gO4kK6YBwAAAAA4AeAEAg&bg=!Y2ClYDTNAAYfNdXmPzU7ADkAdvg8Wgnumee95NpKNKOT-e4dxKFjUofGWQajnzvZ0uzJcKOM34dLjrAv9JQfwdLCC_8DTYIQTTQCAAAAeVIAAAADaAEHmQMgL_mwSS5HB2rJQvH237TL8oMdR7Xt3OdqvuaM0n5mKgWbV0Iz8L8atvH-G9wTgt15jG4tm-XPwxd4QCKQVWRyL_qwa68DspWOHAmXR2TeSni_AwmktA4bN8akVU8tNA6vTXnK-YWjPvDqAOamy-mCQys47nVzIfCFTfSUsux9OzMWcK1CYoxkTGtCNNg7svv3YGRwBC8r8sw10shhX2KgLhXMRuCfScEKP1-kHh8TxZvk2lGu5y-aw-RhfSIkhKSk7xsvGaZI1xUIaehHMpHzXlfJiLtLxU4XlLRNp3LqdPe7MP5qLHIPZZDlCJJEJvwyfDZQCIlpFXC38ixTubFP_5HskYOTUjygdZ1XSQIuS7wqlR40YCYmpCvpT34NRkr1EbQg1s_GV1w4UpubpZxuoQWuqeuVpvSw_vRNvzYfyZ1n9tFQy_hXXNAUTjjvCBVPB29jTY-Dj_6hL_UoE740W4svgCobWT4w3usH1nWKdJCzG5g3Mr9iKQTBGI-nc1_4tQSMylsMD0TJwj7-FTkcuYAquFUFFi1mt5UCwCr4H-dEuRzlJWXLc-oy0gRgExssoRaEPx-Q7F9uIkRfdM830hUiTWmfsJ9nEJ1YK7e0as8hJKFpl-mubQKnNruw67QHMuz5hmK-bwYdd-vFZ4sFGgQIMLBKVLKMVdkW9RHx-5FYGGkoGGuihHPtxGAr8LDuZ_RACyoWHEeO6VZn3Y4kplV6Z1-KN4ycyKVww5-OYstTzgYg02rfHzDQyvUPefv-ZSvwLRHUCLX-hAS03xRTPsMoPZQjUDB2tat-2mkobXkj2zm4HDAzH_qEN_f4A1ZfWcHUN3rvcE3jiVv0hX7iUXrcfOnKtO6zp9YUJogKYCLO9hM1OF7RmYUGTC2t1dyFI5LZXfG1cLwFZ4uL27VH8snu5BmNe81-jqDScPdnu22bHDLKGqXId2Q-UA51CcGgHL2dQosPhHkTiVpobUZi7DefLLlOm910kDW3HFc3xoOym-c0rqjJWd-MM7l7p6a12lgL3VmJBuz5j0sNbjj3TofZ8-n8xu8Og8kmPmO86Vo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
52ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230418&jk=2201762622473768&bg=!VlWlVQHNAAYfNdXmPzU7ADkAdvg8WuJT_hKqoco1_4mYLVehNePHVHTmnDBqIJmM2Cnh2vcbmKglkuDv0LfdIx-XtsKDHk1SOYMCAAABrlIAAAACaAEHCgCNc-Xf-95yuzS0728bYrAZN2SQAaWG1mtvV06AyXeK10cpAwOpOWrHiUyXjjmuNObg3bBYS9UVb0ktGKcxjLfhL-P2yolXLGTDnCc_Zn9BsxwimS8fWJSvLx48gJ1X1WbhSsOjtQMPSyQqjqShyYfMLlSowacQjEMSJ8627E3l5V_kd3r0syG6ge-Cq7AImQLXYmSpK34RvxSIbb4F9-qAwDCfotcFrJQ8LDkcpPCOFKmLqs1Gjj0RibUfjkShu5xmKpbDNTora7bGulXjdVdYm4i-hfVYrvFyrhfWp7qyDjWdAtJkD9nUF3WEyotjnU6GW5ifEFihbkLkSvE6_tkZhp6TKhtZwgWVorVIyYN-YLL427fkt2N0aX9CJ5eYe8Hl78xFK4gpWF5l5A0AESkYRyFoalLNctaH3IxPTbsgbBdBgKjn8tzDfeUZIajgBDi9fwc3cXiKyu3CPkvlpret_uLoCijSSSBOZT9opVIJUvJ3yJjbZSNaRhGc7wKISL8Zg2OUNOLflDXPCUg61ZY3QDx2gGA1Jf30SKvQytXChHDd-8fAKnZHVDxq4JNuZS1KLGHKmOKxaHcQA1cOg6jGcLCMkTD1K4nr0KLf02BVaINKXbiU0PsmgCX_ctFgtryseJTHnoZRrgG8TegsIrFxFScP8r0EZ2rZS4cfJxZseXYLtkk8Faj7-XwWAtpzI-Q-UnquAcVf2u3PVGXpKgA6i8GVYhK6vNHrbJsZC827Zw19FvjVNlD9p5gwV0E-jSapUSPW-B23cwjAB8VJM8akOfH47OweRZO76FDLazccGkkPWb_JhQ0mGneK73jsE9__hgICs0Zl3tSb2viJiponJm4XnDP434CTNcovfWlUpX_kw-_iPEzxvCPL0dw-CtmknnXOAkVNhS9ekOTyLyh4Ibu_k0MAhGqQ83bpdBieyqt4oLiiv3FyCeov_B1jHEEX4PfBd8zg1JfpL9iyeJmNZkuRLFIyC52tx5fO-s_Nug2SiTJuSNt0ujnz5GZ4gqeMfr2heNiZzUQb1kd177SW6KBZegkQl1xHDiVVCjELPlchL2dzQpdyNyvo7Hk_2bCLKNde4pJ--FRZjR3f5Ezat5MjW5Kkz02HAUeE-ratb9Vbg9lp2qD1J0EXKoveg2VM9hr_RW61Iw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B68 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUi2zFnn8ChQyyf01T1vJvVUCC6SOK1Q4MI6qGR7k9z2ObYSHKI77n0CZ2-rkod1L0FFr0Rih8zlY-BJXaHS_DHZ0WbLN6M4cQu8vBglwIdX_G_XVskfkGYbBF&sai=AMfl-YQtNrW3Lg7GHqt7T2tY78RD-WI9DvlvudNqe2CGO_RN76gQdjnB0JYRZHIpW8TumLRW13CbRkQdydw5&sig=Cg0ArKJSzKr6-dZt-q-FEAE&cid=CAQSGwBygQiDS2Y7qpl_Bcykeay3BoxqZyQHHmmoTBgB&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=849,1001,1001,1001,1001&tos=849,152,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682077556923&rpt=704&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B68 0
28 B 48ms
47ms Ping
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2381189196954&version=m202301230201&ct=119&x=1&cor=9421894547849804000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 51191387 Show response
mc.yandex.com/webvisor/ 43 B
73 B 691ms
73ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/51191387?wmode=0&wv-part=1&wv-hit=355027351&page-url=https%3A%2F%2Fpodelki.guru%2F&rn=464303156&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1682077559%3Aw%3A1600x1200%3Av%3A1025%3Az%3A0%3Ai%3A20230421114558%3Au%3A1682077556623166405%3Avf%3Aihb4q796484i93c2xtzqhr%3Ast%3A1682077559&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://podelki.guru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:59 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 21-Apr-2023 11:45:59 GMT
content-type: image/gif
access-control-allow-origin: https://podelki.guru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 21-Apr-2023 11:45:59 GMT

POST
H2 200 51191387 Show response
mc.yandex.com/webvisor/ 43 B
145 B 71ms
57ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/51191387?wmode=0&wv-part=1&wv-hit=355027351&page-url=https%3A%2F%2Fpodelki.guru%2F&rn=270215786&wv-type=3&browser-info=we%3A1%3Aet%3A1682077559%3Aw%3A1600x1200%3Av%3A1025%3Az%3A0%3Ai%3A20230421114559%3Au%3A1682077556623166405%3Avf%3Aihb4q796484i93c2xtzqhr%3Ast%3A1682077559&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://podelki.guru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:45:59 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 21-Apr-2023 11:45:59 GMT
content-type: image/gif
access-control-allow-origin: https://podelki.guru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 21-Apr-2023 11:45:59 GMT

POST
H2 200 51191387 Show response
mc.yandex.com/webvisor/ 43 B
145 B 59ms
58ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/51191387?wmode=0&wv-part=2&wv-hit=355027351&page-url=https%3A%2F%2Fpodelki.guru%2F&rn=88840595&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1682077560%3Aw%3A1600x1200%3Av%3A1025%3Az%3A0%3Ai%3A20230421114600%3Au%3A1682077556623166405%3Avf%3Aihb4q796484i93c2xtzqhr%3Ast%3A1682077560&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://podelki.guru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:46:00 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 21-Apr-2023 11:46:00 GMT
content-type: image/gif
access-control-allow-origin: https://podelki.guru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 21-Apr-2023 11:46:00 GMT

GET
H/1.1 200
OK vyazanye_kombinezony_dlya_novorozhdennyh_19.jpg
podelki.guru/wp-content/uploads/2018/12/ 127 KB
127 KB 87ms
86ms Image
image/jpeg 2a03:f480:1:f::d1
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://podelki.guru/wp-content/uploads/2018/12/vyazanye_kombinezony_dlya_novorozhdennyh_19.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:f::d1 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: a4d036bdb2c47ecb488700634464063a5b79df6c44e05085cf404379ca7881a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://podelki.guru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 11:46:01 GMT
Last-Modified: Fri, 28 May 2021 10:59:09 GMT
Server: nginx/1.20.2
ETag: "60b0ccfd-1fc18"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 130072

POST
H2 200 51191387 Show response
mc.yandex.com/webvisor/ 43 B
145 B 62ms
60ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/51191387?wmode=0&wv-part=3&wv-hit=355027351&page-url=https%3A%2F%2Fpodelki.guru%2F&rn=61110353&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1682077562%3Aw%3A1600x1200%3Av%3A1025%3Az%3A0%3Ai%3A20230421114602%3Au%3A1682077556623166405%3Avf%3Aihb4q796484i93c2xtzqhr%3Ast%3A1682077562&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://podelki.guru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 11:46:02 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 21-Apr-2023 11:46:02 GMT
content-type: image/gif
access-control-allow-origin: https://podelki.guru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 21-Apr-2023 11:46:02 GMT

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.podelki.guru/	1970-01-20 11:16:03	Name: surfer_uuid Value: 94f9f5a0-991d-4ab1-81dc-8dbe15c53ee5
.podelki.guru/	1969-12-31 23:59:59	Name: la_page_depth Value: %7B%22last%22%3A%22https%3A%2F%2Fpodelki.guru%2F%22%2C%22depth%22%3A1%7D
.podelki.guru/	1969-12-31 23:59:59	Name: page_load_uuid Value: c68ebbdb-8ede-413a-bdb2-26ecda056d8c
uidsync.net/	1970-01-20 20:00:13	Name: rauid Value: LlxClvOM724jPjk7G47lfh
.podelki.guru/	1970-01-20 20:00:13	Name: _ym_uid Value: 1682077556623166405
.podelki.guru/	1970-01-20 20:00:13	Name: _ym_d Value: 1682077556
.mc.yandex.com/	1970-01-20 11:14:38	Name: sync_cookie_csrf Value: 266782693fake
.podelki.guru/	1970-01-20 11:15:49	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 11:14:38	Name: sync_cookie_csrf Value: 1880898308fake
.podelki.guru/	1970-01-20 20:36:13	Name: __gads Value: ID=2a9254f0ba952534-223080b9a6dd0046:T=1682077555:RT=1682077555:S=ALNI_Mb_J-1EF6dbXfy9HZZrvh1LJdUp2w
.podelki.guru/	1970-01-20 20:36:13	Name: __gpi Value: UID=00000bedff4922ad:T=1682077555:RT=1682077555:S=ALNI_Ma22RS4hmiYVCvzSl3iUkgmykrQgA
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1009755331682077555
.yandex.com/	1970-01-20 20:50:37	Name: i Value: SQE7eo4QipOJX5xsJs1LLdfJLh097bCLoj5Q8hGrSzylaA7v+wyLVC66cEKMS65im/yKvshe5Oh9AA0UEtD+ywuJTT4=
.yandex.com/	1970-01-20 20:50:37	Name: yandexuid Value: 8815479501682077555
.yandex.com/	1970-01-20 20:00:13	Name: yuidss Value: 8815479501682077555
.yandex.com/	1970-01-20 20:00:13	Name: ymex Value: 1713613555.yc.1682077555#1713613555.yrts.1682077555#1713613555.yrtsi.1682077555
.yandex.com/	1970-01-20 20:00:13	Name: bh Value: KgI/MA==
.podelki.guru/	1970-01-20 20:50:37	Name: _ga_SZEDH5859E Value: GS1.1.1682077556.1.0.1682077556.0.0.0
podelki.guru/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect
.podelki.guru/	1970-01-20 20:50:37	Name: _ga Value: GA1.2.2110404728.1682077556
.podelki.guru/	1970-01-20 11:16:03	Name: _gid Value: GA1.2.778681467.1682077556
.podelki.guru/	1970-01-20 11:14:37	Name: _gat_gtag_UA_197624320_1 Value: 1
.podelki.guru/	1970-01-20 11:14:39	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 20:36:13	Name: IDE Value: AHWqTUl5Yw6bb_-M84qyblE7FUmpwJiCqp2ch7EWIlRYfaPaIIq_RTe9tkb16nwZ
.adnxs.com/	1970-01-20 13:24:13	Name: uuid2 Value: 4667617868945851785
.casalemedia.com/	1970-01-20 20:00:13	Name: CMID Value: ZEJ3dY1Q3XgyVBDnNXk8iAAA
.casalemedia.com/	1970-01-20 13:24:13	Name: CMPS Value: 3240
.casalemedia.com/	1970-01-20 13:24:13	Name: CMPRO Value: 3240
.adnxs.com/	1970-01-20 13:24:13	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In<rh8XX!]tbPl1M>e)ZlrFUfJ+tGXvWBEUm_xKyRA'EzPtY<a2jtBFwQ@_/#y<WZz/KbpRzqF1`ba-$L+9s
.doubleclick.net/	1970-01-20 11:14:41	Name: DSID Value: NO_DATA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://podelki.guru/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-2151775154385927&fa=3&ifi=3&uci=a!3&btvi=1&xpc=Zz5heN0A1E&p=https%3A//podelki.guru Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-2151775154385927&fa=4&ifi=4&uci=a!4&btvi=2&xpc=yYmbGI1Yv2&p=https%3A//podelki.guru Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
allstat-pp.ru
cleacom.ru
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i1.imageban.ru
ib.adnxs.com
mc.yandex.com
mc.yandex.ru
mpsuadv.ru
pagead2.googlesyndication.com
partner.googleadservices.com
podelki.guru
push-sdk.com
region1.google-analytics.com
s0.2mdn.net
tpc.googlesyndication.com
uidsync.net
wezrad.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
zslhmw.com
141.8.194.191
142.250.184.194
142.250.186.66
157.90.33.122
157.90.33.68
185.80.39.216
193.176.79.47
2001:4860:4802:32::36
2a00:1450:4001:800::2002
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:806::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a02:6b8::1:119
2a03:f480:1:f::d1
37.252.171.149
62.76.25.28
92.38.252.165
92.63.103.84
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
0768590a72bb669643401a639f0a9685c41aad4319982342a6b20a88c43fa384
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1116e6a6f1d8d180c0a37d423c7a1aedcd9591959512b834babe428d24d428ce
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
1664eba73c9b71842f1f05b3376672b74444281623100582f52312b2c5aac551
16d83770ec5d7dba2239bc276348daf2533b92fc709aa8b3cb30b63934e549d8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
2780664a467f5a5c1379d96b7cd67b18855534a17e1ec791d35f5dc51ebe10e1
2a312e404dd296381b906999cef622ce0bdfd54828a5d14bcd4acacc6fc75e29
2b05eb8835ff6e97270d751e40898421aa2cbee311f6269c987473053ddc085c
2b4bc0dfb1e79d1bcde98a450fb5d26d83eb0af0e8ebe7c01c22c8e0afbf1dfd
2c4d07ef6b10d43982fc1ed3da53841453fb0fef0f43ae5be639ee956b2286b9
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31eed66625e90745ed3f3bea526dc0b896e5c85da0dc50062d4aa13510f1a201
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
36a51836e21cee65acbee19c15761e5ef56429e324ebf5f97ed7d9886452647f
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
430f4e0ad923bffd639b07349b1375ac12f4c80aa08a04069cd72b3d14c248b1
436a42eb8534863f40e8e684a31442a674a5af32580ae83de3ded73f360c6487
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
48675a80eba986528852a45b94302b3e008579b71406ea6677a1754415ce723a
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fd09f782eb9705ef39ef7ae4fd446cf46fd5ce8488b0814193b0c2a13b1020b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5536881fa7ee1dd4ed59a4732f71710c8a1bf80a687e2a90608688a4f23dc06e
559f408b43d53e20d3321215ea3229365b6f3e302e2845503d5f1349e778459d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
58ec48d4b2f76f2e63e163a7292d6cf6fe8daee7e4e660dce65eacea9ebf8c3a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63312750cc83331cd518bf5288430069d753c7b50694883d3c2f19ef1afd00ca
6605236e268c9a7a62527cd156d0b8286088972168c33cc1b9ec5a50a3a38303
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
78a7110edc7b630a830a8e648bbddce08b32cb1ae499c6fef4181d7aa18f0cec
81f5a03e1b49cbe1692501481bd08328870b21f448be669a04666ae2a6c96855
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
95616f34a1e85258e238c14c3aa1ca3fb74a35703e0e8eb2cb4c834a423ee697
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d036bdb2c47ecb488700634464063a5b79df6c44e05085cf404379ca7881a6
a866ac73d4abbc18f90614d28e39899b140abf5e0a7b93b8afc88dcd8ab00f20
abca467b6abf08eef3e2d84d74a5a6e2d35a75253cca280e320083dc57faf051
ad01397dff5457b30f5e390f24a9d12a4aa8bf6144a3a010aa31a3ba7c4723ac
af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453
b0dc9ab032efc5b47313f5b2c55951996f7ae2cdad2f30c73b55ca8ac17130c3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b78eac8c0fb172a5dec93cf39fbfd108b2b3732a65c2f563cac32095d1baa6da
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc46e0b26b783ab6d41a72312ac1326e0727eb2029626b932e5aa0021883fe44
c344dad1c8e15367cb6202f9e8ad4edbb93e007f96bc26ff69121f27b2a25a18
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbf0fddb9f6970a1c7d9e8b3adf3807c29a5a1828a585bc34d7aaf6e9608641b
d02406cd88a47de122e1e34f06500c9fa249d0ee521af39e6906243e9f8c22a7
d0f0e70bd428af140fc6eb6b7d8c97e7158a4080f123c8552f12502b4e1e8ee6
d47a786c6b9e0f114e0ff0c92a8ff81d27d822447e41279494336c84560ea675
d919c65fe953b72f59d9dccc6d0ea816512e7bea96f63e17366c1fb5b6b00ef0
dd56c61bf37fedac57d1b16377a7200db11afdd69460753d02cf685229f0808a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4c2b49b267fd3d1759918255483b5fca6a63135efe277f1ee609dcea967b8bf
e52f48d69f6200236c025fbf87db8964c98eaa773733961cfbbe293eecae7b65
eae092528c8d2547c7cd42543380bc7c86bc0ccd617114c2d13e1d0c08dee4e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c389620e914ad1faacd0308f3fe3324a9004abf10dac1c219d63d5eee107c5
f0e842acad1efd108872b43b8a10fe3fed030c29adf5f86af87a970799ca886f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
fd470571ef920f76ebbf40dcb2108312cba38daa20ac244b0a0b380201dd757d
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76
fee8dc6f9dc5097c408f4664c08f7c3ebf9098fb953a6248a4a5e6a65a16fb6a

podelki.guru Open in urlscan Pro 2a03:f480:1:f::d1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

146 Requests

95 %HTTPS

58 %IPv6

24 Domains

30 Subdomains

27 IPs

5 Countries

5134 kBTransfer

9142 kBSize

30 Cookies

0 Outgoing links

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

podelki.guru Open in urlscan Pro
2a03:f480:1:f::d1 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

95 %
HTTPS

58 %
IPv6

24
Domains

30
Subdomains

27
IPs

5
Countries

5134 kB
Transfer

9142 kB
Size

30
Cookies

146 HTTP transactions
4 data transactions