URL: https://www.rueportal.eu/
Submission: On November 25 via api from CA — Scanned from CA

Summary

This website contacted 19 IPs in 2 countries across 15 domains to perform 71 HTTP transactions. The main IP is 185.129.138.218, located in Prague, Czech Republic and belongs to INTERNET-CZ INTERNET CZ, a.s., CZ. The main domain is www.rueportal.eu.
TLS certificate: Issued by Actalis Domain Validation Server CA G3 on October 16th 2024. Valid for: a year.
This is the only time www.rueportal.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
20 google.com
cse.google.com — Cisco Umbrella Rank: 3364
www.google.com — Cisco Umbrella Rank: 3
clients1.google.com — Cisco Umbrella Rank: 510
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
238 KB
12 rueportal.eu
www.rueportal.eu
poezija.rueportal.eu
294 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
282 KB
6 gstatic.com
fonts.gstatic.com
67 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
348 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
56 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
1 vystoupit.eu
www.vystoupit.eu
18 KB
0 zing.cz Failed
zing.cz Failed
0 maxcdn.com Failed
twemoji.maxcdn.com Failed
71 15
Domain Requested by
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
11 www.rueportal.eu www.rueportal.eu
cdnjs.cloudflare.com
7 pagead2.googlesyndication.com www.rueportal.eu
pagead2.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 www.google.com cse.google.com
www.google.com
ep2.adtrafficquality.google
3 www.google-analytics.com www.googletagmanager.com
3 cse.google.com www.rueportal.eu
www.google.com
3 www.googletagmanager.com www.rueportal.eu
www.googletagmanager.com
3 fonts.googleapis.com www.rueportal.eu
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 connect.facebook.net www.rueportal.eu
connect.facebook.net
2 cdnjs.cloudflare.com www.rueportal.eu
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 www.facebook.com connect.facebook.net
1 clients1.google.com www.rueportal.eu
1 www.vystoupit.eu www.rueportal.eu
1 poezija.rueportal.eu www.rueportal.eu
0 zing.cz Failed www.rueportal.eu
0 twemoji.maxcdn.com Failed www.rueportal.eu
71 20
Subject Issuer Validity Valid
*.rueportal.eu
Actalis Domain Validation Server CA G3
2024-10-16 -
2025-11-06
a year crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-03 -
2024-12-02
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
www.vystoupit.eu
R10
2024-11-17 -
2025-02-15
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
adtrafficquality.google
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.rueportal.eu/
Frame ID: 4DA7EBE6EF5885472545EADD65C4D8B2
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 2EFD417E27571B6A10ADF2CE2AC2CB16
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7522156808141891&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1707906989&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.rueportal.eu%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732527492403&bpp=30&bdt=1748&idt=264&shv=r20241120&mjsv=m202411180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8178362492976&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088580%2C31088728%2C95347444%2C31089091%2C95345967%2C95347756&oid=2&pvsid=3663428809452054&tmod=1749319516&uas=0&nvt=1&fsapi=1&fc=1920&brdim=410%2C410%2C410%2C410%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=316
Frame ID: 39341B4A855A8AC3214640990DE276A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7522156808141891&output=html&h=600&slotname=5664246215&adk=4287848452&adf=1232500795&pi=t.ma~as.5664246215&w=300&abgtt=6&fwrn=4&fwrnh=100&lmt=1707906989&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.rueportal.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732527492433&bpp=3&bdt=1778&idt=333&shv=r20241120&mjsv=m202411180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=8178362492976&frm=20&pv=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1135&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088580%2C31088728%2C95347444%2C31089091%2C95345967%2C95347756&oid=2&pvsid=3663428809452054&tmod=1749319516&uas=0&nvt=1&fc=1920&brdim=410%2C410%2C410%2C410%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=346
Frame ID: C38F72AE78608241772F177EACDA9ABE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 59CAC454C220EE7A0527FF7FF2A35983
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 1DCDBD43297A8BED5300C5CBFA0471E5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6cb01553326ae2c0%26domain%3Dwww.rueportal.eu%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rueportal.eu%252Ff25f8716fca1ecaa1%26relation%3Dparent.parent&container_width=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Frueportal%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=500
Frame ID: 6407BB77EEB904426E1D737F34754852
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: B947D4DEC2CE4F64FE764C1326F3DB5F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 59E2C5BEE503C85D9A28E73C19284C77
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Перидня хыжа | rueportal — карпаторусинськый інтернетовый портал

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

96 %
HTTPS

50 %
IPv6

15
Domains

20
Subdomains

19
IPs

2
Countries

1400 kB
Transfer

3579 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://www.zing.cz/wp-content/uploads/2020/09/Minecraft-6.jpg HTTP 301
  • https://zing.cz/wp-content/uploads/2020/09/Minecraft-6.jpg

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.rueportal.eu/
21 KB
5 KB
Document
General
Full URL
https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.138.218 Prague, Czech Republic, ASN24806 (INTERNET-CZ INTERNET CZ, a.s., CZ),
Reverse DNS
218.138.forpsi.net
Software
aruba-proxy /
Resource Hash
e4fb5fa6b052c0b5f00f310d1b6d387e77c55de656c4cf73ea5ec21c576927d8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 25 Nov 2024 09:38:10 GMT
last-modified
Wed, 14 Feb 2024 10:36:29 GMT
server
aruba-proxy
vary
Accept-Encoding
x-servername
ipvsproxy003
css2
fonts.googleapis.com/
8 KB
867 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;700&display=swap
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07ffe99bbad6a01eefc554124b34927e60911ed74c21b5bb4e7361ddfc4e2845
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:38:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:10 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 25 Nov 2024 09:19:40 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Source+Serif+Pro:wght@300;400;700&display=swap
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
354426f8ac76a3cc9bc67dc4a82e2b117a03632a57b3689a536e99c49fa47734
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:38:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:10 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 25 Nov 2024 09:38:10 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
twemoji.min.js
twemoji.maxcdn.com/v/latest/
0
0

jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb09ed3-15d84"
age
212677
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GmHCg8kfMhkw9EKOxPWAZIUzRHUSfV6J1ewMMMk7q9wArMQYwrDYDwzZbPeg7kf%2FhnnVIiSVQqw9lqHS%2F%2BQEQH7xaTOfcaVq3bUtBmXK3CPlxAxCzmEnwn0CmZ%2FU1%2B2a9lVQq8wG0QEZeAG%2Bo4FOJbnG"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 09:38:10 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 09:38:10 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 23:01:39 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e80aa110dc233ee-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
27958
server
cloudflare
main.css
www.rueportal.eu/assets/
115 KB
18 KB
Stylesheet
General
Full URL
https://www.rueportal.eu/assets/main.css
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.138.218 Prague, Czech Republic, ASN24806 (INTERNET-CZ INTERNET CZ, a.s., CZ),
Reverse DNS
218.138.forpsi.net
Software
aruba-proxy /
Resource Hash
822499fc127d1927be575e386fd350aa1dc59be0156602f19027a6fd33331344

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

x-servername
ipvsproxy003
content-encoding
gzip
date
Mon, 25 Nov 2024 09:38:10 GMT
content-type
text/css
vary
Accept-Encoding
server
aruba-proxy
last-modified
Fri, 15 Mar 2024 18:23:47 GMT
glightbox.min.css
www.rueportal.eu/assets/plugins/
13 KB
3 KB
Stylesheet
General
Full URL
https://www.rueportal.eu/assets/plugins/glightbox.min.css
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.138.218 Prague, Czech Republic, ASN24806 (INTERNET-CZ INTERNET CZ, a.s., CZ),
Reverse DNS
218.138.forpsi.net
Software
aruba-proxy /
Resource Hash
6d3f62d4d17969f9c70e9438cf671004725019e868123f2ebc295a006f8d5d2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

x-servername
ipvsproxy003
content-encoding
gzip
date
Mon, 25 Nov 2024 09:38:10 GMT
content-type
text/css
vary
Accept-Encoding
server
aruba-proxy
last-modified
Fri, 18 Nov 2022 15:54:50 GMT
glightbox.min.js
www.rueportal.eu/assets/plugins/
55 KB
55 KB
Script
General
Full URL
https://www.rueportal.eu/assets/plugins/glightbox.min.js
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.138.218 Prague, Czech Republic, ASN24806 (INTERNET-CZ INTERNET CZ, a.s., CZ),
Reverse DNS
218.138.forpsi.net
Software
aruba-proxy /
Resource Hash
03dfe1fbce92a9f17fcd1a1501213bd820d050ab085c338419ab06a3631c9459

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

accept-ranges
bytes
content-length
55880
x-servername
ipvsproxy003
date
Mon, 25 Nov 2024 09:38:10 GMT
content-type
text/javascript
last-modified
Fri, 18 Nov 2022 15:54:50 GMT
server
aruba-proxy
js
www.googletagmanager.com/gtag/
392 KB
129 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TJ26XSS17Z
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69538f4bf4125ad09f109be64df62d2285f412c87ba7565626694845206bbac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 09:38:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
131394
x-xss-protection
0
server
Google Tag Manager
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.rueportal.eu
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"603e8adc-15d9d"
age
358832
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBXKDBNpHka%2FAUSaBRec8JCMMDPXk%2B4dt%2B033gatNKxZUR19t8CItPawEt4bTPh8GsAWBMIuak6GAjh1wStPTf2FfKfi%2FNsmBAkLKkZ2Ex81SE7PRFJuvGhPDJXBJE%2FVQvHQEXKliKMQnWQ17nI2DWkf"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 09:38:10 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 09:38:10 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e80aa110a407154-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
27938
server
cloudflare
sdk.js
connect.facebook.net/en_EN/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_EN/sdk.js
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
da05f4e7d05050a06aec7acb69ad641ee7c20e9a31e7fbe0b701d6a62f7ae1eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.rueportal.eu
Referer
https://www.rueportal.eu/

Response headers

content-md5
20iFeAii/oc3BkF6o1evHA==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"55ff580b513f96ffdca32efef65b8f2a"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:48:42 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
2386b6ebe405af58c1d1e0394dbc5bde
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4608, tp=12, tpl=0, uplat=2, ullat=-1
x-fb-debug
O1eiPifpc2CRYPYF/w2yTmsvfLyyNCvjyOXFk7F4HrkAEoERmtf+rLPMaWLJUz5lffXRWR7p+KdmfxoKOGZ/QA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1688
origin-agent-cluster
?1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
159 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7522156808141891
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
ab49c64412f95629e2c9941a0439ddb84dcb95fe5a71a14ca04e6e373a5d0d3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.rueportal.eu
Referer
https://www.rueportal.eu/

Response headers

content-encoding
br
etag
9677523186024115117
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:38:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53969
x-xss-protection
0
server
cafe
cse.js
cse.google.com/
6 KB
3 KB
Script
General
Full URL
https://cse.google.com/cse.js?cx=ac2e573d92168fb4b
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
409f8a34b54580aa53977248a21c785f7879c3168411449426010050db2c5724
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-bDbb0Dgeki28rF4InJDuCw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-bDbb0Dgeki28rF4InJDuCw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
content-encoding
br
accept-ch
Save-Data, Downlink, ECT, RTT, Device-Memory, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2587
date
Mon, 25 Nov 2024 09:38:12 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
gws
x-frame-options
SAMEORIGIN
cse.js
cse.google.com/
9 KB
4 KB
Script
General
Full URL
https://cse.google.com/cse.js?cx=9c4b41c459154a2d7
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
a2f9a68b346a104f028d3c4e511c849b9aef6cd784066ff8c10f6aab6bc97f5e
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-a0PfkbS_UWUW4ztvRE_PIg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-a0PfkbS_UWUW4ztvRE_PIg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
content-encoding
br
accept-ch
Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3162
date
Mon, 25 Nov 2024 09:38:12 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
gws
x-frame-options
SAMEORIGIN
Minecraft-6.jpg
zing.cz/wp-content/uploads/2020/09/
Redirect Chain
  • https://www.zing.cz/wp-content/uploads/2020/09/Minecraft-6.jpg
  • https://zing.cz/wp-content/uploads/2020/09/Minecraft-6.jpg
0
0

kazky.jpg
www.rueportal.eu/assets/img/
49 KB
50 KB
Image
General
Full URL
https://www.rueportal.eu/assets/img/kazky.jpg
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.138.218 Prague, Czech Republic, ASN24806 (INTERNET-CZ INTERNET CZ, a.s., CZ),
Reverse DNS
218.138.forpsi.net
Software
aruba-proxy /
Resource Hash
57da410e548b39479fef3ff2c52d0a6bc3d75c6d1a7446aac7a3b475e080fb87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

accept-ranges
bytes
content-length
50584
x-servername
ipvsproxy003
date
Mon, 25 Nov 2024 09:38:10 GMT
content-type
image/jpeg
last-modified
Mon, 10 Apr 2023 16:14:34 GMT
server
aruba-proxy
og.png
poezija.rueportal.eu/build/img/
29 KB
29 KB
Image
General
Full URL
https://poezija.rueportal.eu/build/img/og.png
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.138.218 Prague, Czech Republic, ASN24806 (INTERNET-CZ INTERNET CZ, a.s., CZ),
Reverse DNS
218.138.forpsi.net
Software
aruba-proxy /
Resource Hash
f73d3a597c2e4509d990a3ce7c90753cb46fa1925dc04906f9a04f4f3553003a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

accept-ranges
bytes
content-length
29979
x-servername
ipvsproxy003
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
image/png
last-modified
Tue, 28 Nov 2023 15:03:37 GMT
server
aruba-proxy
vincovana.jpg
www.rueportal.eu/assets/img/
86 KB
86 KB
Image
General
Full URL
https://www.rueportal.eu/assets/img/vincovana.jpg
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.138.218 Prague, Czech Republic, ASN24806 (INTERNET-CZ INTERNET CZ, a.s., CZ),
Reverse DNS
218.138.forpsi.net
Software
aruba-proxy /
Resource Hash
6c4ff7e1dfcf0cc2255336816653ca49d1f9bf0a4d134d0398f1a198f493e508

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

accept-ranges
bytes
content-length
87619
x-servername
ipvsproxy003
date
Mon, 25 Nov 2024 09:38:11 GMT
content-type
image/jpeg
last-modified
Mon, 10 Apr 2023 16:18:03 GMT
server
aruba-proxy
telegram.jpg
www.vystoupit.eu/wp-content/uploads/2019/08/
18 KB
18 KB
Image
General
Full URL
https://www.vystoupit.eu/wp-content/uploads/2019/08/telegram.jpg
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1ab0:7e1e:151:62:109:155:9 , Czech Republic, ASN29134 (IGNUM-AS Webglobe, s.r.o., CZ),
Reverse DNS
Software
nginx /
Resource Hash
8e3c819487a6e9e905ac25d650a847a837f498e154bc45eac4c8f964541c3296

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

etag
"4781-5927674cde4c0"
accept-ranges
bytes
content-length
18305
date
Mon, 25 Nov 2024 09:38:12 GMT
x-vhost-debug
147de7bf0def51b157018a7b805dbda65bcce881cba651bb2a80c29e42d078f3
content-type
image/jpeg
last-modified
Fri, 13 Sep 2019 22:05:47 GMT
server
nginx
vary
User-Agent
ukr.png
www.rueportal.eu/assets/img/
3 KB
3 KB
Image
General
Full URL
https://www.rueportal.eu/assets/img/ukr.png
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.138.218 Prague, Czech Republic, ASN24806 (INTERNET-CZ INTERNET CZ, a.s., CZ),
Reverse DNS
218.138.forpsi.net
Software
aruba-proxy /
Resource Hash
ed9a0c3d1f25c98fd3513d1183334b7c9009f4c42d4246bc8fd201a89e9c7ea0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

accept-ranges
bytes
content-length
2641
x-servername
ipvsproxy003
date
Mon, 25 Nov 2024 09:38:11 GMT
content-type
image/png
last-modified
Mon, 25 Jul 2022 19:45:51 GMT
server
aruba-proxy
fyisa.png
www.rueportal.eu/assets/img/
33 KB
33 KB
Image
General
Full URL
https://www.rueportal.eu/assets/img/fyisa.png
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.138.218 Prague, Czech Republic, ASN24806 (INTERNET-CZ INTERNET CZ, a.s., CZ),
Reverse DNS
218.138.forpsi.net
Software
aruba-proxy /
Resource Hash
f29ed851a3bd757aadf06769b0cc74879ad6d71d38e53a8d2534c82fcef37027

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

accept-ranges
bytes
content-length
33306
x-servername
ipvsproxy003
date
Mon, 25 Nov 2024 09:38:11 GMT
content-type
image/png
last-modified
Sat, 13 Aug 2022 11:49:50 GMT
server
aruba-proxy
main.js
www.rueportal.eu/assets/js/
6 KB
6 KB
Script
General
Full URL
https://www.rueportal.eu/assets/js/main.js
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.138.218 Prague, Czech Republic, ASN24806 (INTERNET-CZ INTERNET CZ, a.s., CZ),
Reverse DNS
218.138.forpsi.net
Software
aruba-proxy /
Resource Hash
01992ace98576aeb2a894a4ffa79105bb7d421863ea024ee743025c74ecea844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

accept-ranges
bytes
content-length
6184
x-servername
ipvsproxy003
date
Mon, 25 Nov 2024 09:38:11 GMT
content-type
text/javascript
last-modified
Fri, 15 Mar 2024 18:23:28 GMT
server
aruba-proxy
css2
fonts.googleapis.com/
7 KB
832 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@300;400;600&display=swap
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/assets/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f82b7c3a250806ae9a87012775bfc65983c95af0463fa892d34192eaed487042
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:38:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:11 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 25 Nov 2024 09:38:11 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.rueportal.eu
Referer
https://fonts.googleapis.com/

Response headers

age
308921
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:49:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 19:49:31 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14892
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.rueportal.eu
Referer
https://fonts.googleapis.com/

Response headers

age
262159
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 08:48:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 08:48:53 GMT
last-modified
Thu, 01 Jun 2023 22:52:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14780
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
2a775d512b714a32d68031e6553e4afadfa75617b30c5f98ed08efde1b21e6b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.rueportal.eu
Referer
https://fonts.googleapis.com/

Response headers

age
307381
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 20:15:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 20:15:11 GMT
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7860
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.rueportal.eu
Referer
https://fonts.googleapis.com/

Response headers

age
308491
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:56:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 19:56:41 GMT
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14712
x-xss-protection
0
server
sffe
6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
c73c9d2639ee4ecc555040bb05de136847ae936b885925b56972549ccfe16a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.rueportal.eu
Referer
https://fonts.googleapis.com/

Response headers

age
309197
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:44:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 19:44:55 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7972
x-xss-protection
0
server
sffe
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwkxduz8A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
d670592315205835c6c155eaa76a7bc61e48ef962d390b537be52ae1f7b62dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.rueportal.eu
Referer
https://fonts.googleapis.com/

Response headers

age
259246
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 09:37:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 09:37:26 GMT
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7912
x-xss-protection
0
server
sffe
daily.php
www.rueportal.eu/ajax/
1 KB
836 B
XHR
General
Full URL
https://www.rueportal.eu/ajax/daily.php
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.138.218 Prague, Czech Republic, ASN24806 (INTERNET-CZ INTERNET CZ, a.s., CZ),
Reverse DNS
218.138.forpsi.net
Software
aruba-proxy /
Resource Hash
3544b18c6ae20d9768eed4ace6199d0fc9907deca235f827a877d21ba5456c1a

Request headers

Referer
https://www.rueportal.eu/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01

Response headers

x-servername
ipvsproxy003
content-encoding
gzip
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
aruba-proxy
sdk.js
connect.facebook.net/en_US/
248 KB
73 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=12df1459359e3d806946069e73f2afaf
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
ed961beb3115b842ff7204a8f5bbc834f32363a79223802272897be70abd8033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.rueportal.eu
Referer
https://www.rueportal.eu/

Response headers

content-md5
nUqJqdvTjdG5Fdc/i/SIAg==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"9af2e13ccb554e3cbd4924f6f9a5ddb3"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Tue, 25 Nov 2025 08:41:18 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
ff43c6b9fd025758992d715c261f88df
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=26, mss=1232, tbw=8432, tp=17, tpl=0, uplat=2, ullat=-1
x-fb-debug
lLAQTv+/SWG8VsYF9eqILBIPt0/IyiAR+w5OE6rNdJZyzEpB41MnzBc4fvTPL7oC+6oDr2+LrNRJtUAozC0S1A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
75123
origin-agent-cluster
?1
cse_element__en.js
www.google.com/cse/static/element/8fa85d58e016b414/
286 KB
94 KB
Script
General
Full URL
https://www.google.com/cse/static/element/8fa85d58e016b414/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=ac2e573d92168fb4b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f4.1e100.net
Software
sffe /
Resource Hash
d480de66b420ea6afb356fe87de6fe62f5cbbd08662f077ff2edae95a2b900df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
gzip
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:38:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Wed, 12 Jun 2024 21:33:21 GMT
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
95840
x-xss-protection
0
server
sffe
default+en.css
www.google.com/cse/static/element/8fa85d58e016b414/
41 KB
9 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/element/8fa85d58e016b414/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=ac2e573d92168fb4b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f4.1e100.net
Software
sffe /
Resource Hash
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
gzip
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:38:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Wed, 12 Jun 2024 21:33:21 GMT
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
9068
x-xss-protection
0
server
sffe
default.css
www.google.com/cse/static/style/look/v4/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=ac2e573d92168fb4b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f4.1e100.net
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
gzip
age
2425
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:47:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 08:57:47 GMT
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
1345
x-xss-protection
0
server
sffe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/
434 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089091&osttc=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7522156808141891
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
1d61a156460cb17325d19f72849c42264ada0f671bc61386f91ad8110820e09a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
br
etag
15765015510261837076
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:38:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147429
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/
242 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4P1PWQMV5Z&l=dataLayer&cx=c&gtm=45je4bk0v879450747za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJ26XSS17Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9447ca11a2f1f8fcfd178e3d8032efee8f6500f5f4caac96bbfab09a5ab35cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 09:38:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89774
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
406 KB
131 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WH21HEZSK2&l=dataLayer&cx=c&gtm=45je4bk0v879450747za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJ26XSS17Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e323b895aeb3fbc1bef9ad67db575507302206c8502ae6ff23e6119113d99fab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 25 Nov 2024 09:38:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134076
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TJ26XSS17Z&gtm=45je4bk0v879450747za200&_p=1732527491894&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=810015260.1732527493&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732527492&sct=1&seg=0&dl=https%3A%2F%2Fwww.rueportal.eu%2F&dt=%D0%9F%D0%B5%D1%80%D0%B8%D0%B4%D0%BD%D1%8F%20%D1%85%D1%8B%D0%B6%D0%B0%20%7C%20rueportal%20%E2%80%94%20%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D0%BE%D1%80%D1%83%D1%81%D0%B8%D0%BD%D1%81%D1%8C%D0%BA%D1%8B%D0%B9%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=9273
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJ26XSS17Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.rueportal.eu
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
text/plain
server
Golfe2
async-ads.js
cse.google.com/adsense/search/
146 KB
53 KB
Script
General
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/8fa85d58e016b414/cse_element__en.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49c5399c1bcf56caf23f47bd1801681c85e51e9aac0e6d9c324ffabea1ea22d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
gzip
etag
"3695740269991252204"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:38:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
x-xss-protection
0
server
sffe
clear.png
www.google.com/cse/static/css/v2/
1018 B
1 KB
Image
General
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/8fa85d58e016b414/default+en.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f4.1e100.net
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.google.com/cse/static/element/8fa85d58e016b414/default+en.css

Response headers

age
296875
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 23:10:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 23:10:17 GMT
last-modified
Mon, 25 May 2020 08:30:00 GMT
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
1018
x-xss-protection
0
server
sffe
generate_204
clients1.google.com/
0
117 B
Image
General
Full URL
https://clients1.google.com/generate_204
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 25 Nov 2024 09:38:12 GMT
cross-origin-resource-policy
cross-origin
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame 2EFD
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089091&osttc=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rueportal.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
1062
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 09:20:30 GMT
etag
17661348622971093804
expires
Mon, 09 Dec 2024 09:20:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 09:38:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
googleads.g.doubleclick.net/pagead/ Frame 3934
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7522156808141891&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1707906989&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.rueportal.eu%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732527492403&bpp=30&bdt=1748&idt=264&shv=r20241120&mjsv=m202411180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8178362492976&frm=20&pv=2&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088580%2C31088728%2C95347444%2C31089091%2C95345967%2C95347756&oid=2&pvsid=3663428809452054&tmod=1749319516&uas=0&nvt=1&fsapi=1&fc=1920&brdim=410%2C410%2C410%2C410%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=316
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089091&osttc=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rueportal.eu/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45596
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 09:38:13 GMT
expires
Mon, 25 Nov 2024 09:38:13 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C38F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7522156808141891&output=html&h=600&slotname=5664246215&adk=4287848452&adf=1232500795&pi=t.ma~as.5664246215&w=300&abgtt=6&fwrn=4&fwrnh=100&lmt=1707906989&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.rueportal.eu%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732527492433&bpp=3&bdt=1778&idt=333&shv=r20241120&mjsv=m202411180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=8178362492976&frm=20&pv=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1135&ady=422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088580%2C31088728%2C95347444%2C31089091%2C95345967%2C95347756&oid=2&pvsid=3663428809452054&tmod=1749319516&uas=0&nvt=1&fc=1920&brdim=410%2C410%2C410%2C410%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=346
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089091&osttc=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rueportal.eu/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
12044
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 09:38:13 GMT
expires
Mon, 25 Nov 2024 09:38:13 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-4P1PWQMV5Z&gtm=45je4bk0z8879450747za200zb879450747&_p=1732527491894&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=810015260.1732527493&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1732527492&sct=1&seg=0&dl=https%3A%2F%2Fwww.rueportal.eu%2F&dt=%D0%9F%D0%B5%D1%80%D0%B8%D0%B4%D0%BD%D1%8F%20%D1%85%D1%8B%D0%B6%D0%B0%20%7C%20rueportal%20%E2%80%94%20%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D0%BE%D1%80%D1%83%D1%81%D0%B8%D0%BD%D1%81%D1%8C%D0%BA%D1%8B%D0%B9%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&en=page_view&_fv=1&_ss=1&tfd=9516
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4P1PWQMV5Z&l=dataLayer&cx=c&gtm=45je4bk0v879450747za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.rueportal.eu
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WH21HEZSK2&gtm=45je4bk0v9189321462z8879450747za200zb879450747&_p=1732527491894&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=810015260.1732527493&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1732527492&sct=1&seg=0&dl=https%3A%2F%2Fwww.rueportal.eu%2F&dt=%D0%9F%D0%B5%D1%80%D0%B8%D0%B4%D0%BD%D1%8F%20%D1%85%D1%8B%D0%B6%D0%B0%20%7C%20rueportal%20%E2%80%94%20%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D0%BE%D1%80%D1%83%D1%81%D0%B8%D0%BD%D1%81%D1%8C%D0%BA%D1%8B%D0%B9%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&en=page_view&_fv=1&_ss=1&tfd=9609
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WH21HEZSK2&l=dataLayer&cx=c&gtm=45je4bk0v879450747za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.174 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.rueportal.eu
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:12 GMT
content-type
text/plain
server
Golfe2
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/
178 KB
59 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/reactive_library_fy2021.js?bust=31089091&osttc=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089091&osttc=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
6e149bac17567301612f3572c058018c47d3f66af2bc1260b92be2b88c7d7811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
br
etag
2490061336774767439
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:38:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 09:38:13 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
60563
x-xss-protection
0
server
cafe
ca-pub-7522156808141891
fundingchoicesmessages.google.com/i/
196 KB
65 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7522156808141891?href=https%3A%2F%2Fwww.rueportal.eu&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089091&osttc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af4e2cc0ea3f82612bee7302abd263a2d78679c6db0f80cf35f4e7fd9715e9d3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-xMwYbgIphHqNmOxIxv0vgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:13 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0pBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0C4ttNV1gfAzHD1yusHEAsxMPR2j1xF5vAiV033zMqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGlrqGRjGFxgAAD05Qec"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-xMwYbgIphHqNmOxIxv0vgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=31088580%2C31088728%2C95347444%2C31089091%2C95345967%2C95347756&hl=uk&pvc=3663428809452054
Requested by
Host: www.rueportal.eu
URL: https://www.rueportal.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 25 Nov 2024 09:38:13 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089091&osttc=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.rueportal.eu/

Response headers

AGSKWxVjXUlosVo6_ex4rQPOj3ZSMRNMrdzE6-_P_3NqY2rDImFtI1dcUdSZCEqivkIoIQvOU600Hwb777Ja1S3FWNd_rSj-kWLP8eXKqXTJscm8eFOgHsjKZUb06szE1dQvYeIjnM5fAw==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVjXUlosVo6_ex4rQPOj3ZSMRNMrdzE6-_P_3NqY2rDImFtI1dcUdSZCEqivkIoIQvOU600Hwb777Ja1S3FWNd_rSj-kWLP8eXKqXTJscm8eFOgHsjKZUb06szE1dQvYeIjnM5fAw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNTI3NDkzLDk0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cucnVlcG9ydGFsLmV1LyIsbnVsbCxbWzgsIjl6NWtkZHRLZlVvIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
003f864863eb2999440dcb2f0d5c5762d2660a4cda2139a61a054c843c508d4a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xQH1bDolbF0nSgTeEyzGZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:13 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0pBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDPOH-ZdQEQF0lcYW0C4ttNV1gfAzHD1yusHEAsxMPR2j1xF5tAw4eft5mVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDS31DAzjCwwAN1tB2w"
content-security-policy
script-src 'report-sample' 'nonce-xQH1bDolbF0nSgTeEyzGZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame 59CA
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089091&osttc=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rueportal.eu/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
1062
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 09:20:30 GMT
etag
17661348622971093804
expires
Mon, 09 Dec 2024 09:20:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame 1DCD
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089091&osttc=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rueportal.eu/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
1062
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 09:20:30 GMT
etag
17661348622971093804
expires
Mon, 09 Dec 2024 09:20:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVbNxdw64xKqn_YUzNQMe1Ejkn89UlBTNhhGZUdHbuqFHQ541iw7M6i0gJ2QPo4NrRyqX1G9rVnzGw0U8RVDOMEKm-NYodEGwHzBpFo-EUWLHQ3PUtBDjymH_1Jxz3ljw0ynkx5DQ==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVbNxdw64xKqn_YUzNQMe1Ejkn89UlBTNhhGZUdHbuqFHQ541iw7M6i0gJ2QPo4NrRyqX1G9rVnzGw0U8RVDOMEKm-NYodEGwHzBpFo-EUWLHQ3PUtBDjymH_1Jxz3ljw0ynkx5DQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNTI3NDk0LDEyODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LnJ1ZXBvcnRhbC5ldS8iLG51bGwsW1s4LCI5ejVrZGR0S2ZVbyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
ESF /
Resource Hash
c50cc9518b86d3256fbac184735fd0122b09e97a3a4879c05fd5063d33f0dd17
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WCOlWFwtOFduPFVNV5kS1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:14 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1pBiOHHrNtMFIJb4-pJJA4id0mewBgFx681zrFOBOOnfedYiIDZUuMTqCMJFl1g9gVi15xKrKRDfX3eJ9TkQzzh_mXUBEBdJXGFtAuLbTVdYHwMxw9crrBxALMTN0dY9cRebwI8190OUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDS31DAzjCwwAEXNGeg"
content-security-policy
script-src 'report-sample' 'nonce-WCOlWFwtOFduPFVNV5kS1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AdvertisingIsPresent6
fundingchoicesmessages.google.com/f/AGSKWxWI_2spdgQ7lpCIcnEiTyZOZXXNUiekuB8vksWror6hyyjypGjp0vnVhBb8QarQnGlw-xLA09766JW1ja3DvatZ0J-R14aqRKhnc0GtuDKSAymLmVn57g9lmVOuU6UmSdXTRp7I47Zii6QygMPTdr3068Xz-...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWI_2spdgQ7lpCIcnEiTyZOZXXNUiekuB8vksWror6hyyjypGjp0vnVhBb8QarQnGlw-xLA09766JW1ja3DvatZ0J-R14aqRKhnc0GtuDKSAymLmVn57g9lmVOuU6UmSdXTRp7I47Zii6QygMPTdr3068Xz-O6khwl3BY8D6UJgdS1yfVINr6MEC2dc/_/AdsRotateNEWHeader./AdvertisingIsPresent6?/ads-sticker2.-ad/embed.?ad_number=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwlEc_sVMli9kpRqcR6cJANtpBcPQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
ESF /
Resource Hash
3e99ac4a7d683baf5b9b4da979427b96b4c983e367fa560aa0dc5967a3a42dcf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cwxvV7Gq7k87gjqUi4RO7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:14 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0ZBiOHnrNtNFIJb4-pJJA4id0mewBgFx681zrFOBOOnfedYiIDZUuMTqCMJFl1g9gVi15xKrKRDfX3eJ9TkQzzh_mXUBEBdJXGFtAuLbTVdYHwMxw9crrBxALMTD0dY9cRebwIbl1w8zK2kk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYGhpa6hkYxhcYAABU4Uaj"
content-security-policy
script-src 'report-sample' 'nonce-cwxvV7Gq7k87gjqUi4RO7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
rum.js
pagead2.googlesyndication.com/pagead/js/
71 KB
26 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwlEc_sVMli9kpRqcR6cJANtpBcPQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
f0b745f08fdd0c8abd0610409973433e28c288cce88fdceeb9093808a5ee937c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
br
etag
8757421547421411085
age
339
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 10:32:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 25 Nov 2024 09:32:35 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
26318
x-xss-protection
0
server
cafe
AGSKWxXLY1ZBzWB4BJIFY1T4UXhbjyXD5gEdRiR0vZuiKD2tDjtiWn1zZ2GSJ-t5F5-TUW0D65XPKoqDsRB5RigFJ3LoDkPG9WRaf5-9LuiQQb9cbAg2JvzoC8MzXcw6qcYefOexEKYG2g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXLY1ZBzWB4BJIFY1T4UXhbjyXD5gEdRiR0vZuiKD2tDjtiWn1zZ2GSJ-t5F5-TUW0D65XPKoqDsRB5RigFJ3LoDkPG9WRaf5-9LuiQQb9cbAg2JvzoC8MzXcw6qcYefOexEKYG2g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pDuvlTbOnPJq4es1KX1k4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.rueportal.eu/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:15 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBicEqfwRoExAxfr7ByALEQF0d798RdbAI_LtUpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0NLPQPT-AIDALcpJTs"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pDuvlTbOnPJq4es1KX1k4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.rueportal.eu
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXLY1ZBzWB4BJIFY1T4UXhbjyXD5gEdRiR0vZuiKD2tDjtiWn1zZ2GSJ-t5F5-TUW0D65XPKoqDsRB5RigFJ3LoDkPG9WRaf5-9LuiQQb9cbAg2JvzoC8MzXcw6qcYefOexEKYG2g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXLY1ZBzWB4BJIFY1T4UXhbjyXD5gEdRiR0vZuiKD2tDjtiWn1zZ2GSJ-t5F5-TUW0D65XPKoqDsRB5RigFJ3LoDkPG9WRaf5-9LuiQQb9cbAg2JvzoC8MzXcw6qcYefOexEKYG2g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_MYQ4kTHr0pYldDTQgtckQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.rueportal.eu/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:15 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0gDi9BmsQUDM8PUKKwcQC3FztHdP3MUm0NDyT1rJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGlrqGZjGFxgAALLuJQk"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_MYQ4kTHr0pYldDTQgtckQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.rueportal.eu
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXLY1ZBzWB4BJIFY1T4UXhbjyXD5gEdRiR0vZuiKD2tDjtiWn1zZ2GSJ-t5F5-TUW0D65XPKoqDsRB5RigFJ3LoDkPG9WRaf5-9LuiQQb9cbAg2JvzoC8MzXcw6qcYefOexEKYG2g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXLY1ZBzWB4BJIFY1T4UXhbjyXD5gEdRiR0vZuiKD2tDjtiWn1zZ2GSJ-t5F5-TUW0D65XPKoqDsRB5RigFJ3LoDkPG9WRaf5-9LuiQQb9cbAg2JvzoC8MzXcw6qcYefOexEKYG2g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7ublCLz05o6Qc9aOQq0p2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.rueportal.eu/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:15 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0pBicEqfwRoExAxfr7ByALEQN0d798RdbAIPtvVrKrkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQ0NDSz0D0_gCAwDICiVK"
content-security-policy
script-src 'report-sample' 'nonce-7ublCLz05o6Qc9aOQq0p2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.rueportal.eu
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXLY1ZBzWB4BJIFY1T4UXhbjyXD5gEdRiR0vZuiKD2tDjtiWn1zZ2GSJ-t5F5-TUW0D65XPKoqDsRB5RigFJ3LoDkPG9WRaf5-9LuiQQb9cbAg2JvzoC8MzXcw6qcYefOexEKYG2g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXLY1ZBzWB4BJIFY1T4UXhbjyXD5gEdRiR0vZuiKD2tDjtiWn1zZ2GSJ-t5F5-TUW0D65XPKoqDsRB5RigFJ3LoDkPG9WRaf5-9LuiQQb9cbAg2JvzoC8MzXcw6qcYefOexEKYG2g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TG_DklEZXvhdmLcqLqL6Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.rueportal.eu/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:15 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBicEqfwRoExAxfr7ByALEQN0d798RdbAITLrZoKLkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTQ0NDSz0D0_gCAwCvNST6"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TG_DklEZXvhdmLcqLqL6Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.rueportal.eu
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWSov9bzKkjUqaOMc302W-aqRL9qvH3ljBXTLtvCrDlcYuVbgRpnpWCaMMHRQZxqzPHLJMsn-vw7j4qaOWLP7WHyBSMbiG_AojHqBqRIK0S_Hu2izsWFFu1F6OIC2Ga2Mlothl2bw==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWSov9bzKkjUqaOMc302W-aqRL9qvH3ljBXTLtvCrDlcYuVbgRpnpWCaMMHRQZxqzPHLJMsn-vw7j4qaOWLP7WHyBSMbiG_AojHqBqRIK0S_Hu2izsWFFu1F6OIC2Ga2Mlothl2bw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMyNTI3NDk1LDU4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3d3dy5ydWVwb3J0YWwuZXUvIixudWxsLFtbOCwiOXo1a2RkdEtmVW8iXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
ESF /
Resource Hash
8fe3dbda4cb6ce7368a2e6c0dc766ba23fd5c89678fbb86e51784fba49e72e39
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lsjI27mRvm_Zy1SzHI17kQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:15 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0JBiOHnrNtNFIJb4-pJJA4id0mewBgFx681zrFOBOOnfedYiIDZUuMTqCMJFl1g9gVi15xKrKRDfX3eJ9TkQzzh_mXUBEBdJXGFtAuLbTVdYHwMxw9crrBxALMTN0d49cRebwI1zH7WVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDS31DAzjCwwAF5dGdQ"
content-security-policy
script-src 'report-sample' 'nonce-lsjI27mRvm_Zy1SzHI17kQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxVfwflb7vTsaQernP-hMdSd1CNGIuPK6Q7TaUJOY1AKNXGDKTWwCI9hM2JAemJinlsuxn_ZbzkN_gyNzWy7G_VIlMxO9udtNfNH8cPBemh84vkeOLpn6jED-zBYiou4coggJeB5DQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVfwflb7vTsaQernP-hMdSd1CNGIuPK6Q7TaUJOY1AKNXGDKTWwCI9hM2JAemJinlsuxn_ZbzkN_gyNzWy7G_VIlMxO9udtNfNH8cPBemh84vkeOLpn6jED-zBYiou4coggJeB5DQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ya9IAtMYMrhEPzzbgZBaRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.rueportal.eu/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:15 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0gDi9BmsQUDM8PUKKwcQC_FwtHdP3MUmMGHJ7DOMSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjE0NDQUs_ANL7AAADi7yWJ"
content-security-policy
script-src 'report-sample' 'nonce-Ya9IAtMYMrhEPzzbgZBaRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.rueportal.eu
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXLY1ZBzWB4BJIFY1T4UXhbjyXD5gEdRiR0vZuiKD2tDjtiWn1zZ2GSJ-t5F5-TUW0D65XPKoqDsRB5RigFJ3LoDkPG9WRaf5-9LuiQQb9cbAg2JvzoC8MzXcw6qcYefOexEKYG2g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXLY1ZBzWB4BJIFY1T4UXhbjyXD5gEdRiR0vZuiKD2tDjtiWn1zZ2GSJ-t5F5-TUW0D65XPKoqDsRB5RigFJ3LoDkPG9WRaf5-9LuiQQb9cbAg2JvzoC8MzXcw6qcYefOexEKYG2g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMy4sqygLRfBfCmmtDRdEVslECkuZQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TAxUcOVcsdA6kRikx6V-8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.rueportal.eu/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:15 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBicEqfwRoExAxfr7ByALEQD0d798RdbAITrjeeZ1RyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoaGhpZ6BqbxBQYA7lslrQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TAxUcOVcsdA6kRikx6V-8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.rueportal.eu
content-length
0
x-xss-protection
0
server
ESF
page.php
www.facebook.com/v14.0/plugins/ Frame 6407
0
0
Document
General
Full URL
https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6cb01553326ae2c0%26domain%3Dwww.rueportal.eu%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rueportal.eu%252Ff25f8716fca1ecaa1%26relation%3Dparent.parent&container_width=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Frueportal%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=500
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=12df1459359e3d806946069e73f2afaf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rueportal.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 09:38:16 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v16.0
origin-agent-cluster
?1
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
priority
u=0,i
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7441148934836410925"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7441148934836410925", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4457, tp=9, tpl=0, uplat=142, ullat=0
x-fb-debug
hDmxS/iH6uJ317weqZW43+BoV5ey3v5/4NqsgsxQYFXNudMQwyi87DXNcm0kPGIW4j8ZTvCQ5u2fedmdwqe+uQ==
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089091&osttc=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
88de501e9869fa86f814a87cf46a5e032871d649d9abe720f628e100c6790379
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13196
date
Mon, 25 Nov 2024 09:38:16 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089091&osttc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 09:38:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 09:38:16 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame B947
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rueportal.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
615
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 09:28:02 GMT
expires
Mon, 25 Nov 2024 10:18:02 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 59E2
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ljI5Ezk2_jkatfr2EeZjWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rueportal.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ljI5Ezk2_jkatfr2EeZjWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Nov 2024 09:38:17 GMT
expires
Mon, 25 Nov 2024 09:38:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
favicon.ico
www.rueportal.eu/
15 KB
6 KB
Other
General
Full URL
https://www.rueportal.eu/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.129.138.218 Prague, Czech Republic, ASN24806 (INTERNET-CZ INTERNET CZ, a.s., CZ),
Reverse DNS
218.138.forpsi.net
Software
aruba-proxy /
Resource Hash
581cdaaf3415dd735b544ba5999722a6c619d4c23990059a610fbe41856fb4d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.rueportal.eu/

Response headers

x-servername
ipvsproxy003
content-encoding
gzip
date
Mon, 25 Nov 2024 09:38:17 GMT
content-type
image/x-icon
vary
Accept-Encoding
server
aruba-proxy
last-modified
Fri, 03 May 2019 23:38:54 GMT
sodar
ep1.adtrafficquality.google/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
twemoji.maxcdn.com
URL
https://twemoji.maxcdn.com/v/latest/twemoji.min.js
Domain
zing.cz
URL
https://zing.cz/wp-content/uploads/2020/09/Minecraft-6.jpg
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=3663428809452054&bg=!OjmlOXbNAAaIaF9IqGg7ADQBe5WfOCUl9g3IyyCyGdq4cOfNCgdPoV7ADcTIb91nRi62jkZF6VMqMM7-_p_bK6XaI4J1AgAAAcFSAAAABGgBB34ANkO4s1hnQvI4WUh_fik-FVNSEeldrry38hR7ZPecX-O7Ux6r-chhLI8lTb3wtUdu4FhgjQCEegoAeokg652O9FiO0Jd7nTOikhnO4ZUeDxZh-K658eiP5zxAFn_kvTiBMTD7jyGc_PSof84OmR531PzCg88K-nXYzfgpr2lfz88hnupFFC5KPtW-vaeDVpYyt9rbGpTC031KmxryGCwR5soTJ_FfVmeJgBFZKxIk48KC-Wy8mQKd8pBpG_dYPmrQLIWqezIqRzmr4ZRwxHjWirm7mOBDO7vx9crCU-BIAEO75en8LbdZKRiF-HTzakVw1naDbvmmFwl86bXrWyWqNL_BbHPiianACA_na_g1TOKnlhW5xqSj2Y-xy-dGDrdyFiST9wPrHofk3y5ZhteOKoaO8WlUoVhJkzYeo55XHqLj4bhJyIAT5Wf73vFOgKXaRrVbE8QghN4EHOtNGv5JtKXnAtk94XOefGF7UzDIFgtbBoFYUbGMh-sQmE2e9-TkU7B2AdjE2ii3y4WMY3qMQqswwMg3tUuJfV3RbMguXYK4yBUua--GgWHtcmn3f6baLbxEDpfyLjiIdXDyeVZy77kGwtdVeShZDbaToiRlp0gbcyybO9aZnZVAwqwRPk-QvdiAz99DVOf7_IYEQppTPLacw3yuqx0kX1m0B5hSz5NRVf7Y0Z9GKBHIpg2xjW9lcMs17ZQSRziA4W-hLeJop5x9pog93yD28rGKqOFo1Q2yRyE8cTt_9ZvK_DA4VM5E4VERJry6ydcYxUcbsKfghyM3Y-N6LxMiCYB1Y-xhy6il4-He13-XvAXmiuVOr2xDG0bqdN0tgcuBDYk2Qf_fcinxeDjD3Kf2q1IfovtRa4IFWBjloIff0cRMOF94vMLNM52Z5Ej92AY-_QThyqELofmOSFpPaAsA5_6QGhB7lygANeJMn723XWVjNAmkaRxJaDjqggFv3efo8kHnJyeFEmg5UlZzODjjdbBG-3bbabp1LDJLxIf_AoKtPgAnqaVq1KcurQIf-sY1fITUPrCRi5Qt-RTpu046Kq_BANAIu1NW7iZMHgHcrdHHtDCxS6UWHVl2lERfzV-IaTX-wOCxTEB4e0YlFeARpnMT5XU4ZLm-HCE0

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| $ function| jQuery function| GLightbox function| gtag object| dataLayer object| adsbygoogle object| lightbox object| body object| mobileNavTrigger object| mobileNav object| header object| headerOffset object| FB object| __gcse object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| __buffer object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages number| googleNDT_ number| googleAltLoader object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MmMzN2MwMzgyOTA5ZWQ3ZmxvYWRlcl9qcw== string| MmMzN2MwMzgyOTA5ZWQ3ZmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag boolean| 1e1deea2-cbe4-4592-a636-72907019416d object| _google_rum_ns_ object| GoogleGcLKhOms

18 Cookies

Domain/Path Name / Value
.rueportal.eu/ Name: _ga_TJ26XSS17Z
Value: GS1.1.1732527492.1.0.1732527492.0.0.0
.rueportal.eu/ Name: _ga
Value: GA1.1.810015260.1732527493
.rueportal.eu/ Name: _ga_4P1PWQMV5Z
Value: GS1.1.1732527492.1.0.1732527492.0.0.0
.rueportal.eu/ Name: _ga_WH21HEZSK2
Value: GS1.1.1732527492.1.0.1732527492.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUlNLK8aYh_-koKThje8LoHaphEbYiwuHyN0QR_XT-hVsPEQi_vX-nJesMDA
.casalemedia.com/ Name: CMID
Value: Z0RFhdHM6M0AACbvAVEPBgAA
.casalemedia.com/ Name: CMPS
Value: 3453
.casalemedia.com/ Name: CMPRO
Value: 3453
.doubleclick.net/ Name: APC
Value: AfxxVi4CInPwtCbets-pD6XXrXbWn95m4OTuQDdgEkZkb04UaVB_dA
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.rueportal.eu/ Name: __gads
Value: ID=76d5ffc812343271:T=1732527492:RT=1732527492:S=ALNI_MYXzlmy290rb_dcS_N6_u-aun84VQ
.rueportal.eu/ Name: __gpi
Value: UID=00000db39cee512a:T=1732527492:RT=1732527492:S=ALNI_MZKTkopt4Y0AN59NN4nAV6dKrVmEQ
.rueportal.eu/ Name: __eoi
Value: ID=85de757c1cf512f0:T=1732527492:RT=1732527492:S=AA-AfjYvjU3SMSbtKE29BbK-k2NI
.mediago.io/ Name: __mguid_
Value: e94ce74f6bf0b09c2brgq400m3wu4yvh
gtrace.mediago.io/ Name: cst_70
Value: ts=1732527495
.rueportal.eu/ Name: FCNEC
Value: %5B%5B%22AKsRol-sgKwQckQUq9vLpaV_3uFUgQBrkBSm0FfZUDw9O3g8bIpGAFekEmPUy4WaCVEMc8DVD7TcZvbhZE_YoFjqwEYRtS6MRXzHCkO2bCVzYl7p4l0xP0K16ALAQqwJE2UBh597tGB7cKtgROOxvvLsYw8itbK8ww%3D%3D%22%5D%5D

1 Console Messages

Source Level URL
Text
network error URL: https://twemoji.maxcdn.com/v/latest/twemoji.min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
clients1.google.com
connect.facebook.net
cse.google.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
poezija.rueportal.eu
twemoji.maxcdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.rueportal.eu
www.vystoupit.eu
zing.cz
ep1.adtrafficquality.google
twemoji.maxcdn.com
zing.cz
142.250.176.196
142.250.65.174
142.250.65.226
142.250.81.238
142.251.40.131
142.251.40.98
157.240.241.1
185.129.138.218
2001:1ab0:7e1e:151:62:109:155:9
2606:4700::6811:190e
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::200e
2607:f8b0:4006:816::200e
2607:f8b0:4006:817::2008
2607:f8b0:4006:817::200e
2607:f8b0:4006:81e::200a
2607:f8b0:4006:823::2001
31.13.71.36
003f864863eb2999440dcb2f0d5c5762d2660a4cda2139a61a054c843c508d4a
01992ace98576aeb2a894a4ffa79105bb7d421863ea024ee743025c74ecea844
03dfe1fbce92a9f17fcd1a1501213bd820d050ab085c338419ab06a3631c9459
07ffe99bbad6a01eefc554124b34927e60911ed74c21b5bb4e7361ddfc4e2845
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
1d61a156460cb17325d19f72849c42264ada0f671bc61386f91ad8110820e09a
2a775d512b714a32d68031e6553e4afadfa75617b30c5f98ed08efde1b21e6b5
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
354426f8ac76a3cc9bc67dc4a82e2b117a03632a57b3689a536e99c49fa47734
3544b18c6ae20d9768eed4ace6199d0fc9907deca235f827a877d21ba5456c1a
3e99ac4a7d683baf5b9b4da979427b96b4c983e367fa560aa0dc5967a3a42dcf
409f8a34b54580aa53977248a21c785f7879c3168411449426010050db2c5724
49c5399c1bcf56caf23f47bd1801681c85e51e9aac0e6d9c324ffabea1ea22d8
57da410e548b39479fef3ff2c52d0a6bc3d75c6d1a7446aac7a3b475e080fb87
581cdaaf3415dd735b544ba5999722a6c619d4c23990059a610fbe41856fb4d2
69538f4bf4125ad09f109be64df62d2285f412c87ba7565626694845206bbac1
6c4ff7e1dfcf0cc2255336816653ca49d1f9bf0a4d134d0398f1a198f493e508
6d3f62d4d17969f9c70e9438cf671004725019e868123f2ebc295a006f8d5d2d
6e149bac17567301612f3572c058018c47d3f66af2bc1260b92be2b88c7d7811
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
822499fc127d1927be575e386fd350aa1dc59be0156602f19027a6fd33331344
88de501e9869fa86f814a87cf46a5e032871d649d9abe720f628e100c6790379
8e3c819487a6e9e905ac25d650a847a837f498e154bc45eac4c8f964541c3296
8fe3dbda4cb6ce7368a2e6c0dc766ba23fd5c89678fbb86e51784fba49e72e39
a2f9a68b346a104f028d3c4e511c849b9aef6cd784066ff8c10f6aab6bc97f5e
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
ab49c64412f95629e2c9941a0439ddb84dcb95fe5a71a14ca04e6e373a5d0d3b
af4e2cc0ea3f82612bee7302abd263a2d78679c6db0f80cf35f4e7fd9715e9d3
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c50cc9518b86d3256fbac184735fd0122b09e97a3a4879c05fd5063d33f0dd17
c73c9d2639ee4ecc555040bb05de136847ae936b885925b56972549ccfe16a97
c9447ca11a2f1f8fcfd178e3d8032efee8f6500f5f4caac96bbfab09a5ab35cd
d480de66b420ea6afb356fe87de6fe62f5cbbd08662f077ff2edae95a2b900df
d670592315205835c6c155eaa76a7bc61e48ef962d390b537be52ae1f7b62dde
da05f4e7d05050a06aec7acb69ad641ee7c20e9a31e7fbe0b701d6a62f7ae1eb
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e323b895aeb3fbc1bef9ad67db575507302206c8502ae6ff23e6119113d99fab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fb5fa6b052c0b5f00f310d1b6d387e77c55de656c4cf73ea5ec21c576927d8
ed961beb3115b842ff7204a8f5bbc834f32363a79223802272897be70abd8033
ed9a0c3d1f25c98fd3513d1183334b7c9009f4c42d4246bc8fd201a89e9c7ea0
f0b745f08fdd0c8abd0610409973433e28c288cce88fdceeb9093808a5ee937c
f29ed851a3bd757aadf06769b0cc74879ad6d71d38e53a8d2534c82fcef37027
f73d3a597c2e4509d990a3ce7c90753cb46fa1925dc04906f9a04f4f3553003a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f82b7c3a250806ae9a87012775bfc65983c95af0463fa892d34192eaed487042
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99