rulsmart.me Open in urlscan Pro
185.158.112.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://rulsmart.me/unlock/
Submission: On July 21 via api (July 21st 2023, 8:07:14 pm UTC) from US — Scanned from DE

Summary HTTP 224 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 18 domains to perform 224 HTTP transactions. The main IP is 185.158.112.11, located in Russian Federation and belongs to IPSERVER-RU-NET Fiord, RU. The main domain is rulsmart.me.

This is the only time rulsmart.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	185.158.112.11 185.158.112.11	44812 (IPSERVER-...) (IPSERVER-RU-NET Fiord)
34	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
1	45.12.19.24 45.12.19.24	198610 (BEGET-AS) (BEGET-AS)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
18	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3 6	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 2	154.47.36.179 154.47.36.179	174 (COGENT-174) (COGENT-174)
9	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2 51	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3 6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1 2	52.30.88.149 52.30.88.149	16509 (AMAZON-02) (AMAZON-02)
25	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:401... 2607:f8b0:4012:809::2003	15169 (GOOGLE) (GOOGLE)
1	74.125.133.155 74.125.133.155	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:6e::9	15169 (GOOGLE) (GOOGLE)
2	2600:9000:245... 2600:9000:2450:3200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:1f18:1ac... 2600:1f18:1aca:4280:3a62:2499:26b7:5f52	14618 (AMAZON-AES) (AMAZON-AES)
224	29

30 185.158.112.11 (Russian Federation)

ASN44812 (IPSERVER-RU-NET Fiord, RU)
PTR: 112-11.static.ipcserver.net

rulsmart.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.12.19.24 (Russian Federation)

ASN198610 (BEGET-AS, RU)

mpsuadv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.47.36.179 (United States) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.85 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.88.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-88-149.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4012:809::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:6e::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5ednsd.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2450:3200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:1aca:4280:3a62:2499:26b7:5f52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	1 MB
30	rulsmart.me rulsmart.me	286 KB
28	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 322 gcdn.2mdn.net — Cisco Umbrella Rank: 1176 r4---sn-4g5ednsd.c.2mdn.net	3 MB
25	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 243 bid.g.doubleclick.net — Cisco Umbrella Rank: 759 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 355	316 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	257 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 908 static.adsafeprotected.com — Cisco Umbrella Rank: 589 dt.adsafeprotected.com — Cisco Umbrella Rank: 575	101 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74 imasdk.googleapis.com — Cisco Umbrella Rank: 518	141 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	393 KB
6	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 3930	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 612	3 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 117 www.google.com — Cisco Umbrella Rank: 3	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	2 KB
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 27249	859 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11374	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1150	603 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	70 KB
1	mpsuadv.ru mpsuadv.ru — Cisco Umbrella Rank: 265680	2 KB
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 165191	705 B
224	18

	Domain	Requested by
51	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net rulsmart.me tpc.googlesyndication.com imasdk.googleapis.com s0.2mdn.net pagead2.googlesyndication.com
34	pagead2.googlesyndication.com	rulsmart.me pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
30	rulsmart.me	rulsmart.me
25	s0.2mdn.net	rulsmart.me s0.2mdn.net
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net rulsmart.me
9	dt.adsafeprotected.com	googleads.g.doubleclick.net
9	fonts.googleapis.com	googleads.g.doubleclick.net s0.2mdn.net
7	fonts.gstatic.com	fonts.googleapis.com
7	www.googletagservices.com	googleads.g.doubleclick.net rulsmart.me
6	www.gstatic.com	googleads.g.doubleclick.net
6	mc.yandex.ru	3 redirects rulsmart.me
4	csi.gstatic.com	imasdk.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	r4---sn-4g5ednsd.c.2mdn.net	rulsmart.me
2	googleads4.g.doubleclick.net	rulsmart.me
2	fw.adsafeprotected.com	1 redirects rulsmart.me
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	mc.webvisor.org	1 redirects rulsmart.me
2	adservice.google.com	pagead2.googlesyndication.com
2	counter.yadro.ru	1 redirects rulsmart.me
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.jsdelivr.net	rulsmart.me
1	mpsuadv.ru	rulsmart.me
1	c.hit.ua	rulsmart.me
224	30

This site contains no links.

Subject Issuer	Validity	Valid
mpsuadv.ru R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-07-11` - `2023-09-19`	2 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh

This page contains 28 frames:

Primary Page: http://rulsmart.me/unlock/
Frame ID: FDADA3333B43E4C1DBA3389BF87F18AF
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html
Frame ID: 47327606E536DF499B955EEA9C71AC4C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=1739284004&adk=871142700&adf=3347755254&pi=t.ma~as.1739284004&w=220&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=220x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029339&bpp=7&bdt=411&idt=337&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4510866465467&frm=20&pv=2&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=513&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=5Jg8U69hUO&p=http%3A//rulsmart.me&dtd=354
Frame ID: 9966F1D51392498A6C0438664BC9165C
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=3204743339&adf=2322724795&pi=t.ma~as.6765644335&w=219&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=219x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029346&bpp=1&bdt=418&idt=352&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=uJuyrI1Am6&p=http%3A//rulsmart.me&dtd=356
Frame ID: 3E4476FD6B3ED6F1738991EB7A897627
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=229052413&adf=3406395625&pi=t.ma~as.6765644335&w=211&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=211x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029347&bpp=2&bdt=419&idt=361&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=234&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7cRsLFoR1H&p=http%3A//rulsmart.me&dtd=365
Frame ID: 4284546B840E78978C9125572FC0C7B0
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=90&slotname=2892395936&adk=2918302779&adf=797426555&pi=t.ma~as.2892395936&w=728&lmt=1689970029&format=728x90&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&wgl=1&dt=1689970029349&bpp=1&bdt=421&idt=367&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600%2C211x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=470&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=j9ByN19sm2&p=http%3A//rulsmart.me&dtd=369
Frame ID: DC1F7E001776AD92BCE5003A01A36F21
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&adk=1812271804&adf=3025194257&lmt=1689970029&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&ea=0&pra=7&wgl=1&dt=1689970029367&bpp=2&bdt=439&idt=353&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600%2C211x600%2C728x90&nras=1&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&dtd=370
Frame ID: 393EBD0B7742A553C70B5D76A4D17071
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E0B0C83AEFBD35F2F0015A4DBBF5090E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2A503AEB2C8C675C7F73811C1685E743
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: D7464660F321E71F58D71F9394482CC2
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5E25C2FAC805309F2056F6EA0E41A1A8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 25D844E55CA45D946195D1AAD8A0BA94
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGFvwIQzaXKAhj40I_xATAB&v=APEucNUyXgl-KQRWSE9p_gKecC3RCGQhmOqXV23cE8gd_Sip5fbRKJzL4N3zZ_KkvQjjOtEadLL-Av_ytJk7KZ_8Ej_YdDbfgXfbDa6UiQvMHdg0LCkBj4VvIu09nEjqjTe9L28pXq7lNZhXbnLYlbzxJmZP3OR4_Zhcjh6gH85RXYMsjUWxhfM
Frame ID: CF79F52CD79D960EF3BD5EF607EC3CAC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 0FEEB075C60C68348CF8BF32AE390F7A
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: A2C9EFF5FECF9053A5C780EB2B4768E8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: 4862819D772FD14BE54A3DB5FAC2C319
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: 3A8DA3A2C5653400318A3B93ED7BADE5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js
Frame ID: 438D9F7174D59B14FC7E0A0B761B03F9
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: CF22D118377074291315C19C8340E3F6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: 22CB25C679A23D0E275BB49EED5AF1A0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: 401EB8B978147C8395E6B6222C064194
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 62DE3D1348027EDC6A4B18F77614D3B9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
Frame ID: E5C365D3FC6AB22B2354D7D718F62D41
Requests: 28 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B1C39026B89FAF7ECCA99CCC742770DB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A3CA58D99B606A139C092622BEEF9AA7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: 3FD75195EC355893D6FEC1D0D09C7AA8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA056B6710B10A482BA3D51B131972FF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D712402C1057F5E782A4D16A7858BDB9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Разблокируй телефон Nokia по IMEI. Снятие защитного кода - Скачать игры на Андроид, бесплатные программы для смартфона и обои на планшет

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

224
Requests

80 %
HTTPS

66 %
IPv6

18
Domains

30
Subdomains

29
IPs

6
Countries

5542 kB
Transfer

9341 kB
Size

28
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://counter.yadro.ru/hit?t27.6;r;s1600*1200*24;uhttp%3A//rulsmart.me/unlock/;h%u0420%u0430%u0437%u0431%u043B%u043E%u043A%u0438%u0440%u0443%u0439%20%u0442%u0435%u043B%u0435%u0444%u043E%u043D%20Nokia%20%u043F%u043E%20IMEI.%20%u0421%u043D%u044F%u0442%u0438%u0435%20%u0437%u0430%u0449%u0438%u0442%u043D%u043E%u0433%u043E%20%u043A%u043E%u0434%u0430%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0438%u0433%u0440%u044B%20%u043D%u0430%20%u0410%u043D%u0434%u0440%u043E%u0438%u0434%2C%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u044B%u0435%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%u044B%20%u0434%u043B%u044F%20%u0441%u043C%u0430%u0440%u0442%u0444%u043E%u043D%u0430%20%u0438%20%u043E%u0431%u043E%u0438%20%u043D%u0430%20%u043F%u043B%u0430%u043D%u0448%u0435%u0442;0.1971747212349626 HTTP 302
https://counter.yadro.ru/hit?q;t27.6;r;s1600*1200*24;uhttp%3A//rulsmart.me/unlock/;h%u0420%u0430%u0437%u0431%u043B%u043E%u043A%u0438%u0440%u0443%u0439%20%u0442%u0435%u043B%u0435%u0444%u043E%u043D%20Nokia%20%u043F%u043E%20IMEI.%20%u0421%u043D%u044F%u0442%u0438%u0435%20%u0437%u0430%u0449%u0438%u0442%u043D%u043E%u0433%u043E%20%u043A%u043E%u0434%u0430%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0438%u0433%u0440%u044B%20%u043D%u0430%20%u0410%u043D%u0434%u0440%u043E%u0438%u0434%2C%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u044B%u0435%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%u044B%20%u0434%u043B%u044F%20%u0441%u043C%u0430%u0440%u0442%u0444%u043E%u043D%u0430%20%u0438%20%u043E%u0431%u043E%u0438%20%u043D%u0430%20%u043F%u043B%u0430%u043D%u0448%u0435%u0442;0.1971747212349626

Request Chain 37

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Funlock%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxmwa11tbxy7%3Afp%3A500%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1082%3Acn%3A2%3Adp%3A0%3Als%3A790513042608%3Ahid%3A651554879%3Az%3A0%3Ai%3A20230721200709%3Aet%3A1689970030%3Ac%3A1%3Arn%3A382339179%3Arqn%3A1%3Au%3A1689970030681052466%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A117%2C72%2C102%2C1%2C%2C0%2C%2C339%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1689970028634%3Ast%3A1689970030&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Funlock%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxmwa11tbxy7%3Afp%3A500%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1082%3Acn%3A2%3Adp%3A0%3Als%3A790513042608%3Ahid%3A651554879%3Az%3A0%3Ai%3A20230721200709%3Aet%3A1689970030%3Ac%3A1%3Arn%3A382339179%3Arqn%3A1%3Au%3A1689970030681052466%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A117%2C72%2C102%2C1%2C%2C0%2C%2C339%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1689970028634%3Ast%3A1689970030&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 38

https://mc.yandex.ru/watch/873079?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Funlock%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxmwa11tbxy7%3Afp%3A500%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A901862285957%3Ahid%3A651554879%3Az%3A0%3Ai%3A20230721200709%3Aet%3A1689970030%3Ac%3A1%3Arn%3A931325112%3Arqn%3A1%3Au%3A1689970030681052466%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A117%2C72%2C102%2C1%2C%2C0%2C%2C339%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1689970028634%3Arqnl%3A1%3Ast%3A1689970030%3At%3A%D0%A0%D0%B0%D0%B7%D0%B1%D0%BB%D0%BE%D0%BA%D0%B8%D1%80%D1%83%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%20Nokia%20%D0%BF%D0%BE%20IMEI.%20%D0%A1%D0%BD%D1%8F%D1%82%D0%B8%D0%B5%20%D0%B7%D0%B0%D1%89%D0%B8%D1%82%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BA%D0%BE%D0%B4%D0%B0%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B8%D0%B3%D1%80%D1%8B%20%D0%BD%D0%B0%20%D0%90%D0%BD%D0%B4%D1%80%D0%BE%D0%B8%D0%B4%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BC%D0%B0%D1%80%D1%82%D1%84%D0%BE%D0%BD%D0%B0%20%D0%B8%20%D0%BE%D0%B1%D0%BE%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/873079/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Funlock%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxmwa11tbxy7%3Afp%3A500%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A901862285957%3Ahid%3A651554879%3Az%3A0%3Ai%3A20230721200709%3Aet%3A1689970030%3Ac%3A1%3Arn%3A931325112%3Arqn%3A1%3Au%3A1689970030681052466%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A117%2C72%2C102%2C1%2C%2C0%2C%2C339%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1689970028634%3Arqnl%3A1%3Ast%3A1689970030%3At%3A%D0%A0%D0%B0%D0%B7%D0%B1%D0%BB%D0%BE%D0%BA%D0%B8%D1%80%D1%83%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%20Nokia%20%D0%BF%D0%BE%20IMEI.%20%D0%A1%D0%BD%D1%8F%D1%82%D0%B8%D0%B5%20%D0%B7%D0%B0%D1%89%D0%B8%D1%82%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BA%D0%BE%D0%B4%D0%B0%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B8%D0%B3%D1%80%D1%8B%20%D0%BD%D0%B0%20%D0%90%D0%BD%D0%B4%D1%80%D0%BE%D0%B8%D0%B4%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BC%D0%B0%D1%80%D1%82%D1%84%D0%BE%D0%BD%D0%B0%20%D0%B8%20%D0%BE%D0%B1%D0%BE%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 48

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10071.huDvpuJhIuCOLlbjMXJV3UUcCwJIpbB4aun2BWhIVpVReH7p9-NNSqxZ9TEfmw6P.5Hxexr0bHyZz1Kn7t7MonyH923I%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=10071.J5_lMniRAnh265sWqaemF2Wl1JFGShmpq-Roid3gATcItYq04mdotUGv8gKyjGoU5euxqw62GnV3WgnbAoV7Lskq6g5FZbHqN6DiJUHXTLF-IIl1iw3bQg1ISGJo5Pdv04TPozeyQbvpxmYSvaIGLlvTOxmB49JpoFJbPLzOfk-bWlIhEKyx-_QOO7z_n2IvtJX_ufVCG2NcUimC1V5EJycjiPVPEKcR-hEqvWYdM7o%2C.Ofvk2-SAu8SKGDbKNxT4w-v22xM%2C

Request Chain 55

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP7NvpJxCwCRisAjIIz2et6c0MJV8 HTTP 301
https://tpc.googlesyndication.com/simgad/6510834987797366098

Request Chain 80

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP7NvpJxCwCRisAjIIz2et6c0MJV8 HTTP 301
https://tpc.googlesyndication.com/simgad/6510834987797366098

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOire0bBGnYA9MbFMFdhfg4&google_cver=1

Request Chain 140

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLrlb4N-xZShQY0gQHbu.AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOire0bBGnYA9MbFMFdhfg4&google_cver=1&google_hm=2

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOtDmwuSGlwaRCZ2Wqr9Uwo&google_cver=1

Request Chain 142

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUxOTk2MTc5NzM5NTMzMDQ4NQ%3D%3D

Request Chain 171

https://gcdn.2mdn.net/videoplayback/id/852696b41098c4bb/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721506031/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/7FEAF4A9FFE1989FBE695EE506B3E63DF33BED51.3461DBF8B21E500ACC0190C401E880A5898F61BA/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5ednsd.c.2mdn.net/videoplayback/id/852696b41098c4bb/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721506031/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DBD474A4B5909169578E588EDBEECA122B9F599.136F4280A00B6CF0325B10DE7D2D2EF1C7FEA899/key/cms1/cms_redirect/yes/mh/5n/mip/2a01:4a0:1338:92::12/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1689969656/mv/m/mvi/4/pl/36/file/file.mp4

Request Chain 172

https://fw.adsafeprotected.com/rfw/st/1565935/72734094/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013756215&ias_pubId=pub-4809740823367762&ias_chanId=1&ias_placementId=20365395083&bidurl=http://rulsmart.me/unlock/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hCLa6_f4SPHiufpW0Oxg21&adContainerId=brand_safety_b-W6ZNyREa24x_AP25WjmAE&cbFunctionName=goog_wrapCb_b-W6ZNyREa24x_AP25WjmAE&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Frulsmart.me&adsafe_type=g&adsafe_url=http%3A%2F%2Frulsmart.me%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230719%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20230719%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-4809740823367762%26fa%3D1%26ifi%3D9%26uci%3Da!9%26btvi%3D5%26xpc%3DF63lcp9qbs%26p%3Dhttp%253A%2F%2Frulsmart.me&adsafe_type=be&adsafe_jsinfo=,id:1d4427ed-6d33-82df-e64e-b75b9c0c02db,c:j2byLI,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5d94d9d8b-m7sw7,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tKG21KR+11%7C121%7C131%7C141%7C151%7C152%7C16%7C171%7C181%7C191%7C1a1*.1565935-72734094%7C1a11%7C1a12%7C1a13,idMap:1a1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:18,oid:2da2e5c3-2802-11ee-af08-b224d10dc286,v:19.8.432,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_b-W6ZNyREa24x_AP25WjmAE&cbFunctionName=goog_wrapCb_b-W6ZNyREa24x_AP25WjmAE&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

224 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
rulsmart.me/unlock/ 36 KB
12 KB 292ms
103ms Document
text/html 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx / PHP/5.3.3-7+squeeze19
Resource Hash: ff5885afdc7ef52b8a26a16f2b0475dfd7ef1c5083d2befa4fd754c61335afa6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 10983
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: text/html
Date: Fri, 21 Jul 2023 20:07:08 GMT
Expires: Sat, 22 Jul 2023 20:07:08 GMT
Last-Modified: Fri, 21 Jul 2023 13:07:08 +0300 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.3-7+squeeze19

GET
H/1.1 200
OK ms-style.css
rulsmart.me/templates/default/ms-css/ 37 KB
9 KB 78ms
77ms Stylesheet
text/css 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/templates/default/ms-css/ms-style.css
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: e78c611b1367a501b75f27cd92490e817d5bc63a3e6acae2a65b1b3a401a74ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Aug 2022 00:32:34 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK other.css
rulsmart.me/templates/default/css/ 126 B
1 KB 149ms
75ms Stylesheet
text/css 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/templates/default/css/other.css
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 8e3d390d68eb3acc234013f77c137a35190620a6ecfce5fc46bbddc7ea2e54e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 11:15:55 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK ms-engine.css
rulsmart.me/templates/default/ms-css/ 7 KB
3 KB 148ms
75ms Stylesheet
text/css 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/templates/default/ms-css/ms-engine.css
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: db00d8ce624603cd23c7820da2141d1efb5b9b4e5d54a9028e3089e8936e6bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 11:15:54 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK RS_logo.png
rulsmart.me/templates/default/images/ 6 KB
7 KB 298ms
72ms Image
image/png 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/images/RS_logo.png
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: dbfd4b1200a9bb591cb0ced04931e55300562113d8bd2d8bda966b289a54559c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 Jan 2023 03:50:50 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK n-one-npad-air.jpg
rulsmart.me/templates/default/images/help/ 10 KB
11 KB 311ms
76ms Image
image/jpeg 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/images/help/n-one-npad-air.jpg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 0708086de3648fcdecf405833e628e1bb7720cb959065e9fb6641acd544950ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:09 GMT
Last-Modified: Thu, 02 Feb 2023 02:09:41 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9924
Expires: Sat, 22 Jul 2023 20:07:09 GMT

GET
H/1.1 200
OK tecno.jpg
rulsmart.me/templates/default/images/help/ 39 KB
40 KB 357ms
74ms Image
image/jpeg 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/images/help/tecno.jpg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 793b1b57c471fae8d2852819f4a2b21f96485a919972e90c50a32ec938cd245f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:09 GMT
Last-Modified: Thu, 30 Mar 2023 01:02:45 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40417
Expires: Sat, 22 Jul 2023 20:07:09 GMT

GET
H/1.1 200
OK onyx.jpg
rulsmart.me/templates/default/images/help/ 38 KB
38 KB 216ms
74ms Image
image/jpeg 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/images/help/onyx.jpg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: d5b4b49a7be55435041a74423ef85a51399c9ce6504446251f7ea24d3ca933f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Last-Modified: Thu, 30 Mar 2023 00:44:59 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38474
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK itel.jpg
rulsmart.me/templates/default/images/help/ 23 KB
24 KB 120ms
74ms Image
image/jpeg 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/images/help/itel.jpg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: e60d9d1dce43b1ff0418a7237d16059aa82ede87dc63cf5973d1a2efc0f0051c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Last-Modified: Tue, 02 Aug 2022 23:41:48 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23162
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK ms-spacer.png
rulsmart.me/templates/default/ms-img/ 218 B
1 KB 139ms
77ms Image
image/png 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/ms-img/ms-spacer.png
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: c3cac8d21243616e7df551e5887cd60b556cb7791fe47990385735e4296d4fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 11:15:54 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK ms-bl.gif
rulsmart.me/templates/default/ms-img/ 264 B
1 KB 220ms
76ms Image
image/gif 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/ms-img/ms-bl.gif
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 41e0c6597db12c7255c2c856f1982e6a0988dc88f8cf66a67d482aead75e2ab3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 11:15:54 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK ms-br.gif
rulsmart.me/templates/default/ms-img/ 162 B
1 KB 268ms
74ms Image
image/gif 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/ms-img/ms-br.gif
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 132bfc65622cb51725c0da6a6309fd249e39bffade81adce814003545211d583

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 11:15:54 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK Angry%20Birds%20Space%20Premium.jpg
rulsmart.me/templates/default/games/ 30 KB
31 KB 217ms
74ms Image
image/jpeg 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/games/Angry%20Birds%20Space%20Premium.jpg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: e45c2bfe5b8f9c1698daa29d22e11742f6ac736ee85af5fb21684f45153ed147

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Last-Modified: Wed, 08 Mar 2017 11:15:54 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30906
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK 1689932465_6-4.jpg
rulsmart.me/uploads/download/video/thumbs/mini/ 6 KB
7 KB 121ms
76ms Image
image/jpeg 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/uploads/download/video/thumbs/mini/1689932465_6-4.jpg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 7c6d048609571d275332f95ffbebeac26a375c59506b66053807aadf718ad0c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Last-Modified: Fri, 21 Jul 2023 09:41:05 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6555
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK 1689880966_kris-jevans.jpg
rulsmart.me/uploads/download/kartinki-zastavki-temy/thumbs/mini/ 10 KB
11 KB 137ms
77ms Image
image/jpeg 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/uploads/download/kartinki-zastavki-temy/thumbs/mini/1689880966_kris-jevans.jpg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 73870d5efdc89d1b790b7e63c0a8611a533db7ebcd6752763da42a6e6de6e49c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Last-Modified: Thu, 20 Jul 2023 19:22:46 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10404
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK 1689878504_maxresdefault.jpg
rulsmart.me/uploads/download/android-os/thumbs/mini/ 12 KB
13 KB 75ms
74ms Image
image/jpeg 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/uploads/download/android-os/thumbs/mini/1689878504_maxresdefault.jpg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 338580a8d2678672efade259536b458530d6d2293f13da53a5ec97054c04bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:09 GMT
Last-Modified: Thu, 20 Jul 2023 18:41:44 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12324
Expires: Sat, 22 Jul 2023 20:07:09 GMT

GET
H/1.1 200
OK 1689877783_x1pdwkx9oilg.jpg
rulsmart.me/uploads/download/kartinki-zastavki-temy/thumbs/mini/ 9 KB
10 KB 72ms
72ms Image
image/jpeg 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/uploads/download/kartinki-zastavki-temy/thumbs/mini/1689877783_x1pdwkx9oilg.jpg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 3169ebd2ab9694730ead43506862dccf523054530ba387e35bea08fbf9f77dbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:09 GMT
Last-Modified: Thu, 20 Jul 2023 18:29:43 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9468
Expires: Sat, 22 Jul 2023 20:07:09 GMT

GET
H/1.1 200
OK 1689859476_ae6d778739b6d00271f2ba1032c8c4f2-k4vynifs-dztechs.jpg
rulsmart.me/uploads/download/muzyka/thumbs/mini/ 10 KB
11 KB 75ms
74ms Image
image/jpeg 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/uploads/download/muzyka/thumbs/mini/1689859476_ae6d778739b6d00271f2ba1032c8c4f2-k4vynifs-dztechs.jpg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: fa8dcb076f0747f8988f4b1b6ab9ba53d66bad716eb755bf60fa42607ab4558a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:09 GMT
Last-Modified: Thu, 20 Jul 2023 13:24:36 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10612
Expires: Sat, 22 Jul 2023 20:07:09 GMT

GET
H/1.1 200
OK 1689810419_rulsmart-foto-5.jpg
rulsmart.me/uploads/download/kartinki-zastavki-temy/thumbs/mini/ 6 KB
7 KB 77ms
77ms Image
image/jpeg 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/uploads/download/kartinki-zastavki-temy/thumbs/mini/1689810419_rulsmart-foto-5.jpg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: b762373c020c62911fa62c16daba425dfe3845811927b8188f785d3731ad3150

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:09 GMT
Last-Modified: Wed, 19 Jul 2023 23:46:59 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5867
Expires: Sat, 22 Jul 2023 20:07:09 GMT

GET
H/1.1 200
OK 1689620942_bez-nazvaniya.jpg
rulsmart.me/uploads/download/muzyka/thumbs/mini/ 10 KB
10 KB 72ms
72ms Image
image/jpeg 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/uploads/download/muzyka/thumbs/mini/1689620942_bez-nazvaniya.jpg
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 8dcdf028d774030db8a0dc1e52a40dc23afa9b76f0f23d918a61d3918c2d6acc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:09 GMT
Last-Modified: Mon, 17 Jul 2023 19:09:02 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9829
Expires: Sat, 22 Jul 2023 20:07:09 GMT

GET
H/1.1 200
OK ms-col-top.gif
rulsmart.me/templates/default/ms-img/ 1 KB
2 KB 210ms
72ms Image
image/gif 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/ms-img/ms-col-top.gif
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 1068b99f75e36f325ba21ef37a7d6d8dfd961e81aa8c1c35333510f01017d566

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 11:15:54 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK ms-col-center.gif
rulsmart.me/templates/default/ms-img/ 108 B
1 KB 137ms
76ms Image
image/gif 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/ms-img/ms-col-center.gif
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 5ca7c4c23b9bf6e9d22a3341c8bddb96c4c98cd2a40cf419fa208ddc99b3f2ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 11:15:54 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK ms-col-bot.gif
rulsmart.me/templates/default/ms-img/ 1013 B
2 KB 74ms
74ms Image
image/gif 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/ms-img/ms-col-bot.gif
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: f296b4177c44ce95b815417b8a8cc999da79eb3395756ef13388962e5be008ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 11:15:54 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 22 Jul 2023 20:07:09 GMT

GET
H/1.1 200
OK menu.js Show response
rulsmart.me/engine/ajax/ 3 KB
4 KB 75ms
74ms Script
application/javascript 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/engine/ajax/menu.js
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 5a904da1528423139fe01d846bf9599bbb4a81ebeb60db12a3bbc13c26dbff4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Last-Modified: Wed, 08 Mar 2017 11:56:53 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3368
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK dle_ajax.js Show response
rulsmart.me/engine/ajax/ 5 KB
6 KB 74ms
74ms Script
application/javascript 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/engine/ajax/dle_ajax.js
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 5e62f6c316a1de804c62823782c938352cf53798f90bc8e31fe40f750fbc54a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Last-Modified: Wed, 08 Mar 2017 11:56:53 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5167
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK loading.gif
rulsmart.me/engine/ajax/ 761 B
2 KB 74ms
74ms Image
image/gif 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/engine/ajax/loading.gif
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 6c00e881f3752549829bb0fab9a323e41ecf4adbdc35cac975db58c6b923d40d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 11:56:53 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 22 Jul 2023 20:07:09 GMT

GET
H/1.1 200
OK js_edit.js Show response
rulsmart.me/engine/ajax/ 15 KB
16 KB 72ms
71ms Script
application/javascript 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/engine/ajax/js_edit.js
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 9b643528532e4cf516958f0b454100d9d47739705fd0d527b3b356b965c904ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Last-Modified: Wed, 08 Mar 2017 11:56:53 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15585
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK ms-nav-v.js Show response
rulsmart.me/templates/default/ms-css/ 796 B
2 KB 77ms
77ms Script
application/javascript 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to

Full URL: http://rulsmart.me/templates/default/ms-css/ms-nav-v.js
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 9d4203f53f695738271eeae994a4e859d65d0de0c662032292530e52964e1764

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:09 GMT
Last-Modified: Wed, 08 Mar 2017 11:15:54 GMT
Server: nginx
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 796
Expires: Sat, 22 Jul 2023 20:07:09 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
53 KB 131ms
91ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

539ada763478e79b42001f3cc28c50dbd5030c63423fc3101d11b10d7cbcf1c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54029
X-XSS-Protection: 0
Server: cafe
ETag: 9240332911544332730
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 21 Jul 2023 20:07:09 GMT

GET
H/1.1 200
OK greenbtn.png
rulsmart.me/templates/default/images/ 1 KB
2 KB 196ms
74ms Image
image/png 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/images/greenbtn.png
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/templates/default/ms-css/ms-style.css
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 85f53ebe401c06be4e3f5a898c339921f439091613ca8dd956b59818241eb7f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/templates/default/ms-css/ms-style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 11:15:55 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
H/1.1 200
OK ms-bc.gif
rulsmart.me/templates/default/ms-img/ 65 B
1000 B 272ms
75ms Image
image/gif 185.158.112.11
IPSERVER-RU-NET F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rulsmart.me/templates/default/ms-img/ms-bc.gif
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 185.158.112.11 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS: 112-11.static.ipcserver.net
Software: nginx /
Resource Hash: 5e5726422d0add3a44e26a0b2cf80487001c20e3556a471dc5d13ebe1d49d585

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/unlock/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 11:15:54 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: default-src 'self' ; style-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me; img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/ ; connect-src https://mc.yandex.ru/ ; frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 22 Jul 2023 20:07:08 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t27.6;r;s1600*1200*24;uhttp%3A//rulsmart.me/unlock/;h%u0420%u0430%u0437%u0431%u043B%u043E%u043A%u0438%u0440%u0443%u0439%20%u0442%u0435%u043B%u0435%u0444%u043E%u043D%20N...
https://counter.yadro.ru/hit?q;t27.6;r;s1600*1200*24;uhttp%3A//rulsmart.me/unlock/;h%u0420%u0430%u0437%u0431%u043B%u043E%u043A%u0438%u0440%u0443%u0439%20%u0442%u0435%u043B%u0435%u0444%u043E%u043D%2...

819 B
1 KB

75ms
75ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t27.6;r;s1600*1200*24;uhttp%3A//rulsmart.me/unlock/;h%u0420%u0430%u0437%u0431%u043B%u043E%u043A%u0438%u0440%u0443%u0439%20%u0442%u0435%u043B%u0435%u0444%u043E%u043D%20Nokia%20%u043F%u043E%20IMEI.%20%u0421%u043D%u044F%u0442%u0438%u0435%20%u0437%u0430%u0449%u0438%u0442%u043D%u043E%u0433%u043E%20%u043A%u043E%u0434%u0430%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0438%u0433%u0440%u044B%20%u043D%u0430%20%u0410%u043D%u0434%u0440%u043E%u0438%u0434%2C%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u044B%u0435%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%u044B%20%u0434%u043B%u044F%20%u0441%u043C%u0430%u0440%u0442%u0444%u043E%u043D%u0430%20%u0438%20%u043E%u0431%u043E%u0438%20%u043D%u0430%20%u043F%u043B%u0430%u043D%u0448%u0435%u0442;0.1971747212349626

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

ac3979236d331ea448afbf17eb4a89209d1200df59c00f0f896fde6423f60842

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 20:07:09 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 819
Expires: Wed, 20 Jul 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 20:07:09 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t27.6;r;s1600*1200*24;uhttp%3A//rulsmart.me/unlock/;h%u0420%u0430%u0437%u0431%u043B%u043E%u043A%u0438%u0440%u0443%u0439%20%u0442%u0435%u043B%u0435%u0444%u043E%u043D%20Nokia%20%u043F%u043E%20IMEI.%20%u0421%u043D%u044F%u0442%u0438%u0435%20%u0437%u0430%u0449%u0438%u0442%u043D%u043E%u0433%u043E%20%u043A%u043E%u0434%u0430%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0438%u0433%u0440%u044B%20%u043D%u0430%20%u0410%u043D%u0434%u0440%u043E%u0438%u0434%2C%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u044B%u0435%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%u044B%20%u0434%u043B%u044F%20%u0441%u043C%u0430%u0440%u0442%u0444%u043E%u043D%u0430%20%u0438%20%u043E%u0431%u043E%u0438%20%u043D%u0430%20%u043F%u043B%u0430%u043D%u0448%u0435%u0442;0.1971747212349626
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Wed, 20 Jul 2022 21:00:00 GMT

GET
H/1.1 200
OK hit
c.hit.ua/ 279 B
705 B 164ms
70ms Image
image/png 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.hit.ua/hit?i=15760&g=0&x=4&s=1&c=1&t=0&w=1600&h=1200&d=24&0.22385247634497762&r=&u=http%3A//rulsmart.me/unlock/
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Server: 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: bea9e26db977eefe6effc2c9eabefdbaedd4ba765ea4162f144104306d7d7d0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 20:07:09 GMT
Server: nginx/1.17.9
Transfer-Encoding: chunked
Content-Type: image/png
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK loader.js Show response
mpsuadv.ru/lib/custom/ 1 KB
2 KB 724ms
91ms Script
application/javascript 45.12.19.24
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mpsuadv.ru/lib/custom/loader.js
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.12.19.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1116e6a6f1d8d180c0a37d423c7a1aedcd9591959512b834babe428d24d428ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:09 GMT
Last-Modified: Tue, 03 Jan 2023 06:43:04 GMT
Server: nginx/1.12.2
ETag: "63b3ce78-542"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 1346
Expires: Fri, 21 Jul 2023 20:07:09 GMT

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 167 KB
70 KB 173ms
42ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a9ede426918099ff28cef2553f05e38839abd17f24f6aa4da58e319beba2e840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Jul 2023 20:07:09 GMT
x-content-type-options: nosniff
content-encoding: br
age: 25741
x-jsd-version: 1.283.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 71010
x-served-by: cache-fra-eddf8230119-FRA
x-jsd-version-type: version
etag: W/"29b66-7Z7vay6e/8FPo6bQRZaqvICZIUM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/ 360 KB
124 KB 219ms
128ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14df2a057504800a9326d0968d9e60e9fa90fea47efb80567fb1779eac14fa18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126223
x-xss-protection: 0
server: cafe
etag: 10222966930273824908
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:07:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/ Frame 4732 10 KB
5 KB 129ms
40ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:03:53 GMT
etag: 12368291122986407432
expires: Fri, 04 Aug 2023 20:03:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Funlock%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxmwa11tbxy7%3Afp%3A500%3Afu%3A0%3Aen%3Awindows-1251...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Funlock%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxmwa11tbxy7%3Afp%3A500%3Afu%3A0%3Aen%3Awindows-125...

264 B
347 B

80ms
80ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Funlock%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxmwa11tbxy7%3Afp%3A500%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1082%3Acn%3A2%3Adp%3A0%3Als%3A790513042608%3Ahid%3A651554879%3Az%3A0%3Ai%3A20230721200709%3Aet%3A1689970030%3Ac%3A1%3Arn%3A382339179%3Arqn%3A1%3Au%3A1689970030681052466%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A117%2C72%2C102%2C1%2C%2C0%2C%2C339%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1689970028634%3Ast%3A1689970030&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4be3c66684e6138210b3bc80c22614e33308b7f36570b641907b82e9e2f33daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 21-Jul-2023 20:07:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://rulsmart.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 264
x-xss-protection: 1; mode=block
expires: Fri, 21-Jul-2023 20:07:09 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:09 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 21-Jul-2023 20:07:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/3/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Funlock%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxmwa11tbxy7%3Afp%3A500%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1082%3Acn%3A2%3Adp%3A0%3Als%3A790513042608%3Ahid%3A651554879%3Az%3A0%3Ai%3A20230721200709%3Aet%3A1689970030%3Ac%3A1%3Arn%3A382339179%3Arqn%3A1%3Au%3A1689970030681052466%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A117%2C72%2C102%2C1%2C%2C0%2C%2C339%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1689970028634%3Ast%3A1689970030&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: http://rulsmart.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 21-Jul-2023 20:07:09 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/873079/
Redirect Chain

https://mc.yandex.ru/watch/873079?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Funlock%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxmwa11tbxy7%3Afp%3A500%3Afu%3A0%3Aen%3Awindo...
https://mc.yandex.ru/watch/873079/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Funlock%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxmwa11tbxy7%3Afp%3A500%3Afu%3A0%3Aen%3Awin...

428 B
464 B

82ms
82ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/873079/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Funlock%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxmwa11tbxy7%3Afp%3A500%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A901862285957%3Ahid%3A651554879%3Az%3A0%3Ai%3A20230721200709%3Aet%3A1689970030%3Ac%3A1%3Arn%3A931325112%3Arqn%3A1%3Au%3A1689970030681052466%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A117%2C72%2C102%2C1%2C%2C0%2C%2C339%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1689970028634%3Arqnl%3A1%3Ast%3A1689970030%3At%3A%D0%A0%D0%B0%D0%B7%D0%B1%D0%BB%D0%BE%D0%BA%D0%B8%D1%80%D1%83%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%20Nokia%20%D0%BF%D0%BE%20IMEI.%20%D0%A1%D0%BD%D1%8F%D1%82%D0%B8%D0%B5%20%D0%B7%D0%B0%D1%89%D0%B8%D1%82%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BA%D0%BE%D0%B4%D0%B0%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B8%D0%B3%D1%80%D1%8B%20%D0%BD%D0%B0%20%D0%90%D0%BD%D0%B4%D1%80%D0%BE%D0%B8%D0%B4%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BC%D0%B0%D1%80%D1%82%D1%84%D0%BE%D0%BD%D0%B0%20%D0%B8%20%D0%BE%D0%B1%D0%BE%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

09ba3c06b214b8086cfa3923b82bc26f7de8dd2d684a6e7a8146195a1c9cfa12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 21-Jul-2023 20:07:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://rulsmart.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Fri, 21-Jul-2023 20:07:09 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:09 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 21-Jul-2023 20:07:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/873079/1?wmode=7&page-url=http%3A%2F%2Frulsmart.me%2Funlock%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxmwa11tbxy7%3Afp%3A500%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A901862285957%3Ahid%3A651554879%3Az%3A0%3Ai%3A20230721200709%3Aet%3A1689970030%3Ac%3A1%3Arn%3A931325112%3Arqn%3A1%3Au%3A1689970030681052466%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A117%2C72%2C102%2C1%2C%2C0%2C%2C339%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1689970028634%3Arqnl%3A1%3Ast%3A1689970030%3At%3A%D0%A0%D0%B0%D0%B7%D0%B1%D0%BB%D0%BE%D0%BA%D0%B8%D1%80%D1%83%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%20Nokia%20%D0%BF%D0%BE%20IMEI.%20%D0%A1%D0%BD%D1%8F%D1%82%D0%B8%D0%B5%20%D0%B7%D0%B0%D1%89%D0%B8%D1%82%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%BA%D0%BE%D0%B4%D0%B0%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B8%D0%B3%D1%80%D1%8B%20%D0%BD%D0%B0%20%D0%90%D0%BD%D0%B4%D1%80%D0%BE%D0%B8%D0%B4%2C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BC%D0%B0%D1%80%D1%82%D1%84%D0%BE%D0%BD%D0%B0%20%D0%B8%20%D0%BE%D0%B1%D0%BE%D0%B8%20%D0%BD%D0%B0%20%D0%BF%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: http://rulsmart.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 21-Jul-2023 20:07:09 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
205 B 243ms
78ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:09 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Jul 2023 11:40:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64ae66e9-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 21 Jul 2023 21:07:09 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
603 B 250ms
49ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=rulsmart.me&callback=_gfp_s_&client=ca-pub-4809740823367762

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70bf8d30a289b3cc20833a30e0f61441fc2fd6b7d678835440ba38bb0cc52cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 249ms
49ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rulsmart.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9966 123 KB
38 KB 755ms
754ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=1739284004&adk=871142700&adf=3347755254&pi=t.ma~as.1739284004&w=220&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=220x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029339&bpp=7&bdt=411&idt=337&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4510866465467&frm=20&pv=2&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=513&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=5Jg8U69hUO&p=http%3A//rulsmart.me&dtd=354

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0669ae51d2cf3b325048d0f6852f4ed1b8e646157dbb436a8a3cdc544fc52ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39089
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:07:10 GMT
expires: Fri, 21 Jul 2023 20:07:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3E44 123 KB
38 KB 857ms
855ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=3204743339&adf=2322724795&pi=t.ma~as.6765644335&w=219&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=219x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029346&bpp=1&bdt=418&idt=352&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=uJuyrI1Am6&p=http%3A//rulsmart.me&dtd=356

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2737f4a02f0d8277637838ed53152aa3f83e0ea4a6b51b6f889c8b2b9b7915a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38971
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:07:10 GMT
expires: Fri, 21 Jul 2023 20:07:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4284 117 KB
39 KB 1080ms
1080ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=229052413&adf=3406395625&pi=t.ma~as.6765644335&w=211&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=211x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029347&bpp=2&bdt=419&idt=361&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=234&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7cRsLFoR1H&p=http%3A//rulsmart.me&dtd=365

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36fdb1a09519c24b38c1151fcce1e7e224b592981425d94732820bbc26ccc0ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39594
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:07:10 GMT
expires: Fri, 21 Jul 2023 20:07:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC1F 104 KB
37 KB 864ms
863ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=90&slotname=2892395936&adk=2918302779&adf=797426555&pi=t.ma~as.2892395936&w=728&lmt=1689970029&format=728x90&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&wgl=1&dt=1689970029349&bpp=1&bdt=421&idt=367&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600%2C211x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=470&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=j9ByN19sm2&p=http%3A//rulsmart.me&dtd=369

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd4ccdc9162018b12b50a3b1b186c5123ecf54d8963ea179baee178ef706d3e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37199
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:07:10 GMT
expires: Fri, 21 Jul 2023 20:07:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 74ms
73ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=toolbar&ign=false&pw=1600&ph=1200&x=800&y=0

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 393E 451 KB
84 KB 752ms
746ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&adk=1812271804&adf=3025194257&lmt=1689970029&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&ea=0&pra=7&wgl=1&dt=1689970029367&bpp=2&bdt=439&idt=353&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600%2C211x600%2C728x90&nras=1&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&dtd=370

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13351b4efb1d21b4214e7e5f269c4552ab61a7ae47f48c8334deb6bbbc98b89f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 85470
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:07:10 GMT
expires: Fri, 21 Jul 2023 20:07:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10071.huDvpuJhIuCOLlbjMXJV3UUcCwJIpbB4aun2BWhIVpVReH7p9-NNSqxZ9TEfmw6P.5Hxexr0bHyZz1Kn7t7MonyH923I%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=10071.J5_lMniRAnh265sWqaemF2Wl1JFGShmpq-Roid3gATcItYq04mdotUGv8gKyjGoU5euxqw62GnV3WgnbAoV7Lskq6g5FZbHqN6DiJUHXTLF-IIl1iw3bQg1ISGJo5Pdv04TPozey...

43 B
504 B

88ms
88ms

Image
image/gif

154.47.36.179
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=10071.J5_lMniRAnh265sWqaemF2Wl1JFGShmpq-Roid3gATcItYq04mdotUGv8gKyjGoU5euxqw62GnV3WgnbAoV7Lskq6g5FZbHqN6DiJUHXTLF-IIl1iw3bQg1ISGJo5Pdv04TPozeyQbvpxmYSvaIGLlvTOxmB49JpoFJbPLzOfk-bWlIhEKyx-_QOO7z_n2IvtJX_ufVCG2NcUimC1V5EJycjiPVPEKcR-hEqvWYdM7o%2C.Ofvk2-SAu8SKGDbKNxT4w-v22xM%2C

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Server

154.47.36.179 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:10 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=10071.J5_lMniRAnh265sWqaemF2Wl1JFGShmpq-Roid3gATcItYq04mdotUGv8gKyjGoU5euxqw62GnV3WgnbAoV7Lskq6g5FZbHqN6DiJUHXTLF-IIl1iw3bQg1ISGJo5Pdv04TPozeyQbvpxmYSvaIGLlvTOxmB49JpoFJbPLzOfk-bWlIhEKyx-_QOO7z_n2IvtJX_ufVCG2NcUimC1V5EJycjiPVPEKcR-hEqvWYdM7o%2C.Ofvk2-SAu8SKGDbKNxT4w-v22xM%2C
date: Fri, 21 Jul 2023 20:07:10 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame 9966 4 KB
1 KB 138ms
50ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=1739284004&adk=871142700&adf=3347755254&pi=t.ma~as.1739284004&w=220&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=220x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029339&bpp=7&bdt=411&idt=337&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4510866465467&frm=20&pv=2&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=513&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=5Jg8U69hUO&p=http%3A//rulsmart.me&dtd=354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 18:39:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 9966 2 KB
972 B 237ms
148ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:17 GMT

GET
H2 200 10412999613978876886
tpc.googlesyndication.com/gpa_images/simgad/ Frame 9966 11 KB
11 KB 235ms
156ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/10412999613978876886

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2655b07df11c02a7f6625c88a67fd24d543e2e0e9a1589e971bcc9beadccdb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 17:00:05 GMT
x-content-type-options: nosniff
age: 184025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10782
x-xss-protection: 0
last-modified: Sun, 21 May 2023 10:53:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Jul 2024 17:00:05 GMT

GET
H2 200 2871130425405473849
tpc.googlesyndication.com/gpa_images/simgad/ Frame 9966 15 KB
15 KB 173ms
93ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/2871130425405473849

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee407b709ce616c5453a5057299e92d704d943cbb9161f365bd7c82a3410789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 10:31:14 GMT
x-content-type-options: nosniff
age: 552956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14897
x-xss-protection: 0
last-modified: Tue, 23 May 2023 22:06:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Jul 2024 10:31:14 GMT

GET
H2 200 4045879285539881949
tpc.googlesyndication.com/gpa_images/simgad/ Frame 9966 107 KB
107 KB 126ms
47ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/4045879285539881949

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27b02c87b8471199ab1a64fec6d919de08d73e94c70bc935597c1bb2c51af151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:09 GMT
x-content-type-options: nosniff
age: 268561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109484
x-xss-protection: 0
last-modified: Sun, 21 May 2023 10:07:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jul 2024 17:31:09 GMT

GET
H2 200 17525398274329392178
tpc.googlesyndication.com/gpa_images/simgad/ Frame 9966 14 KB
14 KB 229ms
149ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/17525398274329392178

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55be89949acd16b030b24ae502dbed0c236e6fcfac8e8388eeaf0b5fffaf452e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:02:11 GMT
x-content-type-options: nosniff
age: 122699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14708
x-xss-protection: 0
last-modified: Wed, 24 May 2023 02:02:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jul 2024 10:02:11 GMT

GET
H3

200

6510834987797366098
tpc.googlesyndication.com/simgad/ Frame 9966
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP7NvpJxCwCRisAjIIz2et6c0MJV8
https://tpc.googlesyndication.com/simgad/6510834987797366098

29 KB
30 KB

41ms
40ms

Image
image/jpeg

2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6510834987797366098

Requested by

Protocol

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f04f47fabff20443c2832679c5491e7c030901d0d16f79ea06f7779e539d294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 23:16:04 GMT
x-content-type-options: nosniff
age: 593466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30187
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 15:26:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Jul 2024 23:16:04 GMT

Redirect headers

date: Fri, 21 Jul 2023 17:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 9951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6510834987797366098
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 17:21:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 9966 23 KB
9 KB 133ms
133ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 9966 3 KB
1 KB 136ms
136ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 13:37:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 9966 20 KB
9 KB 113ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:23:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9966 179 KB
57 KB 145ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H2 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame 9966 33 KB
14 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 08:02:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3E44 4 KB
705 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=3204743339&adf=2322724795&pi=t.ma~as.6765644335&w=219&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=219x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029346&bpp=1&bdt=418&idt=352&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=uJuyrI1Am6&p=http%3A//rulsmart.me&dtd=356

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 18:37:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 3E44 2 KB
926 B 134ms
134ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 3E44 23 KB
9 KB 124ms
123ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 3E44 3 KB
1 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 13:37:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 3E44 20 KB
8 KB 135ms
134ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:23:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E44 179 KB
56 KB 135ms
135ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H2 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame 3E44 33 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 08:02:33 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/ 154 KB
52 KB 134ms
134ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1d41b7c869a78730c951682c753b026f0f69acd35c8b734562201025f41f490

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53543
x-xss-protection: 0
server: cafe
etag: 2724746983528530092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DC1F 14 KB
1 KB 50ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=90&slotname=2892395936&adk=2918302779&adf=797426555&pi=t.ma~as.2892395936&w=728&lmt=1689970029&format=728x90&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&wgl=1&dt=1689970029349&bpp=1&bdt=421&idt=367&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600%2C211x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=470&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=j9ByN19sm2&p=http%3A//rulsmart.me&dtd=369

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 18:42:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame DC1F 2 KB
926 B 128ms
128ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame DC1F 23 KB
9 KB 140ms
139ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame DC1F 3 KB
1 KB 141ms
141ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 13:37:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame DC1F 20 KB
8 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:23:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC1F 179 KB
56 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H2 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame DC1F 33 KB
14 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 08:02:33 GMT

GET
H2 200 2871130425405473849
tpc.googlesyndication.com/gpa_images/simgad/ Frame 3E44 15 KB
15 KB 116ms
115ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/2871130425405473849

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee407b709ce616c5453a5057299e92d704d943cbb9161f365bd7c82a3410789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 10:31:14 GMT
x-content-type-options: nosniff
age: 552956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14897
x-xss-protection: 0
last-modified: Tue, 23 May 2023 22:06:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Jul 2024 10:31:14 GMT

GET
H2 200 10412999613978876886
tpc.googlesyndication.com/gpa_images/simgad/ Frame 3E44 11 KB
11 KB 119ms
118ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/10412999613978876886

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2655b07df11c02a7f6625c88a67fd24d543e2e0e9a1589e971bcc9beadccdb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 17:00:05 GMT
x-content-type-options: nosniff
age: 184025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10782
x-xss-protection: 0
last-modified: Sun, 21 May 2023 10:53:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Jul 2024 17:00:05 GMT

GET
H2 200 17525398274329392178
tpc.googlesyndication.com/gpa_images/simgad/ Frame 3E44 14 KB
14 KB 123ms
122ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/17525398274329392178

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55be89949acd16b030b24ae502dbed0c236e6fcfac8e8388eeaf0b5fffaf452e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 10:02:11 GMT
x-content-type-options: nosniff
age: 122699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14708
x-xss-protection: 0
last-modified: Wed, 24 May 2023 02:02:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jul 2024 10:02:11 GMT

GET
H2 200 4045879285539881949
tpc.googlesyndication.com/gpa_images/simgad/ Frame 3E44 107 KB
107 KB 125ms
125ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/4045879285539881949

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27b02c87b8471199ab1a64fec6d919de08d73e94c70bc935597c1bb2c51af151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:31:09 GMT
x-content-type-options: nosniff
age: 268561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109484
x-xss-protection: 0
last-modified: Sun, 21 May 2023 10:07:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jul 2024 17:31:09 GMT

GET
H3

200

6510834987797366098
tpc.googlesyndication.com/simgad/ Frame 3E44
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP7NvpJxCwCRisAjIIz2et6c0MJV8
https://tpc.googlesyndication.com/simgad/6510834987797366098

29 KB
30 KB

40ms
40ms

Image
image/jpeg

2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6510834987797366098

Requested by

Protocol

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f04f47fabff20443c2832679c5491e7c030901d0d16f79ea06f7779e539d294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 23:16:04 GMT
x-content-type-options: nosniff
age: 593466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30187
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 15:26:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Jul 2024 23:16:04 GMT

Redirect headers

date: Fri, 21 Jul 2023 17:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 9951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6510834987797366098
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 17:21:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DC1F 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cv3FRbeW6ZIXEMu6I_tMP36m1sAuf1qqncJKV94a5EdrZHhABIMTAjBxglcqrgrQHoAHIsanNA8gBAagDAcgDywSqBOIBT9AGKAUYwYJglsKcK73FjQ06R6efI-jO5L3jkjx-1fj5LQvqYz1rovMEJDkgyjm2tTn7Pu-CjfvETthZcy0I8xIKmyO73cb02ohXVuCUETgXzwllE9aC5SiMWSiWbMRZ7pvIaYk_gt6hZ1R5nh-QDzf2EJzCeRP6oIZ1lQNrCU5L-l849Ppf7K-Ogc3vYA_BjjyW_TRMf1yxZuCMzTF_M7__bpQlA2z6c-1c-Qfdt62QlCvz1XBnvpxMU72-q7rzmUlgFMRR_1V54xCP7KcZYDyxkF4UGVUlESS5QUDDX4z62cAEiIfpnasEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB-Tq4jWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDrkQjSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMNiBQC0BUBgBcBshccChoIABIUcHViLTQ4MDk3NDA4MjMzNjc3NjIYAA&sigh=eG_fCiubQv4&uach_m=[UACH]&cid=CAQSGwBpAlJWzioGPbqTUPUePzvWasFa_iZrODCb9hgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=90&slotname=2892395936&adk=2918302779&adf=797426555&pi=t.ma~as.2892395936&w=728&lmt=1689970029&format=728x90&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&wgl=1&dt=1689970029349&bpp=1&bdt=421&idt=367&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600%2C211x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=470&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=j9ByN19sm2&p=http%3A//rulsmart.me&dtd=369
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Jul 2023 20:07:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E0B0 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=90&slotname=2892395936&adk=2918302779&adf=797426555&pi=t.ma~as.2892395936&w=728&lmt=1689970029&format=728x90&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&wgl=1&dt=1689970029349&bpp=1&bdt=421&idt=367&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600%2C211x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=470&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=j9ByN19sm2&p=http%3A//rulsmart.me&dtd=369
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:11:46 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9966 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afa6e155baa071dc9adb68c5f1be1772db2f2bb74e360af6e80d469a268632e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DC1F 135 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d203fd59975be8ab20699080e6fcf9bb5109cbccf6b40dab2a888921f86635d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E0B0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

60ms
59ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:07:10 GMT
expires: Fri, 21 Jul 2023 20:07:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:07:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9966 21 KB
21 KB 170ms
81ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 06:34:45 GMT
x-content-type-options: nosniff
age: 480745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jul 2024 06:34:45 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9966 20 KB
21 KB 131ms
44ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 16:40:42 GMT
x-content-type-options: nosniff
age: 530788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 16:40:42 GMT

GET
DATA 200
OK truncated
/ Frame 3E44 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d2588acc31bbe09ebed94f576f1b9a5aff882084aff6c8ef8e4bde8f82ef84b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DC1F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c307a98c3fb96533f6e0bdd2246eede741276618bc706c3714d528f1e686fcb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 49ms
48ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rulsmart.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 2A50 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:05:09 GMT
etag: 12368291122986407432
expires: Fri, 04 Aug 2023 20:05:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame D746 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:05:09 GMT
etag: 12368291122986407432
expires: Fri, 04 Aug 2023 20:05:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 5E25 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:05:09 GMT
etag: 12368291122986407432
expires: Fri, 04 Aug 2023 20:05:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 25D8 10 KB
4 KB 42ms
42ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:05:09 GMT
etag: 12368291122986407432
expires: Fri, 04 Aug 2023 20:05:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 4284 14 KB
1 KB 49ms
48ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=229052413&adf=3406395625&pi=t.ma~as.6765644335&w=211&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=211x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029347&bpp=2&bdt=419&idt=361&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=234&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7cRsLFoR1H&p=http%3A//rulsmart.me&dtd=365

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 18:42:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 4284 2 KB
892 B 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=229052413&adf=3406395625&pi=t.ma~as.6765644335&w=211&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=211x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029347&bpp=2&bdt=419&idt=361&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=234&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7cRsLFoR1H&p=http%3A//rulsmart.me&dtd=365

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 4284 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=229052413&adf=3406395625&pi=t.ma~as.6765644335&w=211&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=211x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029347&bpp=2&bdt=419&idt=361&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=234&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7cRsLFoR1H&p=http%3A//rulsmart.me&dtd=365

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 4284 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=229052413&adf=3406395625&pi=t.ma~as.6765644335&w=211&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=211x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029347&bpp=2&bdt=419&idt=361&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=234&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7cRsLFoR1H&p=http%3A//rulsmart.me&dtd=365

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 13:37:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 4284 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=229052413&adf=3406395625&pi=t.ma~as.6765644335&w=211&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=211x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029347&bpp=2&bdt=419&idt=361&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=234&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7cRsLFoR1H&p=http%3A//rulsmart.me&dtd=365

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:23:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4284 179 KB
56 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=229052413&adf=3406395625&pi=t.ma~as.6765644335&w=211&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=211x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029347&bpp=2&bdt=419&idt=361&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=234&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7cRsLFoR1H&p=http%3A//rulsmart.me&dtd=365

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H2 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame 4284 33 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=229052413&adf=3406395625&pi=t.ma~as.6765644335&w=211&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=211x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029347&bpp=2&bdt=419&idt=361&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=234&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7cRsLFoR1H&p=http%3A//rulsmart.me&dtd=365

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 08:02:33 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC1F 0
20 B 79ms
78ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20230719&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 3E44 21 KB
21 KB 85ms
84ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 06:34:45 GMT
x-content-type-options: nosniff
age: 480745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jul 2024 06:34:45 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 3E44 20 KB
20 KB 102ms
101ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 16:40:42 GMT
x-content-type-options: nosniff
age: 530788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 16:40:42 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14755360440369606160/ Frame 4284 22 KB
22 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14755360440369606160/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=229052413&adf=3406395625&pi=t.ma~as.6765644335&w=211&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=211x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029347&bpp=2&bdt=419&idt=361&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=234&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7cRsLFoR1H&p=http%3A//rulsmart.me&dtd=365

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20c904672c4a14d01110942a97decd121114141e7b438b743535146d6e890ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 19:46:00 GMT
x-content-type-options: nosniff
age: 519670
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22287
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 05:23:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 14 Jul 2024 19:46:00 GMT

GET
DATA 200
OK truncated
/ Frame 4284 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4284 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame DC1F 33 KB
33 KB 87ms
86ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 262673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 19:09:17 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 2A50 4 KB
671 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 18:37:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/ Frame 2A50 14 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f803b0618ea52f745b0c0426a63781fad8d07009a8941a6058230fd9b126a4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 04:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6364
x-xss-protection: 0
server: cafe
etag: 15519008266486477248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 04:52:40 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/ Frame 2A50 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faefc7d5cb22f0899412f91aa8fcabe5910c50cb6faee897413b62ac324c0f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8607
x-xss-protection: 0
server: cafe
etag: 1206383197409669553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 19:22:06 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D746 14 KB
1 KB 49ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 18:45:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame D746 2 KB
892 B 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame D746 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame D746 3 KB
1 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 13:37:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame D746 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:23:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D746 179 KB
56 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H3 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame D746 33 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 08:02:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5E25 14 KB
1 KB 49ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 20:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 18:16:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 20:07:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 5E25 2 KB
892 B 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 5E25 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 5E25 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 13:37:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 5E25 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:23:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E25 179 KB
56 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:07:11 GMT

GET
H3 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame 5E25 33 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 08:02:33 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CF79 624 B
245 B 83ms
82ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGFvwIQzaXKAhj40I_xATAB&v=APEucNUyXgl-KQRWSE9p_gKecC3RCGQhmOqXV23cE8gd_Sip5fbRKJzL4N3zZ_KkvQjjOtEadLL-Av_ytJk7KZ_8Ej_YdDbfgXfbDa6UiQvMHdg0LCkBj4VvIu09nEjqjTe9L28pXq7lNZhXbnLYlbzxJmZP3OR4_Zhcjh6gH85RXYMsjUWxhfM

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:07:11 GMT
expires: Fri, 21 Jul 2023 20:07:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0FEE 85 KB
29 KB 147ms
147ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:07:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0FEE 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 13:37:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0FEE 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:23:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FEE 179 KB
56 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:07:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0FEE 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AZpU_AniuCvEEcB0u45fHFrX7aPnXmtXCOnZcCm5bYYaPBdZ14iytfuTkBkFi59mfQunLejPQDPqxcs4aY5_2nxVjmvMI_YdtRwGj-6G5My-FFdjc

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0FEE 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17994423022902638267&x=1&ct=76

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9966 0
19 B 86ms
86ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUDw3beW6ZITvMNmKngXSuq74DLLp9tBu5sqV_6MJnOyR2fkZEAEgxMCMHGCVgoCAlAegAbXVjtkDyAEJqQLIHkEJg6WyPqgDAcgDywSqBOIBT9CutdRVClv1RpPEvm6UNuuu9eAG9_J3eSalrzZM5KeGRSM0K1as__L-l08ujyI1hYB5t5R-mJV9KUt7qe7UZyUz34vKV6qB75D84ymYzzyJwzS6I5ECnDmqzTu-d_CRvu5rQMNgWIrynKD4FWJJZudUCunr4BELW9Mz0y2mP9KSs1hlXO0LWGEQFMN32yQJADECdejukPdLQHcORHjjftSCbFoid7kTOrDLWj3gB9tILjjkXV1QKMYJ8FnxoR_YGD-lua-u7C7m-clcqucTiNCuy47M6a0-fmsgPflZanWijcAEu6O5pYwCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4qcsS-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQs-gB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTC4gUBdAVAYAXAbIXHAoaCAASFHB1Yi00ODA5NzQwODIzMzY3NzYyGAA&sigh=I5VacHy4-O8&uach_m=[UACH]&cid=CAQSGwBpAlJWWO2u6SbFBRfAcSHlWJPmDGRrld8b7BgB&template_id=494&cbvp=2&vis=1

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=1739284004&adk=871142700&adf=3347755254&pi=t.ma~as.1739284004&w=220&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=220x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029339&bpp=7&bdt=411&idt=337&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&correlator=4510866465467&frm=20&pv=2&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=513&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=5Jg8U69hUO&p=http%3A//rulsmart.me&dtd=354
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Jul 2023 20:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3E44 0
19 B 214ms
213ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbxFMbeW6ZKP7MZTKigOY0Yb4D7Lp9tBu5sqV_6MJnOyR2fkZEAEgxMCMHGCVyquCtAegAbXVjtkDyAEJqQIWprCs1qayPqgDAcgDywSqBOUBT9BjF1fH33GKXARVfvwdHIrqLn8jXT3RvbMXvUnuEVgpCqtNDNkDQcxHVeKrdi6iEV8YRKv_1F45ZRlsLVT0uKBauQNlATSB4OAQTA85jszd4sFFy2h99KPK6D-aiPEdx1yzs7-9WuzuDvdUwoRvi0pcDlowED9ulvh4LxJDX40mEbVWPW8q-XU9ybPqLmpMzSNn3WGWvFcQIWTvno9Fs1xoRb2EZlG79or086sAb2A6D8MdgnbWm9Xa8WukNChzXa9nzLnFLjWcBtrAPtGOOwIdsJw_Q7RBLoy7o2-hbp7Hl7MWb8AEu6O5pYwCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4qcsS-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQzeEC0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTC4gUBdAVAYAXAbIXHAoaCAASFHB1Yi00ODA5NzQwODIzMzY3NzYyGAA&sigh=5nvJEC16oGs&uach_m=[UACH]&cid=CAQSGwBpAlJW5SGItAgLUbvPpjamryt4Snee6k9gwxgB&template_id=494&cbvp=2&vis=1

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=3204743339&adf=2322724795&pi=t.ma~as.6765644335&w=219&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=219x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029346&bpp=1&bdt=418&idt=352&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=uJuyrI1Am6&p=http%3A//rulsmart.me&dtd=356
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Jul 2023 20:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame A2C9 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 4862 37 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A8D 37 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
DATA 200
OK truncated
/ Frame 4284 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f055f60deaea41af4c4833ebea5d01fe17a8004bd323a88e67a352704e5347

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CF79
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOire0bBGnYA9MbFMFdhfg4&google_cver=1

43 B
766 B

41ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOire0bBGnYA9MbFMFdhfg4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGFvwIQzaXKAhj40I_xATAB&v=APEucNUyXgl-KQRWSE9p_gKecC3RCGQhmOqXV23cE8gd_Sip5fbRKJzL4N3zZ_KkvQjjOtEadLL-Av_ytJk7KZ_8Ej_YdDbfgXfbDa6UiQvMHdg0LCkBj4VvIu09nEjqjTe9L28pXq7lNZhXbnLYlbzxJmZP3OR4_Zhcjh6gH85RXYMsjUWxhfM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 20:07:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOire0bBGnYA9MbFMFdhfg4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CF79
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLrlb4N-xZShQY0gQHbu.AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOire0bBGnYA9MbFMFdhfg4&google_cver=1&google_hm=2

43 B
766 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOire0bBGnYA9MbFMFdhfg4&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGFvwIQzaXKAhj40I_xATAB&v=APEucNUyXgl-KQRWSE9p_gKecC3RCGQhmOqXV23cE8gd_Sip5fbRKJzL4N3zZ_KkvQjjOtEadLL-Av_ytJk7KZ_8Ej_YdDbfgXfbDa6UiQvMHdg0LCkBj4VvIu09nEjqjTe9L28pXq7lNZhXbnLYlbzxJmZP3OR4_Zhcjh6gH85RXYMsjUWxhfM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Jul 2023 20:07:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOire0bBGnYA9MbFMFdhfg4&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame CF79
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOtDmwuSGlwaRCZ2Wqr9Uwo&google_cver=1

43 B
841 B

41ms
40ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOtDmwuSGlwaRCZ2Wqr9Uwo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIGFvwIQzaXKAhj40I_xATAB&v=APEucNUyXgl-KQRWSE9p_gKecC3RCGQhmOqXV23cE8gd_Sip5fbRKJzL4N3zZ_KkvQjjOtEadLL-Av_ytJk7KZ_8Ej_YdDbfgXfbDa6UiQvMHdg0LCkBj4VvIu09nEjqjTe9L28pXq7lNZhXbnLYlbzxJmZP3OR4_Zhcjh6gH85RXYMsjUWxhfM

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
an-x-request-uuid: d8be25df-15df-477c-b774-4c9043b91328
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.100; 80.255.7.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOtDmwuSGlwaRCZ2Wqr9Uwo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CF79
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUxOTk2MTc5NzM5NTMzMDQ4NQ%3D%3D

170 B
243 B

54ms
53ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUxOTk2MTc5NzM5NTMzMDQ4NQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
an-x-request-uuid: 2da94f64-0798-4d35-b9e1-df27d37a4ebd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUxOTk2MTc5NzM5NTMzMDQ4NQ%3D%3D
x-proxy-origin: 80.255.7.100; 80.255.7.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4284 33 KB
33 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 262674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 19:09:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 438D 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:24:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 438D 8 KB
750 B 54ms
54ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 20:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 18:37:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 20:07:11 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame 438D 15 KB
3 KB 145ms
41ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 19:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348707
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 17:29:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 19:15:24 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame 438D 375 KB
129 KB 146ms
42ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

694232a260aae79863960cde335169eda08872773c6f3fc63a4c16edfcf9a477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 19:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348707
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131779
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 17:29:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 19:15:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 438D 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:23:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4284 0
19 B 114ms
114ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CicxLbeW6ZJbJMpbziQOq7Y6QDpnf7NlvgOzmjqUM2KK1qJYOEAEgxMCMHGCVyquCtAegAa6YiqICyAEJqQIWprCs1qayPqgDAcgDywSqBPYBT9CXD_ieHrDtVL3yKSIiImeaHQfOfawVH4LdES-I581jFpR-7LO83Di4irDKzNHF-nfgxCpHHiTPvu9-tnjDjDNwPGxP0Ou6_howuf7Rf10qqGJDtsX1PH_O00JMeFh7dPWyJlV-_wLuallo8VLodvTqEJswbiHzvRL3kMz4WQ9Ng76Zy4BsFj8LgX-bFhyqc3cjYQGgS8P_VfEMMCSnDOPzbUxLaDSGdfu0UYX9n_Ct93usMAKy3jnCmfezg4Q-nzKkRG7qyGaJKxPghd9JyZGqoxLtdznvsd3BOdv3znvPQ-L2i6RnwxmcTlJcq3Ct9Ozt_NtNwASegcTr_wKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHuuf13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCGlALSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMMiBQD0BUBgBcBshccChoIABIUcHViLTQ4MDk3NDA4MjMzNjc3NjIYAA&sigh=wZBL6jIQWCo&uach_m=[UACH]&cid=CAQSGwBpAlJWSbhpNMf1aSStM1XYtafFD4lg_kKDUBgB&template_id=5000&cbvp=2&vis=1

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=229052413&adf=3406395625&pi=t.ma~as.6765644335&w=211&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=211x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029347&bpp=2&bdt=419&idt=361&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=234&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7cRsLFoR1H&p=http%3A//rulsmart.me&dtd=365
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Jul 2023 20:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame CF22 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4809740823367762&output=html&h=600&slotname=6765644335&adk=229052413&adf=3406395625&pi=t.ma~as.6765644335&w=211&fwrn=4&fwrnh=100&lmt=1689970029&rafmt=1&format=211x600&url=http%3A%2F%2Frulsmart.me%2Funlock%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1689970029347&bpp=2&bdt=419&idt=361&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&prev_fmts=220x600%2C219x600&correlator=4510866465467&frm=20&pv=1&ga_vid=1245375485.1689970030&ga_sid=1689970030&ga_hid=838085221&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=234&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788442%2C44796827&oid=2&pvsid=519457556346721&tmod=957882748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=7cRsLFoR1H&p=http%3A//rulsmart.me&dtd=365

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0FEE 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9017988285309&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0FEE 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9017988285309&version=m202306200101&ct=76&x=1&cor=17994423022902639000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0FEE 107 KB
40 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOoVYNqNR0MvyeKadW-yXJEujxNiJKeCn13SNnpramUHyUwyXoyzhjoX2xARaT4Aj9PZUrqXdHnL_MMSZlWiOVq_j4qy2csC9B7H3WoH6K4-chkQL7-gt5uTVUsPevFTwfUNt_iF4fYi1_69YgXR7EVCl1LlHZ9MzH2eWEc6YbiGPGVNU&dbm_d=AKAmf-CIeHV2Z0DWHqNalv-h5I5r9l_SdYwF33-gBau5koFVwijCfClOV2jF5EWddeETe-_Z9RBC1eb4LlYp-KlML75DCP7PJrMKIwmyclT4lBDbUl_cqP056sdJWReddQgBRpKgrgFiZUoqFhjnY-QeeUKKIaUd8j5CM_LqL8FoQ59CPZ_B5SUpTlw3RzbDXKXsa3RGjP7qo7mXynihFd5rwZZ8ldNk4jbwsqNV3MAdwv8qee8PPyxb4-H2bmzPVfrmplk6tONJUW1vG6WH-tQg09TaIZLEyUvHKYJJl-Rea3nSnJIk-dRxVp7xY7WamqxMtjSCadRHSA7U4N2STwXALBn7Vh71TjAiImcXVsMe5-KXFn-O1kUt40IvHd2FHOKW2r5LFotgO06CkCHpmgVp67Gyx9icIYASYh5l9_i5m9nvpP8W-FjoGwzTtdhR4GPqOOQuHnKtOW2evrvVEXCSx3nQktBSY4dLS0NZ_Tkd-S94Vj2g4UQFksOK4qHKIJjiAJ-XUA7oX9G2CeMpaEcLTtTmfL9kt-0t77HZyaBqng6r3L1f4lzwbtN2_argIxgwK97vYLr6ko8vM_-GTR_Ez4Iv-0vV1lvpjysJesLJZuvStEQGdhDz-n0IwQ31HrxqMP40ecGNjloX-4FkABYLuyQl8XgQ8Bkz_76-yjBQLZotPytvY0H-_ffgX517yrZlmpBVV99zYdygh_T6tgwhYKoaAMRejR-KsGGZxFaF0wVq3VjLpZp9yg_jS00BJQqQ4ZN85Bt7ozOgP9mRqCS8cOLoH9UjsgnCPCXRBwD6wAvJkuvywen56V6ZnCnE4zrUmTjDA2xFTr8t2OnGR-ETl6sBLsgZumbnrNuSjNf9wxMrP2VDTvhRm50A2kvWbBSC_bgRnnbR4ijJtoPj9AjWlKgg65DnTFdflJUYGM23Hnzhkhz6dIv2MmN_GHEv01Gpgcag9t_omwVto1eVsIIWkOMSdT77WwXwkjdcGZyoZ41QZN9QG7Vq3UmN2hW6RVqW2m4yrOfEoBcKSTdWVuGCNG7sTvYzkcPV0rQ75YhZhi9paCBjJJhqQOdd3QyFJHbLA85-ZMwYaOeYe8YGYtC3PUBeApW3vcFGitdx1dggxfv9KJgEEnN0yyrtmy3lNj5S-bs2hkcOINTZOpC8XGC04iBCNrIbSaFjG_efs33E6k4d65k1itk_934aibHqLx2_LrhyeGCSREC68pfDZnudvfjiC1BZ_7k8CqrPqsf041HTiGjEnnGRcIkyuhDsAM-BC3Fo44DnIkoPcuf5nmaYaOoOot7LYBQOTD5MvHVxBNuUwfjzqp39tB4QO4N0S4PHfivmZkQ_A9fZsfURwxfkfCcKQW42TtNpuE-m5kgrPT1k7U7h1KebfVp6JZ0m1cI0TDfnkIL7o8TALBT-F_QKkXaRflzOL0oeLgfq_UPMBjPqKPngfBYCjlX_g6xUn43joUiiI0TKR2yBRg3KI23eae0Aup9LD9L0iI15apfUPQda1Fi6yBePp9NZpu9e8PsTc7YecmrrDubOqElaEkOqcH-kCzLYEJvYWnDjPkA-JxII9kBOvzR1WTXxWD8WPaG9_1d4ox984OTP9w4WVFhKjjAMl1_J99hG5WAAu-rnYQDt-QB6ZbLMgcLiMljVKI4sd2U2ue_sonkg0T6hKh00X1UeslevKowhH2mTzIGfvFxRiCXU0L3Gm5nJmF-53IaIqXIXTGQyH8QQotAeaooTkkLdypMNk6nyj_AMzaGRc44el41rfu3l7th533kCBg-6wkjFjAem3C8iSnPzlnrJf7NLqLoIzlZSd1lGq5ZPineeC6_sz-gGATctC3Y5285Ilv-EmJpIPV_yAvrTcH634UmcrEPNGoqgm0T4hilILFEoHC2lnHaH3ZLH7xD2i4bU60C2jnlUI_2NN0tunsc8BTrBn9y9pUFpPre3iuig2OKiljy_kUcozjclKkEZfVFW79Tkb6eWBbGbFUoEe0GU3Fbg3NsX6FCFuhQEO4EuWw4vvovi7QwZRLkN7VHwqfeY9-z486BGK_cEwAmm8dO6umY4c0Ev2f7r9o1_YIsvEZhE-ZCbZ-Isg71uXggtlc7I7I3ifSBjljheo3jzsK7qhvg39AvHF3qR-KLu8-J6Wu7V1f5LEQQVZVMNPVWUDZs_xezEJwvRGvYxLWJRdrZOceoQEan6PEQ1SAoxoSzD6T41OBqOqV69PNZ71BiYrSP-TE63lxUqvoXK0r-XL32zcCow8HP5Zh3RVhyilJarFcXc9uzVDxDr-4zTM_c7x5X44riIu0eGFPB3-Hjee-c2ZI9J8p4qxB_csvQtvb2kNXcD6MwmXjZkULRI7l-2tslttzMFWJzTfS8aV8k1bOXLxlxly5uwJqOizR0bAcrbAH2cnmXDz0gM9FR0v5fds5JwIcpIP9ikmXd4QGJUjyBI96-9PBom1xsey25oiD2kcN_f3BsvRgOrkSd8F1pIAloPaOVdRRl3KCQLz1vVc70ORcEyILoDoViYO87izPIrqjFrb9ynX3AVNNCSqJR_fRVpLHaRL8RyLv_rDTEEsmHGulbgTQzdwTzOz53RpIHvYaYgh-CpGT9DTxo9bo5gZZE1h10Dl0psX6xCtj-QbmLQI0a6FqSL7rDjke78rpasaM06uOY7fvxaubQO3SUi34Xnj3ZBntJ-YisKvFkA_b1Av83ZG2NBwKGIzkK_HBx0o2H0LR2nwn74t06Dc8AFrI-e7igLlGCU9Y5nBbFjVb8yGDycertwYCvoLZ2yKztapCgL_roSNTpAYG5TYx9OWtR2R9lwT3WCRj8JO7geo1gzM-XNSnxCNYpkaoCOqO6HlcI5-HpiVbbDwrzBKHa79b74QNcjDw53LSSwrMQGKxumB70wceKUk6LzoJIXY9VAXyaExyfhKNf412NZ4GLKZLb-8EyjCmbSDshUifn3nmPC06d-yFyL__Gx4rFSRz6zvMZ58ZL-W4HmcmufYPyhjkMO1j2a90tC9HNKpldSUKOxEez59r8FGohtSr1nm7xjW4w6uhffxtwitKlhkFisxwTuLbUmPkKJuznScz_GXNxTla2COuj_kNgLGX31ZpMGPJSStMut760pPqu9Fp4JWs2uDgkAIcgD0EINxoU1j2QMHQZ-3TuFUzWHvglr2Wf0Q2xTQ20LmK1TJDRnN8BVl9pP2JEFPBqO6jDwg0HcHciWNBM9Fj85mXOOoCft-8JhSxL5xlibdeij4ufO285LDjIyxb2Dw90ZxaDw-fiC__ASRLtDgEAW55KpMkyanVh6mQECU0TghIUpb75mxOTqoDsllMbfwPRGWa4o7aJxRv6nhCBuJIJyPEYiHDVqBRpBhmAIuLzYQ46SE9iJEOOMo9U_t360GjAvK2mPq_QBCRmAf8tOZyLnWOatw6_6pErtRJl97zzO_mYA9K14LnzBsslr0f5PMmEBQHERTb3pSxVGYrhov7giK4speIvv8MJPEjHiAf2TuKB8A3VUZdRIa2z7dd0IWsjRqBBGsQ57Vvl6FolSdnN5wmlgc1XnUzFLJWRunbpqNpA1HxmXCzUzISZCPBsLW8LRc-2xFPQMWIIQYbPiT9x1XeFhx5KXhl1PPWuGIcLj7ZWFQCfBSiOaT1Jx5DdKWs6EwnprSSu2VlexuCro0LKHxtr44Zfa_T1rMnupa6XCZYrxE3a5uFCNDUKW9F-1cEVs8k33otNyfYGem91cSB2uljiaYzWFgy7xXXBX1HyfaXXDJdlI4_4sKhhhW8KCqV-n&cid=CAQSGwBpAlJWzturwH2sYAdX1h-TVksimZIielVMnRgB&dv3_ver=m202306200101&rfl=http%3A%2F%2Frulsmart.me%2F&ds=l&xdt=1&iif=1&cor=17994423022902639000&adk=2988274607&idt=155&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b56e66c3cabcd3cedfca137893d958bec787ab52b849d20c36d147766f690a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40972
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 22CB 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 401E 37 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1565935/72734094/ Frame 0FEE 249 KB
75 KB 200ms
56ms Script
application/javascript 52.30.88.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1565935/72734094/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013756215&ias_pubId=pub-4809740823367762&ias_chanId=1&ias_placementId=20365395083&bidurl=http://rulsmart.me/unlock/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hCLa6_f4SPHiufpW0Oxg21
Requested by: Host: rulsmart.me
URL: http://rulsmart.me/unlock/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.88.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-88-149.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f48340f5342867f346eb8ebb67bd491ba352c594290e3ec951b9dc394700b917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 0FEE 172 KB
61 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jul 2023 19:02:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/ Frame 0FEE 11 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOoVYNqNR0MvyeKadW-yXJEujxNiJKeCn13SNnpramUHyUwyXoyzhjoX2xARaT4Aj9PZUrqXdHnL_MMSZlWiOVq_j4qy2csC9B7H3WoH6K4-chkQL7-gt5uTVUsPevFTwfUNt_iF4fYi1_69YgXR7EVCl1LlHZ9MzH2eWEc6YbiGPGVNU&dbm_d=AKAmf-CIeHV2Z0DWHqNalv-h5I5r9l_SdYwF33-gBau5koFVwijCfClOV2jF5EWddeETe-_Z9RBC1eb4LlYp-KlML75DCP7PJrMKIwmyclT4lBDbUl_cqP056sdJWReddQgBRpKgrgFiZUoqFhjnY-QeeUKKIaUd8j5CM_LqL8FoQ59CPZ_B5SUpTlw3RzbDXKXsa3RGjP7qo7mXynihFd5rwZZ8ldNk4jbwsqNV3MAdwv8qee8PPyxb4-H2bmzPVfrmplk6tONJUW1vG6WH-tQg09TaIZLEyUvHKYJJl-Rea3nSnJIk-dRxVp7xY7WamqxMtjSCadRHSA7U4N2STwXALBn7Vh71TjAiImcXVsMe5-KXFn-O1kUt40IvHd2FHOKW2r5LFotgO06CkCHpmgVp67Gyx9icIYASYh5l9_i5m9nvpP8W-FjoGwzTtdhR4GPqOOQuHnKtOW2evrvVEXCSx3nQktBSY4dLS0NZ_Tkd-S94Vj2g4UQFksOK4qHKIJjiAJ-XUA7oX9G2CeMpaEcLTtTmfL9kt-0t77HZyaBqng6r3L1f4lzwbtN2_argIxgwK97vYLr6ko8vM_-GTR_Ez4Iv-0vV1lvpjysJesLJZuvStEQGdhDz-n0IwQ31HrxqMP40ecGNjloX-4FkABYLuyQl8XgQ8Bkz_76-yjBQLZotPytvY0H-_ffgX517yrZlmpBVV99zYdygh_T6tgwhYKoaAMRejR-KsGGZxFaF0wVq3VjLpZp9yg_jS00BJQqQ4ZN85Bt7ozOgP9mRqCS8cOLoH9UjsgnCPCXRBwD6wAvJkuvywen56V6ZnCnE4zrUmTjDA2xFTr8t2OnGR-ETl6sBLsgZumbnrNuSjNf9wxMrP2VDTvhRm50A2kvWbBSC_bgRnnbR4ijJtoPj9AjWlKgg65DnTFdflJUYGM23Hnzhkhz6dIv2MmN_GHEv01Gpgcag9t_omwVto1eVsIIWkOMSdT77WwXwkjdcGZyoZ41QZN9QG7Vq3UmN2hW6RVqW2m4yrOfEoBcKSTdWVuGCNG7sTvYzkcPV0rQ75YhZhi9paCBjJJhqQOdd3QyFJHbLA85-ZMwYaOeYe8YGYtC3PUBeApW3vcFGitdx1dggxfv9KJgEEnN0yyrtmy3lNj5S-bs2hkcOINTZOpC8XGC04iBCNrIbSaFjG_efs33E6k4d65k1itk_934aibHqLx2_LrhyeGCSREC68pfDZnudvfjiC1BZ_7k8CqrPqsf041HTiGjEnnGRcIkyuhDsAM-BC3Fo44DnIkoPcuf5nmaYaOoOot7LYBQOTD5MvHVxBNuUwfjzqp39tB4QO4N0S4PHfivmZkQ_A9fZsfURwxfkfCcKQW42TtNpuE-m5kgrPT1k7U7h1KebfVp6JZ0m1cI0TDfnkIL7o8TALBT-F_QKkXaRflzOL0oeLgfq_UPMBjPqKPngfBYCjlX_g6xUn43joUiiI0TKR2yBRg3KI23eae0Aup9LD9L0iI15apfUPQda1Fi6yBePp9NZpu9e8PsTc7YecmrrDubOqElaEkOqcH-kCzLYEJvYWnDjPkA-JxII9kBOvzR1WTXxWD8WPaG9_1d4ox984OTP9w4WVFhKjjAMl1_J99hG5WAAu-rnYQDt-QB6ZbLMgcLiMljVKI4sd2U2ue_sonkg0T6hKh00X1UeslevKowhH2mTzIGfvFxRiCXU0L3Gm5nJmF-53IaIqXIXTGQyH8QQotAeaooTkkLdypMNk6nyj_AMzaGRc44el41rfu3l7th533kCBg-6wkjFjAem3C8iSnPzlnrJf7NLqLoIzlZSd1lGq5ZPineeC6_sz-gGATctC3Y5285Ilv-EmJpIPV_yAvrTcH634UmcrEPNGoqgm0T4hilILFEoHC2lnHaH3ZLH7xD2i4bU60C2jnlUI_2NN0tunsc8BTrBn9y9pUFpPre3iuig2OKiljy_kUcozjclKkEZfVFW79Tkb6eWBbGbFUoEe0GU3Fbg3NsX6FCFuhQEO4EuWw4vvovi7QwZRLkN7VHwqfeY9-z486BGK_cEwAmm8dO6umY4c0Ev2f7r9o1_YIsvEZhE-ZCbZ-Isg71uXggtlc7I7I3ifSBjljheo3jzsK7qhvg39AvHF3qR-KLu8-J6Wu7V1f5LEQQVZVMNPVWUDZs_xezEJwvRGvYxLWJRdrZOceoQEan6PEQ1SAoxoSzD6T41OBqOqV69PNZ71BiYrSP-TE63lxUqvoXK0r-XL32zcCow8HP5Zh3RVhyilJarFcXc9uzVDxDr-4zTM_c7x5X44riIu0eGFPB3-Hjee-c2ZI9J8p4qxB_csvQtvb2kNXcD6MwmXjZkULRI7l-2tslttzMFWJzTfS8aV8k1bOXLxlxly5uwJqOizR0bAcrbAH2cnmXDz0gM9FR0v5fds5JwIcpIP9ikmXd4QGJUjyBI96-9PBom1xsey25oiD2kcN_f3BsvRgOrkSd8F1pIAloPaOVdRRl3KCQLz1vVc70ORcEyILoDoViYO87izPIrqjFrb9ynX3AVNNCSqJR_fRVpLHaRL8RyLv_rDTEEsmHGulbgTQzdwTzOz53RpIHvYaYgh-CpGT9DTxo9bo5gZZE1h10Dl0psX6xCtj-QbmLQI0a6FqSL7rDjke78rpasaM06uOY7fvxaubQO3SUi34Xnj3ZBntJ-YisKvFkA_b1Av83ZG2NBwKGIzkK_HBx0o2H0LR2nwn74t06Dc8AFrI-e7igLlGCU9Y5nBbFjVb8yGDycertwYCvoLZ2yKztapCgL_roSNTpAYG5TYx9OWtR2R9lwT3WCRj8JO7geo1gzM-XNSnxCNYpkaoCOqO6HlcI5-HpiVbbDwrzBKHa79b74QNcjDw53LSSwrMQGKxumB70wceKUk6LzoJIXY9VAXyaExyfhKNf412NZ4GLKZLb-8EyjCmbSDshUifn3nmPC06d-yFyL__Gx4rFSRz6zvMZ58ZL-W4HmcmufYPyhjkMO1j2a90tC9HNKpldSUKOxEez59r8FGohtSr1nm7xjW4w6uhffxtwitKlhkFisxwTuLbUmPkKJuznScz_GXNxTla2COuj_kNgLGX31ZpMGPJSStMut760pPqu9Fp4JWs2uDgkAIcgD0EINxoU1j2QMHQZ-3TuFUzWHvglr2Wf0Q2xTQ20LmK1TJDRnN8BVl9pP2JEFPBqO6jDwg0HcHciWNBM9Fj85mXOOoCft-8JhSxL5xlibdeij4ufO285LDjIyxb2Dw90ZxaDw-fiC__ASRLtDgEAW55KpMkyanVh6mQECU0TghIUpb75mxOTqoDsllMbfwPRGWa4o7aJxRv6nhCBuJIJyPEYiHDVqBRpBhmAIuLzYQ46SE9iJEOOMo9U_t360GjAvK2mPq_QBCRmAf8tOZyLnWOatw6_6pErtRJl97zzO_mYA9K14LnzBsslr0f5PMmEBQHERTb3pSxVGYrhov7giK4speIvv8MJPEjHiAf2TuKB8A3VUZdRIa2z7dd0IWsjRqBBGsQ57Vvl6FolSdnN5wmlgc1XnUzFLJWRunbpqNpA1HxmXCzUzISZCPBsLW8LRc-2xFPQMWIIQYbPiT9x1XeFhx5KXhl1PPWuGIcLj7ZWFQCfBSiOaT1Jx5DdKWs6EwnprSSu2VlexuCro0LKHxtr44Zfa_T1rMnupa6XCZYrxE3a5uFCNDUKW9F-1cEVs8k33otNyfYGem91cSB2uljiaYzWFgy7xXXBX1HyfaXXDJdlI4_4sKhhhW8KCqV-n&cid=CAQSGwBpAlJWzturwH2sYAdX1h-TVksimZIielVMnRgB&dv3_ver=m202306200101&rfl=http%3A%2F%2Frulsmart.me%2F&ds=l&xdt=1&iif=1&cor=17994423022902639000&adk=2988274607&idt=155&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 17:49:12 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 0FEE 30 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 18:10:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7027
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11528
x-xss-protection: 0
server: cafe
etag: 1206305422853166885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 18:10:04 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0FEE 41 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 01:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 01:53:14 GMT

GET
DATA 200
OK truncated
/ Frame 0FEE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4c647df34e4dc199d6f4c9f0467548fcf98a85691e7b88178039ffa1603cf41

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 438D 0
45 B 602ms
223ms Ping
image/gif 2607:f8b0:4012:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lkd0itsg&c=2955402488258&slotId=1477701244129&qqid=CJ-KvvrMoIADFdOCpwodaDIJPw&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 438D 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cnp7abeW6ZN-fNNOFngXo5KT4A57N5K9xxrqLvr0RsKGy74MCEAEgxMCMHGCVyquCtAfIAQWpAsgeQQmDpbI-qAMByAObBKoEggJP0JhIbGkrVVevfv1ZJIF89v9MTWosxooLNj7SSay7Xbrtz3BKL2AVJV9CPjyja7ULuply7m9ldnwsRyYoG5lpUNZn2HQADvdNJWM077Ih-COFBphedZ8-5wgKL49nVAEaLsItM8PBjJx6OrIhkjhqqxqnL7dSTnjn2zsPnSxMcFnHEk8KGrjv-6Aa_xiCmznueC4rysnymvVLFB4SpQiFJCzayNxO97n_jF0FVaXrxl095NqrnhpZv7-OXJDohFjoKShjX6ULmrDz9ZTuJlTI0g5r1hLxigcu8ELvjHjBOOH5C8YKEGjJxvGg9OkdP_mU1nhhsK-24xO3Vj2nqA1FpbLABNjAiYGzBOAEA5AGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAbATxpHxE8gTtJ2V4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1689970031448&ai=Cnp7abeW6ZN-fNNOFngXo5KT4A57N5K9xxrqLvr0RsKGy74MCEAEgxMCMHGCVyquCtAfIAQWpAsgeQQmDpbI-qAMByAObBKoEggJP0JhIbGkrVVevfv1ZJIF89v9MTWosxooLNj7SSay7Xbrtz3BKL2AVJV9CPjyja7ULuply7m9ldnwsRyYoG5lpUNZn2HQADvdNJWM077Ih-COFBphedZ8-5wgKL49nVAEaLsItM8PBjJx6OrIhkjhqqxqnL7dSTnjn2zsPnSxMcFnHEk8KGrjv-6Aa_xiCmznueC4rysnymvVLFB4SpQiFJCzayNxO97n_jF0FVaXrxl095NqrnhpZv7-OXJDohFjoKShjX6ULmrDz9ZTuJlTI0g5r1hLxigcu8ELvjHjBOOH5C8YKEGjJxvGg9OkdP_mU1nhhsK-24xO3Vj2nqA1FpbLABNjAiYGzBOAEA5AGAaAGdoAH2I7rvgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAbATxpHxE8gTtJ2V4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 438D 0
54 B 589ms
220ms Ping
image/gif 2607:f8b0:4012:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lkd0itsp&c=2955402488258&slotId=1477701244129&qqid=CJ-KvvrMoIADFdOCpwodaDIJPw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1bq&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 438D 29 KB
17 KB 232ms
122ms XHR
text/xml 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C5S-uI3HtkZUP3DnehOjzjY3JEkphcrEZUBNeekZ4JhNfS4Dm3xgDBU0QciXMxVvKUUf-pcf-fQcMU15DRAOwc89nO8A&cry=1&dbm_d=AKAmf-DZtug8woEOm06Bqb2F-eJn3570wcI8E2VnZxkmwJ6COOyDiE9DGiIhYgUGVUZw5h91DtKzr1uGf8M9dL20fqjVt6aAIqqEDIxMijuc2nliVTxPjJnQ5cIGh43HusL3mx0cjAAaflCAPyI4jJvImDmJEurMRgE6uVmOKYf_qkq6Ze1268LB2m-wMYuTbI8mtLkgJMzzmUMaWerL9kOExGbTytKyRYp130RQuzTYszPfHi6dsR3otdMFy8wVfO1whhayJlbTo41IqJLV8l1i9YfKfgxs5hLznQlSCxgIb4PX8FsnqO8k0zOMdLJrtBnBd0385NPVtQzPmRuB01apdF8-RxerMwJOGzkhm1a7JmheugKp0_mW9d-2ouTvu-45NvuHll3R6esllhTYB5yP6WvKQmEPJzG8-oZmdgBsr2DuVf-iEzercI5-IY4Nxo-4rcEWTeomj_ZHOfK6CO9P2uKnnu9EQ5_24Vg36vQIjoF9M1pWQvvQZxOMILT671OxAIVNR-jKU98g-xvii0VFmAOClAUdQwYev2zRlXZzwvDu8lp4se_Itu3ie_0sPLpXLoEP32cSFTh1PS7UdncITE5ePTKmEX9kU2Ugpmsj4F8HOAL9_-AtEjUMNXkKBXvORdHFL2oBvb1ooORa7A2UoKoLZ0ZpvNlE72MWV_ZvuRu0Enro2UQlgW-k1MRwH3KTB4RmfwDfHxQXlSe5V6tgpIIxpU66_UzksLHC1jufREKz2z-l5YMVT2TBW77QB3lKlJzVv4TGbb7JN47xbJ3z5GG8G3BtpDrvfrsgjenwfttiSP01IXKHzosgWodWTSsQmRmlZOJgNd6tA-r7Ec8rIPPfAQI9vXnr6jr4wzrfe7XPT7Mei9tZ0qzMBsJIxsNjYcaOEkjC0C6c44M_eX-M5tUQq09pDME2spidEOP87ahL_TcplQZ4oqMIOXLoNN_nZNuPQR0k7ESqJwMRQcL0iWMC2jVqUtWsHL-4WyMWJ7NU0bCudyHs2SF55tDkfg2t3XGFSB3zSsjuIAu52mfPBPiBlhipXhLv2o_8rRpqMcthEUzKOrAS6yA65SWXiYTPMxJqyLxkRo0WjfYT4MEnRhc_f5GjgrRYyfOmMzqwZpP9fmhcPNU0bot5AkWe2iXsIqYmQ-32WGXoOk7XCIKOVEHy0Mfor3Aoe3yEKKFvk7wVxt51pk2yFd8NCy7qzx9bgkTKbeME064MxL0EJV1Nv_APFMs2Fn7fiJ4ikINOf7dcMD_Cq32nYOhBfLebcyi4ZRKlKVynG1YYk4dtvY1lThXOG0wA0Woil7SmwOtt8d7EBwfE8y-xhocT2sZe34AKmds5IEIYo8NlJpM5PF1ETJPIu2sCC5q6h-WnvnYqukkbNJq60vtnXxHwSmHDwM41Wkwv9_60j7HfmCeJ6ON6YVbkzpKdeyOWzsUfq7rvn-jXT5JhsHQrQWdUwTpfVOoA_u0vXs8JQJlrn4maYE24GXbXCvZisFG-Z38NpFisJWKkciNdf3BkmPSMhTzcIIGkq0051lz8sr8dGeCuxtwM20CD3Ba4-tXKEVTCznAmsy6dUEyFgdYW0p61-5j1wrkcHhcv_pT_UCu_FlwkMn1PqZBjFTLPUC6RuqtIcT4cR8bT2IKCUKJtgfGkZdA5c8Gl3nglrfy-iZjxYUV0Mb2KCJqbebOXqOQ9pn-icy1Vo8oJj00pSrJWnSVMSl3GGGg1bh68o1yiabrvtqaDTjSQjoWmwrxVP1NCamt58hEWQ_RSYqcSzXCZf2lpxewcXcdWRbcnt0K15G086jBtbyulZ1y2dW9rcNmfkcUPcEb6Icfap5CTeJApiCLZN2EcvOvpdorOzqGjYm9_cGboG0usPU-BYgNgtcFBuFjD877Hn7KcHIqgtG1DXZQzLskU8c1HmcJBOXErUuAai2DWkz9F-hMoUPj-XaRrOMSurg8tAySA0ygzOyt8AH2s29KyzfFMsaMWRXwqYO_jb0gBo-1f4SF1bDO7ZTmRveIlWjUr8t_R4TWUNhAdChQ7O1E0-cct6rZekn08Ugqo84ofgesgFpQol8VdCIpBu-VBQCjx6yyT7lQd9jMwzGQ969YNBJTsPcszNGuUjPv607OhQFh3ynz3M7zAnS9saQ3gLnbVGxeA0vzr3CLpUN7Qb5KU3K9tvdbJr74pqb8keWlkuvUUg0m-oSJ3UUbIlNfAtofQ_vUhW_20BZXg4udAPxm35_qQPC_zDNzwX42UiYyptMGz2jF0xJBg8igbsJqOHJX10iYrjQb2XX-yq_U-Rx0v7eVM8zNkfFbgHVfEv8b_6IY5U-3VSfe8fDWlead7GcGBAvDZG838zK6ne9iUOiBheky-lMVVSr_sM4wCM7TFfrhYLDOdbQ6_z6BIBxQCWS_zPz_y2tQWEwhwGCA0nGdiKN2OOUAgzMlfta0CyDVr7WYrQBMPMa5ytyjaz6ZjG-1o6ezYISAlJNK-OKKCIZbNWLruqRSFFQOLOc3aXzakTSDGyC4DzZqfegSGNGNZcV5bbrTbtPpUxOPgq8XoSddWI2t194np8t27xrBvZRdMnBMZiAL2gadlLXy8bLQo45uoOfRzw2gWIQ8z4YyzOPdvls1UaFSobhKfLCj4gp73resZd1ZXLo8lRTIkC-yxk6hAMLiImh0c3vzMk2tMXMUYKsiW46UusqOR7uR9kpbOH7ik5xyRoXexkIG5e11TkozUXi-qvl2Nm9edW0D-KQmsUpoQt-MZ4HRNRG82G6u_HbPQz5kJA4PAifqW4DtIukCVndyJLX3DhG7hsxcKQg2Y-tDk6pocYxJaiUcHcFYSk5uj8ittIQlSf_y2ruNWgIvecg_s1gNJYizfq9tk0wf24doQeNsOEC1NKII9wOgG-u0eVGvz9v__8KhSIbj7ztFhddFVrbdT9EzK4Q8HRRKjK6WiXDG0f_51Y_35nxr3-RhNoxpgspwpcpp0VgGssWo2kM3u-Xkwpcm-1C3EMxF3KSPCKth817KHee-yjbswCB9aruCQaYCoseHVSI1erexGCYm5R-M3OsMDyZ95uPTeNymdh5feq33bm5NufQP-llObxT_RB2QO8Uplo_fm2thNpSuOeB7OnS7WoOlUgwngQhy5DjF11CchQFwv1esnMG9vjIq2Pr7zTd-08HWsMXMkunQu39jlqNdutj13cYzEpsFXgJ9kiq8uKaeuAHahCc6NhjHjj8ovHnPFzKpbjrbB0N4bf0khS8hAq2bKOwyVbYHcmHxIF4ts9O_iWi63zmd8GTMp9kVxhIj1fjUrAUkg0fjhsa5T4Bq1sAKHE_Z6Q82VviIRfGYsLAd7lSA3OxsdhR15rv5q-HSGL8xqQxvk0kzFqcXEbudT1CwkH9G8IB-FaPPJQpJKK_6yWQTmKxEa-vb7f_8oV8SsWu7cDDGC9pc7FwPYmhn6tjKdG9j5QgwIyV6H1nytHx-rO2SfGeBiylB7jUapWBIqDErUxNgJx-St_Ty8b0CuMzFTrswh1bm1nxC8mvuaQNi-J-rZpej7ZWNSN6xhrQ&cid=CAQSGwBpAlJWzturwH2sYAdX1h-TVksimZIielVMnRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

cafe /

Resource Hash

94fbbdb3c6f2c35ccfa3fc349e33e1cbc29a4836fe96fb2b4e3a9be4db1d47d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16568
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 62DE 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 10:53:29 GMT
expires: Sat, 20 Jul 2024 10:53:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 18 KB
4 KB 129ms
48ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7533152507474264bad490ce3fd19d9bb500983c43c905a5e726c485174a23e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:07:11 GMT
expires: Sat, 20 Jul 2024 20:07:11 GMT
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0FEE 0
0 183ms
88ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8hGiEownbTtKB_pjbc6BUrfr8B3cJaabKbw-iAFzFBpBBuxxa7CNTshva3v5ZXd6wDDnOqS1hvH0KMxTkZXYCT6sbdp78sHoNWXTUIzUHVDJ_y9dHgmKWNMbedO_4Ox5MYcEnQG7pwI3itfYhpO5Jc5SZmSj_yesTQTltjwc9z15FC-ylzSSMMCv8S8bbrcwZQOfs-aodB0ayYE0AxEtYnj6Xvl7VeudsFDk3oneiz4rHTLtJmxv5N0e6WniBvrO6eIhEQYtkKPdLgcKaNA6_6TzolCb3u9jVhZ7sP-TzR_SHkFPFz-D9x-ybAXx-1eemDOWkyW8a7WKDX2363sDPEY_xHSVLqc9fQQ8lJg4RNArG0e3mUCsldC2XSFtN9Mm1pspDhtE47n9JhjJVnUzOiGy9l6ZMrQYim8e2m--XuTqilLu4PKJtCIP-ge1vU_z1g6fxR47eEhSkjrdE49n3AOtEYdUMX2ssTsBs9h6A0stGc8uDhBIonWjkz5oalQOIcNDo8kwnuVl9lFbu66CYSzaVprTwER9dLeYO7nGh0CRiLJCiZ_sfP2He9uu6Wahx-JAFM24LpE73faG7dlvv_5Cgppy1ZlHbInYv-sZQzz7K-gSB4_uQogQWhkWx0Ib8NAtijdUM38xa3XtlBC-W64IqH_4Yz1xRfia_NJigUvmIYtR29XYblGThU5UMZ1OZWutbUxWWM-rjlPWk00MZan5XRvvMwvf4-C5uWGD7E7vP_QN6pgUnlUIuK92SapAtuXH9d_aRVuzFu2Akh1WaAx5YaiTKiRazv2Zx9RBa5a5K1munwHdotR69fj0LuGh0WPFclJYg6UKPF5RyAeDSC9j1XsuedcNeUpjxHZBszMnVh80sasoEJAUSpFSoyyAQRcv3xoZJ4USSZLwog2XIYJhQr4Haw1wnHCXvlW6qgZCryfRxlTE9hZ9IxnZh_nuxZ1C6HMfTQduEUo-Q6UWH0BvuCwkfqCV9ZEsh97ZyuZ1rnmpydKxoHw4FUjZdJGvyHe6VxgdPZu0ByiyvhzdvSZK8mfilkVxlgVtgY0X0uRd7VoKk_wRLO1xf7P1_LutcYJjta-FJnaV1Vi8dl6DIqbLSZToRN0UXrRQv5nEy-tCrSNbwX1zESJrZDnFnMUb8kdHhxy_cKZ_h1fLJjv7P-gnbOBUQZUDFhzWrUDnOKnQyQcV8IUMsD9unlSA50OCCGJ1HvOO4NrFQY5rJW5xDLTX8D7f2dLDDxCD2mQ&sai=AMfl-YTSbaD4vCse-0lAWEs-5vG_SRNvqrESTIB7igoeIij-LOvxB-Xlu62oWYXuJWQ68zaIQBkePdPC50lSdCSpHhhyfbjQAA486GiBRqELbeKMaRofCvzqSfZ-fGLwvE7uqwCdgFo82uSMRQobJf_2OiA7DiBMMZwnSV47gF7j4bMPEQl60x0&sig=Cg0ArKJSzBrDGexhPhUgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=274&cbvp=1&cstd=265&cisv=r20230719.07344&arae=0&ftch=1&adurl=

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Jul 2023 20:07:11 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 21 Jul 2023 20:07:11 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 438D 0
234 B 341ms
220ms Ping
image/gif 2607:f8b0:4012:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lkd0itsz&c=2955402488258&slotId=1477701244129&qqid=CJ-KvvrMoIADFdOCpwodaDIJPw&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 438D 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 17:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 17:15:18 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5ednsd.c.2mdn.net/videoplayback/id/852696b41098c4bb/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721506031/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 438D
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/852696b41098c4bb/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721506031/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-4g5ednsd.c.2mdn.net/videoplayback/id/852696b41098c4bb/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721506031/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

163ms
41ms

Fetch
video/mp4

2a00:1450:4001:6e::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednsd.c.2mdn.net/videoplayback/id/852696b41098c4bb/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721506031/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DBD474A4B5909169578E588EDBEECA122B9F599.136F4280A00B6CF0325B10DE7D2D2EF1C7FEA899/key/cms1/cms_redirect/yes/mh/5n/mip/2a01:4a0:1338:92::12/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1689969656/mv/m/mvi/4/pl/36/file/file.mp4

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

HTTP/1.1

Server

2a00:1450:4001:6e::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Fri, 21 Jul 2023 20:07:12 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1979076
Last-Modified: Fri, 14 Jul 2023 08:30:44 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 21 Jul 2023 20:07:12 GMT

Redirect headers

date: Fri, 21 Jul 2023 20:07:11 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-4g5ednsd.c.2mdn.net/videoplayback/id/852696b41098c4bb/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721506031/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4DBD474A4B5909169578E588EDBEECA122B9F599.136F4280A00B6CF0325B10DE7D2D2EF1C7FEA899/key/cms1/cms_redirect/yes/mh/5n/mip/2a01:4a0:1338:92::12/mm/42/mn/sn-4g5ednsd/ms/onc/mt/1689969656/mv/m/mvi/4/pl/36/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 0FEE
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1565935/72734094/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013756215&ias_pubId=pub-4809740823367762&ias_chanId=1&ias_placementId=20365395083&bidurl=ht...
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_b-W6ZNyREa24x_AP25WjmAE&cbFunctionName=goog_wrapCb_b-W6ZNyREa24x_AP25WjmAE&true_pb=https%3A%2F%2Fstatic.adsa...

1 KB
1 KB

100ms
61ms

Script
application/javascript

2600:9000:2450:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_b-W6ZNyREa24x_AP25WjmAE&cbFunctionName=goog_wrapCb_b-W6ZNyREa24x_AP25WjmAE&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2600:9000:2450:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 15:15:35 GMT
x-amz-version-id: C3DOxT9tBkGxYVtBTndBahfgjeGsI.gF
content-encoding: gzip
via: 1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 17497
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Fri, 21 Jul 2023 15:15:33 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: kAb2FxbKd5oSjj0eGi48VXKKj9MSr4nTssSr5Qpm2yoZMbtH8KPPrA==

Redirect headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:11 GMT
server: nginx
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_b-W6ZNyREa24x_AP25WjmAE&cbFunctionName=goog_wrapCb_b-W6ZNyREa24x_AP25WjmAE&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame B1C3 91 KB
23 KB 169ms
56ms Script
application/javascript 2600:9000:2450:3200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0befec97ec8a388fe199ea682db0cdc0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 26195455
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: epUlAo7Gr7_OZMNzNYR7u_Tvg5oCvFW7Gld0snYcxDRo8Ag9UBxKSQ==

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 62DE 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0FEE 43 B
215 B 380ms
120ms Image
image/gif 2600:1f18:1aca:4280:3a62:2499:26b7:5f52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1565935&asId=1d4427ed-6d33-82df-e64e-b75b9c0c02db&tv=%7Bc:j2byMg,pingTime:-3,time:51,type:v,im:%7BpBlk:41%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tKG21KR+11%7C121%7C131%7C141%7C151%7C152%7C16%7C171%7C181%7C191%7C1a1*.1565935-72734094%7C1a11%7C1a12%7C1a13,idMap:1a1*,rmeas:1,rend:0,renddet:DIV,siq:18%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3a62:2499:26b7:5f52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0FEE 43 B
215 B 375ms
118ms Image
image/gif 2600:1f18:1aca:4280:3a62:2499:26b7:5f52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1565935&asId=1d4427ed-6d33-82df-e64e-b75b9c0c02db&tv=%7Bc:j2byMh,pingTime:-6,time:52,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:53,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tKG21KR+11%7C121%7C131%7C141%7C151%7C152%7C16%7C171%7C181%7C191%7C1a1*.1565935-72734094%7C1a11%7C1a12%7C1a13,idMap:1a1*,rmeas:1,rend:0,renddet:DIV,siq:18%7D&tpiLookup=ao:rulsmart.me%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3a62:2499:26b7:5f52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0FEE 43 B
215 B 373ms
119ms Image
image/gif 2600:1f18:1aca:4280:3a62:2499:26b7:5f52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1565935&asId=1d4427ed-6d33-82df-e64e-b75b9c0c02db&tv=%7Bc:j2byMn,pingTime:-2,time:58,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:766,beZ:767,mfA:769,cmA:770,inA:771,inZ:774,prA:774,prZ:779,si:784,poA:784,bl:807,poZ:807,cmZ:807,mfZ:807,loA:818,loZ:821,ltA:824,ltZ:824%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:58,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tKG21KR+11%7C121%7C131%7C141%7C151%7C152%7C16%7C171%7C181%7C191%7C1a1*.1565935-72734094%7C1a11%7C1a12%7C1a13,idMap:1a1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:18,sinceFw:39,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3a62:2499:26b7:5f52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame A3CA 23 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 175287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 19:25:44 GMT
expires: Thu, 18 Jul 2024 19:25:44 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 55 B
103 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 01:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238279
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 01:55:52 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 731 B
263 B 51ms
47ms Stylesheet
text/css 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jul 2024 03:00:18 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 24 B
72 B 55ms
51ms Stylesheet
text/css 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 01:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238279
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 01:55:52 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 303 B
202 B 55ms
52ms Stylesheet
text/css 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jul 2024 03:00:18 GMT

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 157 B
144 B 55ms
52ms Stylesheet
text/css 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jul 2024 03:00:18 GMT

GET
H3 200 gwdattached_style.css
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 26 B
74 B 54ms
51ms Stylesheet
text/css 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 01:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238279
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 01:55:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E5C3 1 KB
469 B 75ms
72ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Asap+Condensed:600italic

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2fe7c2f97f0fabc66e374c2bb335ac28ef5e788536b0ef1d63fc025b66d98d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jul 2023 20:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jul 2023 18:50:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jul 2023 20:07:11 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 20 KB
6 KB 76ms
73ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 01:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238279
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6266
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 01:55:52 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 3 KB
1 KB 93ms
90ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 01:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238279
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 01:55:52 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 8 KB
3 KB 72ms
69ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3136
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jul 2024 03:00:18 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame E5C3 120 KB
41 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jul 2023 13:53:03 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 13 KB
4 KB 71ms
68ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4427
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jul 2024 03:00:18 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 5 KB
2 KB 69ms
66ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2014
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jul 2024 03:00:18 GMT

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 3 KB
1 KB 70ms
67ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1355
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jul 2024 03:00:18 GMT

GET
H3 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 3 KB
1 KB 80ms
77ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 01:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238279
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1485
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 01:55:52 GMT

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 1 KB
619 B 90ms
87ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 01:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238279
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 590
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 01:55:52 GMT

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 4 KB
2 KB 94ms
91ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 01:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238279
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1725
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 01:55:52 GMT

GET
H3 200 gwddatabinder_min.js Show response
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 5 KB
2 KB 93ms
90ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2351
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jul 2024 03:00:18 GMT

GET
H3 200 gwd-dynamic-binders.js Show response
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 22 KB
9 KB 82ms
79ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwd-dynamic-binders.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdae14000f409e929efc6f3cfd785b90a939d22044705a48f1a3b5074620fc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 03:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8917
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 03:00:09 GMT

GET
H3 200 gwd-text-fitting.js Show response
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 5 KB
2 KB 80ms
77ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/gwd-text-fitting.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 01:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238279
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2038
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 01:55:52 GMT

GET
H3 200 0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js Show response
pagead2.googlesyndication.com/bg/ Frame A3CA 38 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 13:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14729
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 13:31:26 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0FEE 43 B
216 B 249ms
117ms Image
image/gif 2600:1f18:1aca:4280:3a62:2499:26b7:5f52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1565935&asId=1d4427ed-6d33-82df-e64e-b75b9c0c02db&tv=%7Bc:j2byOk,time:179,type:e,im:%7BpWait:5%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:179,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B173~0%5D,as:%5B173~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tKG21KR+11%7C121%7C131%7C141%7C151%7C152%7C16%7C171%7C181%7C191%7C1a1*.1565935-72734094%7C1a11%7C1a12%7C1a13,idMap:1a1*,rmeas:1,rend:0,renddet:DIV,siq:18%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3a62:2499:26b7:5f52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0FEE 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=pvtw&eid=b-W6ZNyREa24x_AP25WjmAE&p=ias&bl=0&twt=581&st=358

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 helvetica-neue-67-medium-condensed.otf
s0.2mdn.net/sadbundle/17956005372030781026/ Frame E5C3 18 KB
14 KB 43ms
42ms Font
font/otf 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17956005372030781026/helvetica-neue-67-medium-condensed.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ad3c95290b3b7a9fa8e106aa8c442c629a1e732f26989455629f18d9f114b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 03:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14417
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 17:38:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jul 2024 03:00:19 GMT

GET
H3 200 pxiYypY1o9NHyXh3WvSbGSggdOeJUJFAummIow.woff2
fonts.gstatic.com/s/asapcondensed/v17/ Frame E5C3 23 KB
23 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/asapcondensed/v17/pxiYypY1o9NHyXh3WvSbGSggdOeJUJFAummIow.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap+Condensed:600italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0481d08c5ba16b5f06c99dcb90ba081b01ca279c37690fc48aef791e4163546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 22:22:46 GMT
x-content-type-options: nosniff
age: 251066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23280
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:43:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 22:22:46 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E5C3 7 KB
6 KB 173ms
85ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8249bd03d3e09c996800a1ef1d3d7840ee482f62c2f82d1ba1b7ef7b41084833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5717
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 62DE 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOrhJb-W6ZNyREa24x_AP25WjmAEAAAAAOAHgBAI&bg=!Dg2lDVnNAAZsPphkTD47ADkAdvg8Wo2WjOsWbsgNc61ho-af0RrrQbx7CrgKl4SeKC9UdzUV6lOQNLGlUFsFgTYKSSBKY1kOliYCAAAAwFIAAAAHaAEHmQMcBtxN7u1nT3UoQijL08gkFMjxWsFWPiReRoTYpfLma863LAbR4P6Ko-u7pULkrpVikkxhDSo8VpxfZJluaF9oxMl26Pd_ewUDbw9SQm9VUl85r6uvAriounDwugb9q324eybr1VMMa0GqB7xNqHGtqMrKeNGVHvlGdm3i-XgmvZTXqKXvomch7KQjoF_ib96dM7LEUtHoaS_FG0SEsJ9mhMr-dIs7pMNqLLJ3GdGm-5qkt0A5nBLrVq3WMdUe9dIyvHE4TKdQZNG6Vbd_uD1VsyOFgxhJRvP3guB3GGQnp1oimw2Lgwv6peUU2JPj0rKbkQE2OtflIZuQ2szmFsDB3JvgjSa9nNzFN6ca6tEc-PXA77OGdkeT1g94oE-QAhkiFxSCwTyhIGiv6Qfaah6Ee__Wx4ti7Ckr-Dq0R0Xon_hJXt2U-qtptKoqGiu_zOGE0_5gkxozHRxNEDmDUKxnUE0QJpHz8Xo2DYVZDuWTmtMIgtZHCMqrTjcNFBsUT2zyF7fXoqo4zAQpBqCFoJdkkUOoV0-psDNijNmUZcgAd0oIlj-3qhnlSYgcHbULX5keFpTL1ZB4HYTkCv3t-mm-k_4HeEr7fdkYcKuuk6U2HctxvtxZSsxkrSIZJIZYW-Udte25BV84rQqeddJb7sc_2e3biryAZetflox01LoyPR4zg0b7yRSHDFulEVUxDes55oKI0095g7yyfH6m04d6qcsYPmQmfX4bX0Nd-D2zlL5v2RODYRkX6a1T_1CuBJLs3ERfhyhb13mHSGUrua-qX-Sz31sxQcBR213yU8EshuGp8BSPFib1Qa2YI-19okDydbK3VQ-z0JGCkaJ8S4XYX5kAxL9ieL_gusvCatNmuTBaGWAzJYv6LyO1BXsyvXOcqk4bkoxr16eXEY_FMZJ2XDhoEzOTY6VOTqIDDou56PvFf1llzKbUlJ_pLSntmFnJCmeVp6HAn3sOc-WvPym7jpFR3L33YzjmRL0HNbr-uxdcBylr_4Neyq2vNoZgAITBrT4gEVol1910xx031u2ycAnkDsdMhHnLVaps3A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0FEE 0
0 78ms
77ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8hGiEownbTtKB_pjbc6BUrfr8B3cJaabKbw-iAFzFBpBBuxxa7CNTshva3v5ZXd6wDDnOqS1hvH0KMxTkZXYCT6sbdp78sHoNWXTUIzUHVDJ_y9dHgmKWNMbedO_4Ox5MYcEnQG7pwI3itfYhpO5Jc5SZmSj_yesTQTltjwc9z15FC-ylzSSMMCv8S8bbrcwZQOfs-aodB0ayYE0AxEtYnj6Xvl7VeudsFDk3oneiz4rHTLtJmxv5N0e6WniBvrO6eIhEQYtkKPdLgcKaNA6_6TzolCb3u9jVhZ7sP-TzR_SHkFPFz-D9x-ybAXx-1eemDOWkyW8a7WKDX2363sDPEY_xHSVLqc9fQQ8lJg4RNArG0e3mUCsldC2XSFtN9Mm1pspDhtE47n9JhjJVnUzOiGy9l6ZMrQYim8e2m--XuTqilLu4PKJtCIP-ge1vU_z1g6fxR47eEhSkjrdE49n3AOtEYdUMX2ssTsBs9h6A0stGc8uDhBIonWjkz5oalQOIcNDo8kwnuVl9lFbu66CYSzaVprTwER9dLeYO7nGh0CRiLJCiZ_sfP2He9uu6Wahx-JAFM24LpE73faG7dlvv_5Cgppy1ZlHbInYv-sZQzz7K-gSB4_uQogQWhkWx0Ib8NAtijdUM38xa3XtlBC-W64IqH_4Yz1xRfia_NJigUvmIYtR29XYblGThU5UMZ1OZWutbUxWWM-rjlPWk00MZan5XRvvMwvf4-C5uWGD7E7vP_QN6pgUnlUIuK92SapAtuXH9d_aRVuzFu2Akh1WaAx5YaiTKiRazv2Zx9RBa5a5K1munwHdotR69fj0LuGh0WPFclJYg6UKPF5RyAeDSC9j1XsuedcNeUpjxHZBszMnVh80sasoEJAUSpFSoyyAQRcv3xoZJ4USSZLwog2XIYJhQr4Haw1wnHCXvlW6qgZCryfRxlTE9hZ9IxnZh_nuxZ1C6HMfTQduEUo-Q6UWH0BvuCwkfqCV9ZEsh97ZyuZ1rnmpydKxoHw4FUjZdJGvyHe6VxgdPZu0ByiyvhzdvSZK8mfilkVxlgVtgY0X0uRd7VoKk_wRLO1xf7P1_LutcYJjta-FJnaV1Vi8dl6DIqbLSZToRN0UXrRQv5nEy-tCrSNbwX1zESJrZDnFnMUb8kdHhxy_cKZ_h1fLJjv7P-gnbOBUQZUDFhzWrUDnOKnQyQcV8IUMsD9unlSA50OCCGJ1HvOO4NrFQY5rJW5xDLTX8D7f2dLDDxCD2mQ&sai=AMfl-YTSbaD4vCse-0lAWEs-5vG_SRNvqrESTIB7igoeIij-LOvxB-Xlu62oWYXuJWQ68zaIQBkePdPC50lSdCSpHhhyfbjQAA486GiBRqELbeKMaRofCvzqSfZ-fGLwvE7uqwCdgFo82uSMRQobJf_2OiA7DiBMMZwnSV47gF7j4bMPEQl60x0&sig=Cg0ArKJSzBrDGexhPhUgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=638&vt=11&dtpt=364&dett=3&cstd=265&cisv=r20230719.07344&vwbs=1&arae=0&ftch=1&adurl=

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Jul 2023 20:07:12 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9966 42 B
64 B 160ms
80ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuB2Uzfi_mPjXlEVvfzVDITlWSxAvAqHqdm-C_qbepfmkZ-XIe9O0-ENEryjBK6tgUX1eKf9q5a3_krBDcnyFvGNqdYBJSrzGUZ3MTlHAm9CEcTQH8bboIH3nURlZNg-N8zgm42jMCDvgJy&sai=AMfl-YQ2y0UBn8qthQiFAYWIrOe3jOUDdDLWJL8FfOoyh54L4xZBQiBM-SeIeKhzfLR-Ckp2TqmvK_RRCzDm&sig=Cg0ArKJSzLizqAl382qYEAE&cid=CAQSGwBpAlJWWO2u6SbFBRfAcSHlWJPmDGRrld8b7BgB&id=lidar2&mcvt=1021&p=0,0,600,220&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=871142700&rs=2&la=0&cr=0&vs=4&r=v&rst=1689970029695&rpt=1293&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r4---sn-4g5ednsd.c.2mdn.net/videoplayback/id/852696b41098c4bb/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721506031/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 438D 2 MB
2 MB 83ms
40ms Media
video/mp4 2a00:1450:4001:6e::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:6e::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ff003d754c838938665d96cd1f357aa4beab0705980c4110897d0b0bd4d3c80c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 21 Jul 2023 20:07:12 GMT
date: Fri, 21 Jul 2023 20:07:12 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1979075/1979076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1979076
last-modified: Fri, 14 Jul 2023 08:30:44 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DC1F 42 B
64 B 131ms
74ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSRPIGY80Y5iyjN_V7dQs5QaTEy6e4fqLkPvWmo1LHO9c9VeIN0_UVtdrx1Ahou9bTGbULr8Md6MtjhGCd6XFWqPHQ7q6pWmSI_HIup-mJIbOZUVYPj59nEj6iCBmLSD6NziwGErt7fBQH&sai=AMfl-YRrVanYD6DeLE951gJpj98l-CoUdoDVGH1_FmT_zyB5LrQIJeUNsQaQIf3lwFNtjaCDzbubvQct1C6G&sig=Cg0ArKJSzH4vq6pvc6l6EAE&cid=CAQSGwBpAlJWzioGPbqTUPUePzvWasFa_iZrODCb9hgB&id=lidar2&mcvt=1014&p=0,0,90,728&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2918302779&rs=2&la=0&cr=0&vs=4&r=v&rst=1689970029719&rpt=1326&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3CA 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BAc4Ub-W6ZJSUJ5mPmLAP04iGkAsAAAAAOAHgBAI&bg=!SUqlSh7NAAZsPphkTD47ADkAdvg8WlXlPRJph1RaWQC5fi58cG698Bzv3ogayKQnUiZSrpDzC5cUK0lgljPXrej3ZVwoeOREyvoCAAAAw1IAAAAKaAEHmQM8FLdt_OtCWnAaZiVl4ClQHTFrOOzPsa2pR-ADU3FoiUaUsbK4I-sYd4noI2UWg9KeXWg-hiY9k6tW43MwuuqFAhYEUhIv9gZLSZn3MU7TSKvGaTwAmfkMCulgmr8VpTyEY0Mq2_KdwVe-bQn9qNAV7t7f3RcgjZBK6Fyw0bPnevPHdJpxovQTJK_OnGMXWA72TUkWa4B-ieYm1PmBouSk8y8cHMMirY_hOeGhBIAbN5g1NKGyVIG4TnFoDOB6CtPyhSe11-3pxl_0N3vxM1gG8FhAZkOMZofzq_uLr-fwf9VgRHuonwudDqKMKvTKHvxJONxEbFMQe6KOXZsc73L_Wv9RmbSglcqW5j_MgbjbEDHf2pB3OhUf065GNH-6_-oXu-VJNqAmQnlqYCK5_I-9_lUkyXViMzjFvc4Pb6t2ZRROQH4FBulT3lPFwDJQ0ubMX2hWCYjaRcs0dkqvH0kjvncwNd9Az9ZSCJXXd3cW4Xam_aPLQFvkOF-YYEdRnAF-yZc4yNZH1ALCuXTiM_xMdXe-qgIHl4jdYQNMTgoqF4-Q8kQr1bPrg5eGsuuG6qRmsqzVIBDTuz9YBlfq3hE7Dewdn9Ml4_vFsyAsE9U8937xeU_o-HucjMmz7Nh-FV0mehSW_is_TN8uOQl3IEqjKnl1lmEGs30RqF-4KMkZUjqAHlXdFwyyPCVuNcEGYtB_2SKVHK4iKpjiqQhIldtaEhj5wZQH5nOgAugXoadbPyhpHBCYqNEM8Tn642_AdoCCAbpfboNqefBgips7yvYVFTOHolrE-PSljRbEVbw3yVLjMaM8NS-pEBG6VQVZgdqP8gCZf7dPtjuMVEYH5rF-Qi8ehPeVaBoDOfpNeVUCSd8vcIcjoJy-aa66MkMJsYNrhHWil2keCBjB9XXlVszgYvIbczQeIocNjw9CDjFXij9F8dluITqTZhQ-97u-mAwOW4tuAtBhuO-PraXK4ghdHc3Q6aUZIKmvGpRxE86d2w_Bh1EWZd0VwOqCdT3sldTvaH0U5S3Ro_W2xgS0H_CjmbJrbhqYLw5-V2UPEHqskI_8QyUHIwWr3N9pKBkjNwMHj6kkbnpOppGlq142

Requested by

Host: rulsmart.me
URL: http://rulsmart.me/unlock/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 93ms
93ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23160704852bafc6444c4b6747e6be5f91c0de230ac4a0a86ebd2b3171a03afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11803
x-xss-protection: 0

GET
H3 200 60037175_20230712145249441_selo-menosde.png
s0.2mdn.net/ads/richmedia/studio/60037175/ Frame E5C3 32 KB
32 KB 42ms
41ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60037175/60037175_20230712145249441_selo-menosde.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71bb755c65b16eb957742783795f8aa3b8ec922678b3dc173242ce5d773c1b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 03:00:14 GMT
x-content-type-options: nosniff
age: 61618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32404
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 21:52:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jul 2023 03:00:14 GMT

GET
H3 200 60037175_20230630062137386_pack-img-sache.png
s0.2mdn.net/ads/richmedia/studio/60037175/ Frame E5C3 812 KB
812 KB 51ms
51ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60037175/60037175_20230630062137386_pack-img-sache.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6bbc564020bb373b3c213ed67301c38c4ee8b09e3080c68bd5bf8a4ef1fe24d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 03:00:13 GMT
x-content-type-options: nosniff
age: 61619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831623
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 13:21:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jul 2023 03:00:13 GMT

GET
H3 200 60037175_20230630102424242_background-beneficios.png
s0.2mdn.net/ads/richmedia/studio/60037175/ Frame E5C3 8 KB
8 KB 48ms
48ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60037175/60037175_20230630102424242_background-beneficios.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a990df8a168b5900a86361aaf27b615c86abb5f66f3b529d7c69213b8e43bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17956005372030781026/index.html?e=69&leftOffset=0&topOffset=0&c=91viJ28Kbe&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 03:00:12 GMT
x-content-type-options: nosniff
age: 61620
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8589
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 17:24:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jul 2023 03:00:12 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0FEE 43 B
215 B 119ms
118ms Image
image/gif 2600:1f18:1aca:4280:3a62:2499:26b7:5f52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1565935&asId=1d4427ed-6d33-82df-e64e-b75b9c0c02db&tv=%7Bc:j2byT4,time:473,type:e,im:%7BpLoad:436%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:473,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B467~0%5D,as:%5B467~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:384,fm:tKG21KR+11%7C121%7C131%7C141%7C151%7C152%7C16%7C171%7C181%7C191%7C1a1*.1565935-72734094%7C1a11%7C1a12%7C1a13,idMap:1a1*,rmeas:1,rend:0,renddet:DIV,siq:18,sis:265%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3a62:2499:26b7:5f52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E5C3 17 KB
6 KB 110ms
107ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 20:07:12 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 111ms
111ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 20:07:12 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0FEE 43 B
215 B 118ms
117ms Image
image/gif 2600:1f18:1aca:4280:3a62:2499:26b7:5f52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1565935&asId=1d4427ed-6d33-82df-e64e-b75b9c0c02db&tv=%7Bc:j2byUF,pingTime:-10,time:572,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE1LjAuNTc5MC45OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1689970032296%7C%7C02db4d0ad053c6e9118bb9a7ec2b51a2%7C%7Cd508268d4c4bc807467b22210530d598%7C%7Cee8daea6ae6f9ec55e4171f90c18a540%7C%7C38d22ed2ca9f7e2fa1de418b593ecbb4%7C%7C0105b56624fb29af9b260a4540682633%7C%7Cf716fecebe83143a0bf3f2c2c98c2593%7C%7C7f431510277798334e64135622ce4402%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3a62:2499:26b7:5f52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FD7 37 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA05 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1092
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:49:00 GMT
expires: Sat, 20 Jul 2024 19:49:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D712 783 B
969 B 51ms
50ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0da2becd0b69921e64a0cdf14f061956421b30d248401699a44d62a7ae7c833

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3MMQYc2lTs0hfHp764UFGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://rulsmart.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-3MMQYc2lTs0hfHp764UFGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 20:07:12 GMT
expires: Fri, 21 Jul 2023 20:07:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D712 0
0 77ms
76ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230719&jk=519457556346721&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

GET
H3 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame EA05 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 06:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jul 2024 06:37:39 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EA05 0
12 B 40ms
39ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IEbwpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:07:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0FEE 42 B
64 B 80ms
76ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaXOPsRiGv9ToOz57LLA3SYf_T7L4nXI1Ss3yvryniTqvbcE0yYpcRbJaqOh_nHYMrN8e6eBWprf_EzCnlGZxn1rQO4FGxli3EJaDWxGXas0kbMso8nlNIiZAaEXhVXi0&sai=AMfl-YRC-FbnQUJJpQCT6gFmnncJLTP3YOwxLPc4Rof4pd1BXV5CJXOxpMycKH9b4u3rH4kwDMCnVGPWlwvu&sig=Cg0ArKJSzH_Doe5WfBmOEAE&cid=CAQSGwBpAlJWzturwH2sYAdX1h-TVksimZIielVMnRgB&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=902,1003,1003,1003,1003&tos=902,101,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1689970030960&rpt=738&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 438D 0
54 B 221ms
220ms Ping
image/gif 2607:f8b0:4012:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&puid=4~lkd0itzv&c=2955402488258&slotId=1477701244129&qqid=CJ-KvvrMoIADFdOCpwodaDIJPw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=862&mt=video%2Fmp4&vs=720x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1is~vil.1yr~vfl.234~vfl.234&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:809::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0FEE 43 B
215 B 118ms
117ms Image
image/gif 2600:1f18:1aca:4280:3a62:2499:26b7:5f52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1565935&asId=1d4427ed-6d33-82df-e64e-b75b9c0c02db&tv=%7Bc:j2bz2s,time:1055,type:e,im:%7Bpci:%7Btdr:1004%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1055,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1049~0%5D,as:%5B1049~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:144,fm:tKG21KR+11%7C121%7C131%7C141%7C151%7C152%7C16%7C171%7C181%7C191%7C1a1*.1565935-72734094%7C1a11%7C1a12%7C1a13,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:265%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3a62:2499:26b7:5f52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:12 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
77ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=519457556346721&bg=!7e6l7rrNAAZsPphkTD47ADkAdvg8WmyUgQoGSXdcZLj6y1MTbhqrR0Qk7TPRQsu8FlQ5daBOIpcIy9O7Nf6z4tFe6zYBeixzEPECAAAAUlIAAAAEaAEHmQLwY9wOtI_bzSTan4JnkWfexnzNHT8gwKblYFhJNvd0vHlHBUJmQNAL49kcXSjFt3MzatOlpbIc8cGTNf3bByIKlT3zBGaJ4qjmlnMxPaNvNBzrBsa_naqdeE8fl5M7Kw3t62v874QkYgknfTcMIxEKcYchWSyAGNqr-WOZqX4DU54eSwjzwp7LjGy6_3yk0odZdnQVgjl8lBL_5l305VgENBEh3qpzfxjwKfBSoDcfDeVTvyBDbVSHs9zJvoFheSSINZm2mN_j7UE_A1DdMxsWB3At0R7J-99he99-krQ5pm2ax9o7RYvK3KCKD4b6ptVKnWqfqLU9hVjrBvBJST1Xb34nBJUVM85QMj7wnmw_29pwiA-laAuTwO1LXtm7rfsLzfz926OH9uKuYCR-P660Wx-hb9vzTHzlR9uZewaHFI8IiUO7GV6lOhgyC6PzWSbkJaficj64q6-YRof4-HkNMnb-XvntbJ5rFbwctEzz9uRbc1TyliDjHXs4XKIGltCzvj9PpHb7D4ACUc9OUy_-Q9dm8Jqt7XSA4FSbZ6n3kSFN2dQZ5cmYYmJmop5FU6eG4Na139Y2JGxfpqDNP-lfiCMQkBVSOnJSn3hE8Sg9M2UVVzsZu_BiWNxwqymz6SL9693YA4ZNm_IziEd_jH4vtx1mE5iVr-RZrsHyYOrs7fPdUX7700FRIMi-gBo-nJyiom-s4EkQpQJcdcy3mHuSjWMsZHom_HveLe_U_wacZh_MUXDvkPH5FCJjbj3_4JD6aGgwTZ_58MujfhOda1xtS_gmssEfmlEEWEmikGCfiSqHV3QTt6DotGSgkA2F2WwyErzIcsPhYsCb9vQ8-Am7dhvLLpmnbGIjoLGuKPr4fg9Kml8i-gt3cgAsvGPpB6BE5b6fnBB7fYOsxLrysJjFTktVAWQea9ghOrhzoy0wsF6a94LupbVlesAO8JfLhOrFrJlOj-nzaNKukO0bv10RhF3lu6TBjkkXLe0TY-ADQ44
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rulsmart.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0FEE 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9017988285309&version=m202306200101&ct=76&x=1&cor=17994423022902639000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0FEE 43 B
215 B 118ms
117ms Image
image/gif 2600:1f18:1aca:4280:3a62:2499:26b7:5f52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1565935&asId=1d4427ed-6d33-82df-e64e-b75b9c0c02db&tv=%7Bc:j2bzj0,pingTime:1,time:2081,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1080%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1080,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1074~0,0~100%5D,as:%5B1074~728.90%5D%7D%7D,%7Bsl:i,t:1080,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:119,fm:tKG21KR+11%7C121%7C131%7C141%7C151%7C152%7C16%7C171%7C181%7C191%7C1a1*.1565935-72734094%7C1a11%7C1a12%7C1a13,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:265%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3a62:2499:26b7:5f52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:13 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0FEE 43 B
215 B 119ms
119ms Image
image/gif 2600:1f18:1aca:4280:3a62:2499:26b7:5f52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1565935&asId=1d4427ed-6d33-82df-e64e-b75b9c0c02db&tv=%7Bc:j2bzj0,pingTime:1,time:2081,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1080%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1080,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1074~0,0~100%5D,as:%5B1074~728.90%5D%7D%7D,%7Bsl:i,t:1080,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:119,fm:tKG21KR+11%7C121%7C131%7C141%7C151%7C152%7C16%7C171%7C181%7C191%7C1a1*.1565935-72734094%7C1a11%7C1a12%7C1a13,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:265%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:3a62:2499:26b7:5f52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Jul 2023 20:07:13 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rulsmart.me/unlock	1969-12-31 23:59:59	Name: b Value: b
rulsmart.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: b20fqjbhkjt6ak6245lub0ktb5
.rulsmart.me/	1970-01-20 22:11:46	Name: _ym_uid Value: 1689970030681052466
.rulsmart.me/	1970-01-20 22:11:46	Name: _ym_d Value: 1689970030
.yadro.ru/	1970-01-20 22:10:22	Name: FTID Value: 1akkLj3D1xOb1akkLj003BAP
.yadro.ru/	1970-01-20 22:10:22	Name: VID Value: 1ekj260PXb8b1akkLj003G2l
.yandex.ru/	1970-01-20 22:11:46	Name: ymex Value: 1721506029.yc.1689970029#1721506029.yrts.1689970029#1721506029.yrtsi.1689970029
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2622283461689970029
.yandex.ru/	1970-01-20 23:02:10	Name: i Value: Ao6U1x8UztCvF9Wyf0lIQOdxldi2ocP7oRHZ4ctkWkpc3hmtgohUvsQgNHHUmzFLmlJzDEgntkf90ad7Up8Hp4MBsdM=
.yandex.ru/	1970-01-20 23:02:10	Name: yandexuid Value: 7750526661689970029
.yandex.ru/	1970-01-20 22:11:46	Name: yuidss Value: 7750526661689970029
.rulsmart.me/	1970-01-20 13:27:22	Name: _ym_isad Value: 2
.rulsmart.me/	1970-01-20 22:47:46	Name: __gads Value: ID=6c69c75b9a532054-225e1f7e36de0045:T=1689970029:RT=1689970029:S=ALNI_MZZMlYgYYHP6yn57JmcZLPAhrWYtQ
.rulsmart.me/	1970-01-20 22:47:46	Name: __gpi Value: UID=00000d0009a9f40c:T=1689970029:RT=1689970029:S=ALNI_MaiZiW5RAxGyfItaMs8SflVR-FjhQ
.mc.webvisor.org/	1970-01-20 13:26:10	Name: sync_cookie_csrf Value: 3969755380fake
.mc.yandex.ru/	1970-01-20 13:26:10	Name: sync_cookie_csrf Value: 3823066316fake
.webvisor.org/	1970-01-20 23:02:10	Name: yandexuid Value: 7750526661689970029
.webvisor.org/	1970-01-20 23:02:10	Name: yuidss Value: 7750526661689970029
.webvisor.org/	1970-01-20 23:02:10	Name: i Value: Ao6U1x8UztCvF9Wyf0lIQOdxldi2ocP7oRHZ4ctkWkpc3hmtgohUvsQgNHHUmzFLmlJzDEgntkf90ad7Up8Hp4MBsdM=
.mc.webvisor.org/	1970-01-20 13:27:36	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-20 22:47:46	Name: IDE Value: AHWqTUlA_QF-eNJMlEcJVIAFmkHVtSpDQ3nV8uwsymeh4JsyI02vQa2wdC57bZRoC7E
.doubleclick.net/	1970-01-20 13:26:13	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 15:35:46	Name: uuid2 Value: 6519961797395330485
.casalemedia.com/	1970-01-20 22:11:46	Name: CMID Value: ZLrlb4N-xZShQY0gQHbu.AAA
.casalemedia.com/	1970-01-20 15:35:46	Name: CMPS Value: 3212
.casalemedia.com/	1970-01-20 15:35:46	Name: CMPRO Value: 3212
.doubleclick.net/	1970-01-20 17:45:22	Name: APC Value: Aa3gxNrrELEe-GTYf_9Da1CElkgDIEPudHNRyBahNkF573IWw_EVKg
.adnxs.com/	1970-01-20 15:35:46	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>@qPnYl!]tbPl1M>e)ZlrFUfJ+tGXxomQ.de6Fx?v_L#+pZT^q`9Sd(6Sc?3ZI^IzSi3If)y3KL9D3I?+j6_#Dk

39 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: http://rulsmart.me/unlock/(Line 19) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-VMnGbXXwrxYnHC62cBjtrwDUSvJPE731Dm9o9pRyHVU='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 136) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-5K5cb1fZVJAeK/8NDr0t9+KTQK9sxc0kYzPuglDTrXQ='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 149) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-G2CvDOSdZeixAGRXwWiD1g5ToAVLsVfFfDsDqC7plk0='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 259) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-ASJm/SPXiz6HPHXG+mR/1tnV9JTzaX/T4lL3uC3CYIA='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 265) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-MKBWWTj9x3wFQvzftMUd1IzxowvbUnPM7lKuM8ODbmI='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 414) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-rZLe6s8HAmI+kDqGNn2r8zC7a/AGQ+DoptwaTvcyPDE='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 428) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-ASJm/SPXiz6HPHXG+mR/1tnV9JTzaX/T4lL3uC3CYIA='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 442) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-Ifpn6X3onOJ8QNRd5hN1+GVJ91xVNG1wvb9te4SllYA='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/ Message: [Report Only] Refused to load the script 'http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: http://rulsmart.me/unlock/(Line 487) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-ASJm/SPXiz6HPHXG+mR/1tnV9JTzaX/T4lL3uC3CYIA='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 549) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-vUEiB9vy8W6zsvF3yisDWN8/BGvd25oUiMrKFX0bHTM='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 559) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-ox2IwBKAtZiVeStSt2n4Yo4+R92tqYQ6mSIH/m4yLFk='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 565) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-5AXGQ2K1tIrEXeuQtM/iCzsb+zeSl4yPr/3x94dSncc='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 568) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-tuY/EjJkhGHkY/6XBGeiUgIpl5NXG3GA+1kclJeoOkI='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 572) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-Aq40x42HSY/f96/V5KtiCphLQtU+S2vKJZhNkfmtqHs='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 598) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-TVEZLDhpPsKefgeFnVGC0uQArHEV68KH7zX8SOMBmYs='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 598) Message: [Report Only] Refused to load the script 'https://mpsuadv.ru/lib/custom/loader.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: http://rulsmart.me/unlock/ Message: [Report Only] Refused to load the script 'http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: http://rulsmart.me/unlock/(Line 602) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Either the 'unsafe-inline' keyword, a hash ('sha256-9l8G9J4A96QAM+TC+0ckSUUv5DqQj7uwbjzshcXvs9c='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: http://rulsmart.me/unlock/(Line 602) Message: [Report Only] Refused to load the script 'https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js(Line 39) Message: [Report Only] Refused to load the script 'https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me(Line 57) Message: [Report Only] Refused to load the script 'https://partner.googleadservices.com/gampad/cookie.js?domain=rulsmart.me&callback=_gfp_s_&client=ca-pub-4809740823367762' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me(Line 488) Message: [Report Only] Refused to load the script 'https://adservice.google.com/adsid/integrator.js?domain=rulsmart.me' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me(Line 490) Message: [Report Only] Refused to load the script 'https://adservice.google.com/adsid/integrator.js?domain=rulsmart.me' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: http://rulsmart.me/unlock/ Message: [Report Only] Refused to load the image 'https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=toolbar&ign=false&pw=1600&ph=1200&x=800&y=0' because it violates the following Content Security Policy directive: "img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/".
security	error	URL: http://rulsmart.me/unlock/ Message: [Report Only] Refused to load the image 'https://mc.webvisor.org/sync_cookie_image_check' because it violates the following Content Security Policy directive: "img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/".
security	error	URL: http://rulsmart.me/unlock/ Message: [Report Only] Refused to load the image 'https://mc.webvisor.org/sync_cookie_image_decide?token=10071.J5_lMniRAnh265sWqaemF2Wl1JFGShmpq-Roid3gATcItYq04mdotUGv8gKyjGoU5euxqw62GnV3WgnbAoV7Lskq6g5FZbHqN6DiJUHXTLF-IIl1iw3bQg1ISGJo5Pdv04TPozeyQbvpxmYSvaIGLlvTOxmB49JpoFJbPLzOfk-bWlIhEKyx-_QOO7z_n2IvtJX_ufVCG2NcUimC1V5EJycjiPVPEKcR-hEqvWYdM7o%2C.Ofvk2-SAu8SKGDbKNxT4w-v22xM%2C' because it violates the following Content Security Policy directive: "img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/".
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me(Line 57) Message: [Report Only] Refused to load the script 'https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/reactive_library_fy2021.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me(Line 488) Message: [Report Only] Refused to load the script 'https://adservice.google.com/adsid/integrator.js?domain=rulsmart.me' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me(Line 490) Message: [Report Only] Refused to load the script 'https://adservice.google.com/adsid/integrator.js?domain=rulsmart.me' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me(Line 86) Message: [Report Only] Refused to connect to 'https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env' because it violates the following Content Security Policy directive: "connect-src https://mc.yandex.ru/".
security	error	URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4809740823367762&plah=rulsmart.me(Line 85) Message: [Report Only] Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' http://mc.yandex.ru/ https://mc.yandex.ru/ http://pagead2.googlesyndication.me/ https://pagead2.googlesyndication.me/ http://c.hit.ua http://counter.yadro.ru/ https://googleads.g.doubleclick.net/ http://vk.me https://apis.google.me https://accounts.google.me". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://tpc.googlesyndication.com/ Message: [Report Only] Refused to frame 'https://tpc.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/".
security	error	URL: https://tpc.googlesyndication.com/ Message: [Report Only] Refused to frame 'https://www.google.com/' because it violates the following Content Security Policy directive: "frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/".
security	error	URL: https://tpc.googlesyndication.com/ Message: [Report Only] Refused to frame 'https://tpc.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/".
security	error	URL: https://tpc.googlesyndication.com/ Message: [Report Only] Refused to frame 'https://www.google.com/' because it violates the following Content Security Policy directive: "frame-src https://googleads.g.doubleclick.net https://apis.google.me http://vk.me https://accounts.google.me/".
security	error	URL: http://rulsmart.me/unlock/ Message: [Report Only] Refused to load the image 'https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=519457556346721&bg=!7e6l7rrNAAZsPphkTD47ADkAdvg8WmyUgQoGSXdcZLj6y1MTbhqrR0Qk7TPRQsu8FlQ5daBOIpcIy9O7Nf6z4tFe6zYBeixzEPECAAAAUlIAAAAEaAEHmQLwY9wOtI_bzSTan4JnkWfexnzNHT8gwKblYFhJNvd0vHlHBUJmQNAL49kcXSjFt3MzatOlpbIc8cGTNf3bByIKlT3zBGaJ4qjmlnMxPaNvNBzrBsa_naqdeE8fl5M7Kw3t62v874QkYgknfTcMIxEKcYchWSyAGNqr-WOZqX4DU54eSwjzwp7LjGy6_3yk0odZdnQVgjl8lBL_5l305VgENBEh3qpzfxjwKfBSoDcfDeVTvyBDbVSHs9zJvoFheSSINZm2mN_j7UE_A1DdMxsWB3At...1TyliDjHXs4XKIGltCzvj9PpHb7D4ACUc9OUy_-Q9dm8Jqt7XSA4FSbZ6n3kSFN2dQZ5cmYYmJmop5FU6eG4Na139Y2JGxfpqDNP-lfiCMQkBVSOnJSn3hE8Sg9M2UVVzsZu_BiWNxwqymz6SL9693YA4ZNm_IziEd_jH4vtx1mE5iVr-RZrsHyYOrs7fPdUX7700FRIMi-gBo-nJyiom-s4EkQpQJcdcy3mHuSjWMsZHom_HveLe_U_wacZh_MUXDvkPH5FCJjbj3_4JD6aGgwTZ_58MujfhOda1xtS_gmssEfmlEEWEmikGCfiSqHV3QTt6DotGSgkA2F2WwyErzIcsPhYsCb9vQ8-Am7dhvLLpmnbGIjoLGuKPr4fg9Kml8i-gt3cgAsvGPpB6BE5b6fnBB7fYOsxLrysJjFTktVAWQea9ghOrhzoy0wsF6a94LupbVlesAO8JfLhOrFrJlOj-nzaNKukO0bv10RhF3lu6TBjkkXLe0TY-ADQ44' because it violates the following Content Security Policy directive: "img-src 'self' data: http://counter.yadro.ru/ http://c.hit.ua/ http://mc.yandex.ru http://vk.me/".
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-4809740823367762&fa=3&ifi=7&uci=a!7&btvi=3&xpc=r9epSEoISP&p=http%3A//rulsmart.me Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-4809740823367762&fa=4&ifi=8&uci=a!8&btvi=4&xpc=qHazxa30RU&p=http%3A//rulsmart.me Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
bid.g.doubleclick.net
c.hit.ua
cdn.jsdelivr.net
cm.g.doubleclick.net
counter.yadro.ru
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
mc.webvisor.org
mc.yandex.ru
mpsuadv.ru
pagead2.googlesyndication.com
partner.googleadservices.com
r4---sn-4g5ednsd.c.2mdn.net
rulsmart.me
s0.2mdn.net
static.adsafeprotected.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.186.162
154.47.36.179
185.158.112.11
185.80.39.216
2600:1f18:1aca:4280:3a62:2499:26b7:5f52
2600:9000:2450:3200:8:48e:53c0:93a1
2607:f8b0:4012:809::2003
2a00:1450:4001:6e::9
2a00:1450:4001:800::2003
2a00:1450:4001:802::2001
2a00:1450:4001:802::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a02:6b8::1:119
2a04:4e42:600::485
37.252.171.85
45.12.19.24
52.30.88.149
74.125.133.155
88.212.202.52
89.184.81.35
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0669ae51d2cf3b325048d0f6852f4ed1b8e646157dbb436a8a3cdc544fc52ac5
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
0708086de3648fcdecf405833e628e1bb7720cb959065e9fb6641acd544950ac
09ba3c06b214b8086cfa3923b82bc26f7de8dd2d684a6e7a8146195a1c9cfa12
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d2588acc31bbe09ebed94f576f1b9a5aff882084aff6c8ef8e4bde8f82ef84b
1068b99f75e36f325ba21ef37a7d6d8dfd961e81aa8c1c35333510f01017d566
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
1116e6a6f1d8d180c0a37d423c7a1aedcd9591959512b834babe428d24d428ce
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
132bfc65622cb51725c0da6a6309fd249e39bffade81adce814003545211d583
13351b4efb1d21b4214e7e5f269c4552ab61a7ae47f48c8334deb6bbbc98b89f
14df2a057504800a9326d0968d9e60e9fa90fea47efb80567fb1779eac14fa18
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
20c904672c4a14d01110942a97decd121114141e7b438b743535146d6e890ce8
23160704852bafc6444c4b6747e6be5f91c0de230ac4a0a86ebd2b3171a03afa
2655b07df11c02a7f6625c88a67fd24d543e2e0e9a1589e971bcc9beadccdb97
2737f4a02f0d8277637838ed53152aa3f83e0ea4a6b51b6f889c8b2b9b7915a6
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27b02c87b8471199ab1a64fec6d919de08d73e94c70bc935597c1bb2c51af151
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2fe7c2f97f0fabc66e374c2bb335ac28ef5e788536b0ef1d63fc025b66d98d38
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3169ebd2ab9694730ead43506862dccf523054530ba387e35bea08fbf9f77dbf
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
338580a8d2678672efade259536b458530d6d2293f13da53a5ec97054c04bb14
36fdb1a09519c24b38c1151fcce1e7e224b592981425d94732820bbc26ccc0ad
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
41e0c6597db12c7255c2c856f1982e6a0988dc88f8cf66a67d482aead75e2ab3
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4be3c66684e6138210b3bc80c22614e33308b7f36570b641907b82e9e2f33daf
4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
539ada763478e79b42001f3cc28c50dbd5030c63423fc3101d11b10d7cbcf1c4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55be89949acd16b030b24ae502dbed0c236e6fcfac8e8388eeaf0b5fffaf452e
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5a904da1528423139fe01d846bf9599bbb4a81ebeb60db12a3bbc13c26dbff4e
5ca7c4c23b9bf6e9d22a3341c8bddb96c4c98cd2a40cf419fa208ddc99b3f2ce
5e5726422d0add3a44e26a0b2cf80487001c20e3556a471dc5d13ebe1d49d585
5e62f6c316a1de804c62823782c938352cf53798f90bc8e31fe40f750fbc54a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89
694232a260aae79863960cde335169eda08872773c6f3fc63a4c16edfcf9a477
6c00e881f3752549829bb0fab9a323e41ecf4adbdc35cac975db58c6b923d40d
6c307a98c3fb96533f6e0bdd2246eede741276618bc706c3714d528f1e686fcb
6f04f47fabff20443c2832679c5491e7c030901d0d16f79ea06f7779e539d294
70bf8d30a289b3cc20833a30e0f61441fc2fd6b7d678835440ba38bb0cc52cb6
71bb755c65b16eb957742783795f8aa3b8ec922678b3dc173242ce5d773c1b22
73870d5efdc89d1b790b7e63c0a8611a533db7ebcd6752763da42a6e6de6e49c
793b1b57c471fae8d2852819f4a2b21f96485a919972e90c50a32ec938cd245f
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7c6d048609571d275332f95ffbebeac26a375c59506b66053807aadf718ad0c1
8249bd03d3e09c996800a1ef1d3d7840ee482f62c2f82d1ba1b7ef7b41084833
85f53ebe401c06be4e3f5a898c339921f439091613ca8dd956b59818241eb7f3
8b56e66c3cabcd3cedfca137893d958bec787ab52b849d20c36d147766f690a7
8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48
8dcdf028d774030db8a0dc1e52a40dc23afa9b76f0f23d918a61d3918c2d6acc
8e3d390d68eb3acc234013f77c137a35190620a6ecfce5fc46bbddc7ea2e54e6
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
94fbbdb3c6f2c35ccfa3fc349e33e1cbc29a4836fe96fb2b4e3a9be4db1d47d9
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b643528532e4cf516958f0b454100d9d47739705fd0d527b3b356b965c904ee
9d4203f53f695738271eeae994a4e859d65d0de0c662032292530e52964e1764
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c647df34e4dc199d6f4c9f0467548fcf98a85691e7b88178039ffa1603cf41
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a9ad3c95290b3b7a9fa8e106aa8c442c629a1e732f26989455629f18d9f114b2
a9ede426918099ff28cef2553f05e38839abd17f24f6aa4da58e319beba2e840
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac3979236d331ea448afbf17eb4a89209d1200df59c00f0f896fde6423f60842
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aee407b709ce616c5453a5057299e92d704d943cbb9161f365bd7c82a3410789
afa6e155baa071dc9adb68c5f1be1772db2f2bb74e360af6e80d469a268632e7
b0da2becd0b69921e64a0cdf14f061956421b30d248401699a44d62a7ae7c833
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a990df8a168b5900a86361aaf27b615c86abb5f66f3b529d7c69213b8e43bb
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
b4f055f60deaea41af4c4833ebea5d01fe17a8004bd323a88e67a352704e5347
b7533152507474264bad490ce3fd19d9bb500983c43c905a5e726c485174a23e
b762373c020c62911fa62c16daba425dfe3845811927b8188f785d3731ad3150
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
bd4ccdc9162018b12b50a3b1b186c5123ecf54d8963ea179baee178ef706d3e6
bdae14000f409e929efc6f3cfd785b90a939d22044705a48f1a3b5074620fc12
bea9e26db977eefe6effc2c9eabefdbaedd4ba765ea4162f144104306d7d7d0b
c0481d08c5ba16b5f06c99dcb90ba081b01ca279c37690fc48aef791e4163546
c3cac8d21243616e7df551e5887cd60b556cb7791fe47990385735e4296d4fa4
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
d1d41b7c869a78730c951682c753b026f0f69acd35c8b734562201025f41f490
d203fd59975be8ab20699080e6fcf9bb5109cbccf6b40dab2a888921f86635d3
d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6
d5b4b49a7be55435041a74423ef85a51399c9ce6504446251f7ea24d3ca933f9
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
db00d8ce624603cd23c7820da2141d1efb5b9b4e5d54a9028e3089e8936e6bf8
dbfd4b1200a9bb591cb0ced04931e55300562113d8bd2d8bda966b289a54559c
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45c2bfe5b8f9c1698daa29d22e11742f6ac736ee85af5fb21684f45153ed147
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e60d9d1dce43b1ff0418a7237d16059aa82ede87dc63cf5973d1a2efc0f0051c
e78c611b1367a501b75f27cd92490e817d5bc63a3e6acae2a65b1b3a401a74ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f296b4177c44ce95b815417b8a8cc999da79eb3395756ef13388962e5be008ff
f48340f5342867f346eb8ebb67bd491ba352c594290e3ec951b9dc394700b917
f6bbc564020bb373b3c213ed67301c38c4ee8b09e3080c68bd5bf8a4ef1fe24d
f803b0618ea52f745b0c0426a63781fad8d07009a8941a6058230fd9b126a4b7
fa8dcb076f0747f8988f4b1b6ab9ba53d66bad716eb755bf60fa42607ab4558a
faefc7d5cb22f0899412f91aa8fcabe5910c50cb6faee897413b62ac324c0f79
ff003d754c838938665d96cd1f357aa4beab0705980c4110897d0b0bd4d3c80c
ff5885afdc7ef52b8a26a16f2b0475dfd7ef1c5083d2befa4fd754c61335afa6
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

rulsmart.me Open in urlscan Pro 185.158.112.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

224 Requests

80 %HTTPS

66 %IPv6

18 Domains

30 Subdomains

29 IPs

6 Countries

5542 kBTransfer

9341 kBSize

28 Cookies

0 Outgoing links

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rulsmart.me Open in urlscan Pro
185.158.112.11 Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

80 %
HTTPS

66 %
IPv6

18
Domains

30
Subdomains

29
IPs

6
Countries

5542 kB
Transfer

9341 kB
Size

28
Cookies

224 HTTP transactions
9 data transactions