108.su Open in urlscan Pro
109.94.209.55 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://108.su/
Submission Tags: su ru l4ing 💩 mass 1 Search All
Submission: On January 18 via manual (January 18th 2023, 7:20:26 pm UTC) from UA — Scanned from DE

Summary HTTP 90 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 15 domains to perform 90 HTTP transactions. The main IP is 109.94.209.55, located in Estonia and belongs to ARVID-LOGICUM, EE. The main domain is 108.su.

This is the only time 108.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 31	109.94.209.55 109.94.209.55	202376 (ARVID-LOG...) (ARVID-LOGICUM)
4	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	66.154.110.218 66.154.110.218	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
7	2a00:f820:425::3 2a00:f820:425::3	34549 (MEER-AS m...) (MEER-AS meerfarbig GmbH & Co. KG)
1	87.236.16.64 87.236.16.64	198610 (BEGET-AS) (BEGET-AS)
1 1	2606:4700:10:... 2606:4700:10::ac43:1aa2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::6816:3edb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
20	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:802::2001	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:400d:806::2004	15169 (GOOGLE) (GOOGLE)
90	15

31 109.94.209.55 (Estonia) 2 redirects

ASN202376 (ARVID-LOGICUM, EE)
PTR: zrthealth.com

108.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
leosharq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.154.110.218 (Atlanta, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: s05.flagcounter.com

s05.flagcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:f820:425::3 (Germany)

ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE)

jc.revolvermaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rf.revolvermaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jf.revolvermaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.236.16.64 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.grey1k.beget.com

it.sander.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1aa2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www4.clustrmaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:3edb (United States)

ASN13335 (CLOUDFLARENET, US)

clustrmaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	108.su 2 redirects 108.su	433 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 156	330 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	84 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	134 KB
7	revolvermaps.com jc.revolvermaps.com rf.revolvermaps.com — Cisco Umbrella Rank: 124050 jf.revolvermaps.com — Cisco Umbrella Rank: 586746	30 KB
5	clustrmaps.com 1 redirects www4.clustrmaps.com — Cisco Umbrella Rank: 708075 clustrmaps.com — Cisco Umbrella Rank: 55627	42 KB
3	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	946 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	97 KB
2	leosharq.com leosharq.com	178 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 672	34 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8470	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 813	691 B
1	sander.su it.sander.su	1 KB
1	flagcounter.com s05.flagcounter.com — Cisco Umbrella Rank: 281616	10 KB
0	empire-host.ru Failed empire-host.ru Failed
90	15

	Domain	Requested by
29	108.su	2 redirects 108.su
20	tpc.googlesyndication.com	googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
4	rf.revolvermaps.com	jc.revolvermaps.com 108.su rf.revolvermaps.com
4	clustrmaps.com	108.su code.jquery.com
4	pagead2.googlesyndication.com	108.su pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google.com	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	jf.revolvermaps.com	108.su
2	leosharq.com	108.su
1	code.jquery.com	www4.clustrmaps.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www4.clustrmaps.com	1 redirects
1	it.sander.su	108.su
1	jc.revolvermaps.com	108.su
1	s05.flagcounter.com	108.su
0	empire-host.ru Failed	108.su
90	20

This site contains links to these domains. Also see Links.

Domain
www.gb-stylez.de
bazanov.108.su
leosharq.ru
clustrmaps.com
s05.flagcounter.com
it.sander.su
ddt.081.su
leosharq.com
www.my-blog.leosharq.com
forsimple.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://108.su/
Frame ID: CCCDDDD3FB2E778A44AB81713999B864
Requests: 46 HTTP requests in this frame

Frame: http://rf.revolvermaps.com/5/f.php?m=8&h=81&i=20bnbxo9rrc&c=fff600
Frame ID: E4E949028C816C279B8631655132B81B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547
Frame ID: 89CD790BE542B4A2DFA374D8CEC75B6E
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537
Frame ID: 6400805FEDE3033BAFDD7A044C7D411F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=3690261318&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619788&bpp=8&bdt=312&idt=529&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942%2C3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=3894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=rO1Ot6lImM&p=http%3A//108.su&dtd=534
Frame ID: 53892DF767827BDE4FAA73BD4D25DEBF
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 15BCBD91A2E88A36C731AFA9290C9D59
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9C35E2CD626A664419047E2BF1B21292
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: DF8A4C4341C8F1DB8870EC599683D3F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: 962AA6A5C448F0BED175699EC873E4C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Соционика и ТрёхКолёсный Гороскоп

Detected technologies

ClustrMaps Widget (Maps) Expand

Overall confidence: 100%
Detected patterns

clustrmaps\.com

RevolverMaps (Maps) Expand

Overall confidence: 100%
Detected patterns

\.revolvermaps\.com

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

51 %
HTTPS

81 %
IPv6

15
Domains

20
Subdomains

15
IPs

6
Countries

1373 kB
Transfer

2928 kB
Size

4
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: http://www.gb-stylez.de/glitzer-text-generator/index.php

Search URL Search Domain Scan URL

URL: http://bazanov.108.su/

Search URL Search Domain Scan URL

URL: http://leosharq.ru/shop/cat_leosharq.ru.1434264232.html

Search URL Search Domain Scan URL

URL: http://clustrmaps.com/map/810.su?utm_source=widget&utm_campaign=widget_ctr
Title: 669 PageviewsDec. 18th - Jan. 18th

Search URL Search Domain Scan URL

URL: http://s05.flagcounter.com/more/LhN

Search URL Search Domain Scan URL

URL: http://it.sander.su/counters/google_love.php

Search URL Search Domain Scan URL

URL: http://ddt.081.su/
Title: .RU - 130 руб.

Search URL Search Domain Scan URL

URL: http://leosharq.ru/shop/kn_2.html
Title: Основы 4-мерного сознания

Search URL Search Domain Scan URL

URL: http://leosharq.ru/shop/kn1_3.html
Title: Выраженная многомерность

Search URL Search Domain Scan URL

URL: http://leosharq.ru/shop/kn_1.html
Title: Живи по солнечным часам

Search URL Search Domain Scan URL

URL: http://leosharq.com/post_1222945756.html
Title: Как обрести здоровье

Search URL Search Domain Scan URL

URL: http://leosharq.ru/shop/cat_leosharq.ru.1702890584.html

Search URL Search Domain Scan URL

URL: http://leosharq.ru/shop/tmp/3kg.zip
Title: Трехколесный гороскоп

Search URL Search Domain Scan URL

URL: http://leosharq.ru/
Title: Site

Search URL Search Domain Scan URL

URL: http://leosharq.com/
Title: Blog

Search URL Search Domain Scan URL

URL: http://www.my-blog.leosharq.com/
Title: About Sun

Search URL Search Domain Scan URL

URL: http://forsimple.ru/
Title: Amalgams

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

http://108.su/i/img_asc/bud2.gif HTTP 302
http://108.su/

Request Chain 32

http://www4.clustrmaps.com/counter/map.js HTTP 301
http://clustrmaps.com/counter/map.js

Request Chain 37

http://108.su/i/img_asc/bud2.gif HTTP 302
http://108.su/

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 88

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

90 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
108.su/ 48 KB
15 KB 1060ms
662ms Document
text/html 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to

Full URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 / PHP/5.2.17
Resource Hash: 6484406dc4108de980e10db720d3a2204631d32e52b2b748754a75231384918f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=windows-1251
Date: Wed, 18 Jan 2023 19:20:20 GMT
Expires: Sun, 06 Dec 2009 23:24:46 GMT
Last-Modified: Sun, 06 Dec 2009 23:24:56 GMT
Pragma: no-cache
Server: nginx/1.22.1
Transfer-Encoding: chunked
Upgrade: h2,h2c
X-Powered-By: PHP/5.2.17

GET
H/1.1 200
OK amalgams_asc_lbp.css
108.su/css/ 5 KB
2 KB 66ms
34ms Stylesheet
text/css 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to

Full URL: http://108.su/css/amalgams_asc_lbp.css
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 0f2713c4263b0223457a4a944813de809584f113c4c260e24813e6c505f9dc9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:20 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Apr 2010 19:08:34 GMT
Server: nginx/1.22.1
Transfer-Encoding: chunked
Upgrade: h2,h2c
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK logo.png
108.su/i/ 22 KB
22 KB 69ms
34ms Image
image/png 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/logo.png
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: dc4c9242b10ae916757b3112834319df891e0bcd0ca7aaa32c4334d8e1b040a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:06:14 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22261

GET
H/1.1 200
OK -.gif
108.su/i/ 58 B
290 B 43ms
33ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/-.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: fb5ad595c1b3df7350cf5f721f8df57d756863396c2dd91e1a88e2688c616b69

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:05:05 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58

GET
H/1.1 200
OK t.gif
108.su/i/ 8 KB
8 KB 67ms
34ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/t.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: f9c00e20e7d81c5a912b9d25f9bbfdbdb4e61013a07524e21ef507e2b617ffa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:06:25 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8204

GET
H/1.1 200
OK h.gif
108.su/i/ 11 KB
11 KB 73ms
34ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/h.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: e3350c0f7c59c2ee5923801eabedc0f9ffbe4a63726610057a3416d863794cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:06:01 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11291

GET
H/1.1 200
OK u.gif
108.su/i/ 12 KB
12 KB 73ms
35ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/u.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: cb41969e96a8c19d113d8a7f221c820143eacace0faf37ebb115a2cd93a356c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:06:33 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11964

GET
H/1.1 200
OK r.gif
108.su/i/ 14 KB
14 KB 34ms
34ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/r.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 35a027cd2e9474ceede26eaa2ac2d85f847c073536090588295a1c5198dfedbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:06:21 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14385

GET
H/1.1 200
OK s.gif
108.su/i/ 13 KB
13 KB 59ms
34ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/s.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 227d9e3bc06c5c45b0a355e20eff0b671a4172143f45ca383c79f959c2d6a7a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:06:23 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13412

GET
H/1.1 200
OK d.gif
108.su/i/ 13 KB
13 KB 51ms
35ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/d.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 1ccc164595fdc03ff93de6a245a7280d95918a056ee7e47a8b8b282a5351bd29

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:05:46 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12916

GET
H/1.1 200
OK a.gif
108.su/i/ 15 KB
15 KB 51ms
36ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/a.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: ec02090e50de2586d88b5ab74617202fdc90241a680ce90d9731a1b26b8401fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:05:39 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14960

GET
H/1.1 200
OK y.gif
108.su/i/ 9 KB
9 KB 77ms
34ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/y.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 869f505a57095ee3b7575fc4cf6e0c83038202591aedf287a90da4d5b22db2f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:06:35 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9147

GET
H/1.1 200
OK img10.gif
108.su/i/asclbp/ 813 B
1 KB 50ms
35ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/asclbp/img10.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 81380b2043eef8dbfd708ba75f4b7a8f4cee7fbddf67ed0f44c8bfb2ec79365b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:04:18 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 813

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 97 KB
36 KB 155ms
96ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 108.su
URL: http://108.su/

Protocol

HTTP/1.1

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6567caf7ff8a7da01ea3a955b6591a77048f255a6c8677ed7ab5afb7c421c9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13886570250425852421
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 36111
X-XSS-Protection: 0
Expires: Wed, 18 Jan 2023 19:20:19 GMT

GET
H/1.1 200
OK e.png
108.su/i/t/ 4 KB
4 KB 35ms
35ms Image
image/png 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/t/e.png
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 7801607b6bb89f3ac6af47fbcbc067eb2b8224d6d85679c354b59ce71bf23eb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:09:05 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3912

GET
H/1.1 200
OK g.png
108.su/i/t/ 810 B
1 KB 35ms
34ms Image
image/png 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/t/g.png
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 351294bb223daacba3a43ad24b3e5b36fa605df96f5f258e63f1f32dd07d4edd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:09:06 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 810

GET
H/1.1 200
OK f.png
108.su/i/t/ 1 KB
2 KB 34ms
33ms Image
image/png 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/t/f.png
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 2beb31a62ec0a7e197d35dd8506379a6c5cb37e690ebb2488e77dcbcbc3da987

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:09:06 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1488

GET
H/1.1 200
OK s.png
108.su/i/t/ 1004 B
1 KB 36ms
36ms Image
image/png 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/t/s.png
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 04005dc6e767cc2a3d076d9c59a4fa5e55f33f531481ef11bda76e1b2f056767

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:09:08 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1004

GET
H/1.1 200
OK i.png
108.su/i/t/ 929 B
1 KB 36ms
35ms Image
image/png 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/t/i.png
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 11e27f79bfb749125d5f6a949c743d119e8be3cb513b90cd8b6654a6d142a575

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:09:07 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 929

GET
H/1.1 200
OK j.png
108.su/i/t/ 938 B
1 KB 35ms
34ms Image
image/png 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/t/j.png
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 32063b94f07a113923f13efd157110891e4cdc1036ae1b289213d8cb06d3fe0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:09:07 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 938

GET
H/1.1 200
OK bud2.gif
108.su/i/asclbp/ 45 B
277 B 36ms
34ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/asclbp/bud2.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 60ad867e15806f5ac77374f6cd45a9f180d0f6755be47d86b10a1e192442759c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:04:17 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45

GET
H/1.1 200
OK banner.gif
108.su/i/ 169 KB
169 KB 35ms
34ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/banner.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: e4b6365f5ac027932327a6fd40044eed4d47782f50ade4ab671d459833d119c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 11 Nov 2012 18:10:32 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 172998

GET
H/1.1 200
OK igr.gif
leosharq.com/i/ 43 KB
43 KB 582ms
35ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leosharq.com/i/igr.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: dd23796d9ba547cc1740907b7164c102bf6e16ffd568cdc857100d05933a3725

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 04 Apr 2010 18:01:22 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44217

GET
H/1.1 200
OK /
s05.flagcounter.com/count/LhN/bg=FFFFFF/txt=000000/border=CCCCCC/columns=2/maxflags=12/viewers=0/labels=0/ 10 KB
10 KB 393ms
169ms Image
image/png 66.154.110.218
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s05.flagcounter.com/count/LhN/bg=FFFFFF/txt=000000/border=CCCCCC/columns=2/maxflags=12/viewers=0/labels=0/
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 66.154.110.218 Atlanta, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: s05.flagcounter.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash: 8abd61120862c2b23750fd1a24d45867f9e4c8df0d9d545be6f7c2605dfa5037

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 19:20:22 GMT
Cache-control: no-cache
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK t.js Show response
jc.revolvermaps.com/ 1 KB
1 KB 23ms
7ms Script
application/javascript 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: http://jc.revolvermaps.com/t.js
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 131f9c0bd483286bedc1afabae54aad3716440f5e35415df1043c0b2ce86fb0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:19 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Nov 2011 09:42:09 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=290304000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=100
Content-Length: 724

GET
H/1.1 200
OK 108.su.png
it.sander.su/counters/google_love/ 852 B
1 KB 291ms
56ms Image
image/png 87.236.16.64
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://it.sander.su/counters/google_love/108.su.png
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 87.236.16.64 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.grey1k.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 87d95839994d019d53967584b97876ebd9d77455ea07f9f364a2f29d64d70230

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:19 GMT
Last-Modified: Fri, 04 May 2018 22:01:35 GMT
Server: nginx-reuseport/1.21.1
ETag: "5aecd83f-354"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 852
Expires: Fri, 17 Feb 2023 19:20:19 GMT

GET
H/1.1

200
OK

/
108.su/
Redirect Chain

http://108.su/i/img_asc/bud2.gif
http://108.su/

48 KB
48 KB

60ms
59ms

Image
text/html

109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 / PHP/5.2.17
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 19:20:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Jan 2023 19:20:20 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/5.2.17
Transfer-Encoding: chunked
Content-Type: text/html; charset=windows-1251
Upgrade: h2,h2c
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Wed, 18 Jan 2023 19:20:10 GMT

Redirect headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/5.2.17
Upgrade: h2,h2c
Location: http://108.su/
Content-Type: text/html
Connection: keep-alive
Content-Length: 0

GET 120x60_1.gif
empire-host.ru/partner/12/ 0
0

GET
H/1.1 200
OK denovtzy.gif
leosharq.com/i/ 134 KB
134 KB 526ms
36ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leosharq.com/i/denovtzy.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 513d460a5a9c06a2f9833e37585d1f7ec1a04195a91d09c277c87b24e2c9dcb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 04 Apr 2010 18:01:13 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137408

GET
H/1.1 200
OK img11.gif
108.su/i/asclbp/ 48 B
280 B 34ms
34ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/asclbp/img11.gif
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: 45c47100f16fc76fd967ae054c80350b42b6ee5a531d52f8ba5cfc107a622eae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:04:18 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48

GET
H/1.1 200
OK 381-2.gif
108.su/i/asclbp/ 9 KB
9 KB 35ms
35ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/asclbp/381-2.gif
Requested by: Host: 108.su
URL: http://108.su/css/amalgams_asc_lbp.css
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: c375dfc4de029855edcfd2743815d92e9af04264f4b9c8f793dbe3968121144e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/css/amalgams_asc_lbp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:04:15 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9263

GET
H/1.1 200
OK 381-LBP-2.jpg
108.su/i/asclbp/ 9 KB
10 KB 42ms
34ms Image
image/jpeg 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/asclbp/381-LBP-2.jpg
Requested by: Host: 108.su
URL: http://108.su/css/amalgams_asc_lbp.css
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: e845cfb5abc06448c475467bcf2cdbc4abb55ae058b4bb89ae88ebed41bee48a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/css/amalgams_asc_lbp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:04:16 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9637

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
118 KB 364ms
113ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=pub-1584998454148102&plah=108.su

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be564d71095025c866fb1329193c16b5d542792bdaae6cb26d80445fe3b7ec9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:20:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119980
x-xss-protection: 0
server: cafe
etag: 17961654545700481596
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 19:20:20 GMT

GET
H/1.1

200
OK

map.js Show response
clustrmaps.com/counter/
Redirect Chain

http://www4.clustrmaps.com/counter/map.js
http://clustrmaps.com/counter/map.js

71 KB
22 KB

501ms
464ms

Script
text/javascript

2606:4700:10::6816:3edb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://clustrmaps.com/counter/map.js

Requested by

Host: 108.su
URL: http://108.su/

Protocol

HTTP/1.1

Server

2606:4700:10::6816:3edb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.9

Resource Hash

717c7d523363f91758e767f89037b18e37c880bfac7364958307866b022e27bf

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 19:20:20 GMT
Content-Encoding: gzip
CF-Cache-Status: BYPASS
Last-Modified: Fri, 24 Jul 2020 10:42:29 GMT
Server: cloudflare
X-Powered-By: PHP/7.4.9
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 78b9aff56c8abbfe-FRA
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Date: Wed, 18 Jan 2023 19:20:20 GMT
CF-Cache-Status: EXPIRED
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Location: http://clustrmaps.com/counter/map.js
Cache-Control: max-age=1800
Connection: keep-alive
CF-RAY: 78b9aff3da5bbbe9-FRA
Content-Length: 178

GET
H/1.1 200
OK f.php Show response
rf.revolvermaps.com/5/ Frame E4E9 5 KB
3 KB 25ms
7ms Document
text/html 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: http://rf.revolvermaps.com/5/f.php?m=8&h=81&i=20bnbxo9rrc&c=fff600
Requested by: Host: jc.revolvermaps.com
URL: http://jc.revolvermaps.com/t.js
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: f6f06de5c2c348715b5ed575a9c3c6fc9beb689b2794a8cb69955671776611fe

Request headers

Referer: http://108.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=290304000
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 2663
Content-Type: text/html; charset=UTF-8
Date: Wed, 18 Jan 2023 19:20:20 GMT
Keep-Alive: timeout=4, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK c.php
jf.revolvermaps.com/ 43 B
290 B 43ms
11ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jf.revolvermaps.com/c.php?i=20bnbxo9rrc
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:19 GMT
Last-Modified: Wed, 18 Jan 2023 19:20:19 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=900
Connection: Keep-Alive
Keep-Alive: timeout=4, max=100
Content-Length: 43

GET
H/1.1 200
OK r.php
jf.revolvermaps.com/ 43 B
216 B 44ms
11ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jf.revolvermaps.com/r.php?i=20bnbxo9rrc&l=http%3A%2F%2F108.su%2F&r=1674069619802
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:19 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=4, max=100
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK 1049s.gif
108.su/i/asclbp/ 1 KB
1 KB 34ms
34ms Image
image/gif 109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/i/asclbp/1049s.gif
Requested by: Host: 108.su
URL: http://108.su/css/amalgams_asc_lbp.css
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 /
Resource Hash: ffc872a3365d1662913f722ca0bd6691c643662b7fd80a0f7e149fd3a0b255d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/css/amalgams_asc_lbp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Last-Modified: Sun, 06 Dec 2009 23:04:14 GMT
Server: nginx/1.22.1
Upgrade: h2,h2c
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1214

GET
H/1.1

200
OK

/
108.su/
Redirect Chain

http://108.su/i/img_asc/bud2.gif
http://108.su/

48 KB
48 KB

63ms
62ms

Image
text/html

109.94.209.55
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://108.su/
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 109.94.209.55 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: zrthealth.com
Software: nginx/1.22.1 / PHP/5.2.17
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 19:20:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Jan 2023 19:20:20 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/5.2.17
Transfer-Encoding: chunked
Content-Type: text/html; charset=windows-1251
Upgrade: h2,h2c
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Wed, 18 Jan 2023 19:20:10 GMT

Redirect headers

Date: Wed, 18 Jan 2023 19:20:21 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/5.2.17
Upgrade: h2,h2c
Location: http://108.su/
Content-Type: text/html
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ Frame E4E9 786 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c23c07af6fbacbe4d12ab645f6b1a4c29f043ee69726f7c214096efce1acd2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf.revolvermaps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 8.jpg
rf.revolvermaps.com/d/m/256/ Frame E4E9 20 KB
21 KB 8ms
7ms Image
image/jpeg 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rf.revolvermaps.com/d/m/256/8.jpg
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 56c737d9b716683d6043d52f20e8c92d10e238cbe81df5d23241e1cf531157e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf.revolvermaps.com/5/f.php?m=8&h=81&i=20bnbxo9rrc&c=fff600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:20 GMT
Last-Modified: Sun, 20 Feb 2011 15:36:38 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: public, max-age=290304000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=99
Content-Length: 20743

GET
H/1.1 200
OK t.php Show response
rf.revolvermaps.com/ Frame E4E9 36 B
223 B 7ms
7ms XHR
text/plain 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: http://rf.revolvermaps.com/t.php?i=20bnbxo9rrc&r=vq23
Requested by: Host: rf.revolvermaps.com
URL: http://rf.revolvermaps.com/5/f.php?m=8&h=81&i=20bnbxo9rrc&c=fff600
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 2a90540988ff20cef034e2bf62bd05f2af420086248e41afcbd224936933cc8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf.revolvermaps.com/5/f.php?m=8&h=81&i=20bnbxo9rrc&c=fff600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:20 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=4, max=98
Content-Length: 36
Content-Type: text/plain;charset=UTF-8

GET
H/1.1 200
OK c.php Show response
rf.revolvermaps.com/ Frame E4E9 11 KB
4 KB 40ms
40ms XHR
text/plain 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: http://rf.revolvermaps.com/c.php?i=20bnbxo9rrc&h=81&t=0
Requested by: Host: rf.revolvermaps.com
URL: http://rf.revolvermaps.com/5/f.php?m=8&h=81&i=20bnbxo9rrc&c=fff600
Protocol: HTTP/1.1
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: f5356a0269edfc62e643490e8c98cac2cfbe7a650c9d7e980260bc82d62a42f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://rf.revolvermaps.com/5/f.php?m=8&h=81&i=20bnbxo9rrc&c=fff600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
Date: Wed, 18 Jan 2023 19:20:20 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/plain;charset=UTF-8
Cache-Control: max-age=43200
Connection: close
Content-Length: 4258

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 379 B
691 B 194ms
44ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=108.su&callback=_gfp_s_&client=ca-pub-1584998454148102&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=pub-1584998454148102&plah=108.su

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

892a8e74777f1efc23f431abe536a4448c6094b133b47f7992c811425d07a48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 146ms
47ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=108.su

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=pub-1584998454148102&plah=108.su

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 186ms
69ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=108.su

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=pub-1584998454148102&plah=108.su

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 89CD 339 KB
23 KB 425ms
337ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=pub-1584998454148102&plah=108.su

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac83b17636c7fe52e8fad02a98d1976270655cbc8f162a68187013436c425d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://108.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23081
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 19:20:20 GMT
expires: Wed, 18 Jan 2023 19:20:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6400 75 KB
30 KB 435ms
356ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=pub-1584998454148102&plah=108.su

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12291b05e62887040de2433e2efe748a6d0eb0b6ac3ef2ab394c38b78908bcc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://108.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30345
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 19:20:20 GMT
expires: Wed, 18 Jan 2023 19:20:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5389 76 KB
31 KB 364ms
297ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=3690261318&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619788&bpp=8&bdt=312&idt=529&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942%2C3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=3894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=rO1Ot6lImM&p=http%3A//108.su&dtd=534

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=pub-1584998454148102&plah=108.su

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc4b7de4c0823525b3d0d9c3410a361221b81942649db2c5c31d2b4995f7cc21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://108.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30708
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 19:20:20 GMT
expires: Wed, 18 Jan 2023 19:20:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
34 KB 83ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: www4.clustrmaps.com
URL: http://www4.clustrmaps.com/counter/map.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:20:20 GMT
content-encoding: gzip
x-sp-metadata: HS256.CISpoZ4GEo8BCiQzNTYzYWM1MS1iMmFmLTQxOTMtYmY0OC1kMjZlNjFlNTFmODUQ+OiCoKvU+wIaBgj0jKGeBiIUMmEwMzoxYjIwOjY6ZjAxMTo6NmUo+oQCMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiRkZDJiZTg5NC1hMzFiLTRjZjYtYmMwNi00MWIxZmFlNTMyNzQYyocCIhgIAhIUY2RzMzAyLmFtNS5od2Nkbi5uZXQ=.jjhD9u/bK8VL82wBE39qZLnKZcExSBY8fZ5cq6umODg=
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-17b8b"
vary: Accept-Encoding
x-hw: 1674069620.dop109.am5.t,1674069620.cds266.am5.hn,1674069620.cds302.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H/1.1 200
OK widget_call_home.js Show response
clustrmaps.com/ 27 KB
7 KB 253ms
253ms Script
text/plain 2606:4700:10::6816:3edb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://clustrmaps.com/widget_call_home.js?callback=jQuery1124029903982269465534_1674069620637&old_code=true&d=http%3A%2F%2F810.su%2F&u=919907&w=180&t=m&_=1674069620638

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

HTTP/1.1

Server

2606:4700:10::6816:3edb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.9

Resource Hash

864c96f2faa5d0ae693b256466e70cb628c059b5eb5913eb45b8f1c67fbf660f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 19:20:20 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
X-Powered-By: PHP/7.4.9
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: text/plain;charset=UTF-8
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 78b9aff90c01bbfe-FRA
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bg-w_180.png
clustrmaps.com/generated_content/backs/ 11 KB
11 KB 70ms
39ms Image
image/png 2606:4700:10::6816:3edb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clustrmaps.com/generated_content/backs/bg-w_180.png
Requested by: Host: 108.su
URL: http://108.su/
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:3edb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 774bbd59add5315e34044cefb4cffd050a7f50ad7795a2dedec95e7104d97792

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 19:20:20 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 28 Aug 2020 09:53:58 GMT
Server: cloudflare
Age: 2833
ETag: "5f48d436-2b86"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 78b9aff93c059b70-FRA
Content-Length: 11142

GET
H2 200 9634676380512274652
tpc.googlesyndication.com/simgad/ Frame 5389 35 KB
35 KB 210ms
112ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9634676380512274652?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlR4e-BObxGAH3Ws7xJVvg9g9qOag

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=3690261318&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619788&bpp=8&bdt=312&idt=529&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942%2C3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=3894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=rO1Ot6lImM&p=http%3A//108.su&dtd=534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81508d021b30feaff7e256b6b9737b1e99d8e4ca6e5f97b8f5c549a484648ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 05:54:20 GMT
x-content-type-options: nosniff
age: 480360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36040
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 04:38:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Jan 2024 05:54:20 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5389 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDWZ6dEbIY_ebGePQzAa1zp3gCKLwz7luy6aPzosR6M_3wv01EAEg4v6iC2CV4pCCoAegAYPArpUCyAECqAMByAPJBKoEugFP0LwZxeq15Jc97uuL22nQuDTlRX1MywKe38YqFgA9YfBl6l5CtvOEmHBRTHukigeNkJJGsd9hlPxu4U9fE9hMzWw-8ooadiR-poan6QzaUhhswTMFs0Vdg2JAED_8CSHON7YHR0e50_DlGHsQSwQklBO0XiLSSMRxNf5veG7DrGHvRf-xg3mNgXNQ1B6YaqpnFWI2QcW0ghVOFnhBQtxB5kT1TDTzyd9cYycHIlMLHMv0h3fMGQLcClPABMOW3vqTBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAflv9HqAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEMw60ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMTU4NDk5ODQ1NDE0ODEwMhgA&sigh=MHl_HGZcgEw&uach_m=[UACH]&cid=CAQSGwDq26N9b5Y5EdFN1Og6cjCnAZUDJfyvE8Uc2RgBIBM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=3690261318&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619788&bpp=8&bdt=312&idt=529&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942%2C3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=3894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=rO1Ot6lImM&p=http%3A//108.su&dtd=534
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 18 Jan 2023 19:20:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Jan 2023 19:20:20 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/ Frame 5389 22 KB
9 KB 139ms
52ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 02:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 02:21:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame 5389 3 KB
1 KB 189ms
104ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 11:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 11:19:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame 5389 18 KB
7 KB 182ms
96ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcb2a2d76154a28aee5a1e84fce890f1e5bd8ef41d5a7c8368f1db418409cc83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 19:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7536
x-xss-protection: 0
server: cafe
etag: 18409170587552385168
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 19:39:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5389 157 KB
49 KB 222ms
107ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 19:20:20 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame 5389 33 KB
13 KB 226ms
141ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4e2145c86f00dab4119fe15eb242717248c9f583a35c261ddb4922cc0d9ecbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 20:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13527
x-xss-protection: 0
server: cafe
etag: 11243775830031938465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 20:00:12 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012301041800000/ Frame 89CD 221 KB
61 KB 199ms
52ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 90787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61740
x-xss-protection: 0
server: sffe
etag: "8e9029bac2b10828"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 89CD 15 KB
5 KB 282ms
136ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 90787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5230
x-xss-protection: 0
server: sffe
etag: "98e8559bf0300638"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 89CD 94 KB
28 KB 282ms
143ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 90787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28829
x-xss-protection: 0
server: sffe
etag: "80143a542ab189b2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 89CD 72 KB
16 KB 308ms
169ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efc139ec3d6bcdb20e2bb0bc0036d3ba9439db4a74d74d24f89d99d1ca895d21

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:15 GMT
age: 90785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16661
x-xss-protection: 0
server: sffe
etag: "f45db8e2e8d1d1ee"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:15 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 89CD 5 KB
2 KB 299ms
160ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 90787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "c26873ae23a2dfcc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 89CD 40 KB
13 KB 299ms
162ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:13 GMT
age: 90787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "a53f7d5e2894160e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:13 GMT

GET
H2 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 89CD 3 KB
3 KB 131ms
79ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:13:15 GMT
x-content-type-options: nosniff
server: cafe
age: 425
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Thu, 19 Jan 2023 19:13:15 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 89CD 344 B
573 B 103ms
52ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:01:41 GMT
x-content-type-options: nosniff
server: cafe
age: 1119
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 19 Jan 2023 19:01:41 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 89CD 0
285 B 86ms
85ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4NSUdEbIY5eQGcia-wb8pY7QD4j2kYZuxInY15UR68qi75c3EAEg4v6iC2CV4pCCoAegAd3OtrQByAEJqQIINfDaTSpoPqgDAcgDCKoEtAFP0ALHyS6aHow13pSmbZoqub9teTjMQwIqfjRcxoopOHbSJidCXOvF_ITLVRIY67twm7zoepuURwpGR_EYKoiIe3t4q-Mp0k3P943iHRsO67nInlUYpiexn_6dP_ao217wTxtWGRil5f8bCMXR7E0EqKYo4x43yTNXk2R2V0Gc7ysixAp6wgzdKLCSNnCKDjb-rVZije3_iRWm6LPjtMZKZb-ZrnaBDawITacoW0OIGwvf7G7ABITJqu2cBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeLscnLAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKOmCNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTE1ODQ5OTg0NTQxNDgxMDIYAA&sigh=hf6Y2mUzLUo&uach_m=[UACH]&cid=CAQSGwDq26N9i_7NBdR0i_GlxNeKo4uYtA2wcY1oCRgBIBM&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 18 Jan 2023 19:20:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Jan 2023 19:20:20 GMT

GET
DATA 200
OK truncated
/ Frame 89CD 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2271ad9fa3006adf634a42ba4878e39cd853944f407e2bfc7c34498fbced7530

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 001.png
tpc.googlesyndication.com/sadbundle/1283769126207215292/ Frame 89CD 3 KB
3 KB 153ms
110ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1283769126207215292/001.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c3b9b47eceecfcce6ae93daa02fddd60a42851d5e3b434f58a4eefed543689c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 11:02:04 GMT
x-content-type-options: nosniff
age: 29896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3386
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 14:49:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Jan 2024 11:02:04 GMT

GET
H2 200 002.png
tpc.googlesyndication.com/sadbundle/1283769126207215292/ Frame 89CD 4 KB
4 KB 151ms
109ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1283769126207215292/002.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57a0600075650609195ef926192620c50e9d328c55a19f1c301ee6226416154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 11:02:04 GMT
x-content-type-options: nosniff
age: 29896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3675
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 14:49:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Jan 2024 11:02:04 GMT

GET
H2 200 003.png
tpc.googlesyndication.com/sadbundle/1283769126207215292/ Frame 89CD 4 KB
4 KB 149ms
107ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1283769126207215292/003.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faa985d20fe27d69a0c69e19b1fd5ad6c05b7a3b220e1e687c4d1d946f290597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:44:55 GMT
x-content-type-options: nosniff
age: 77725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 14:49:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jan 2024 21:44:55 GMT

GET
H2 200 004.png
tpc.googlesyndication.com/sadbundle/1283769126207215292/ Frame 89CD 4 KB
4 KB 70ms
43ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1283769126207215292/004.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb3ada278ca2edfd79b915802daf4e0e66c58e537edf721593abbd952c1e3484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:44:55 GMT
x-content-type-options: nosniff
age: 77725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3657
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 14:49:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jan 2024 21:44:55 GMT

GET
H2 200 005.png
tpc.googlesyndication.com/sadbundle/1283769126207215292/ Frame 89CD 4 KB
4 KB 71ms
43ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1283769126207215292/005.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

230165959bff2b3b77aafb05b4826b00c4fbe659163d5a390d9a3477a4262133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 07:06:12 GMT
x-content-type-options: nosniff
age: 44048
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4296
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 14:49:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 Jan 2024 07:06:12 GMT

GET
H2 200 006.png
tpc.googlesyndication.com/sadbundle/1283769126207215292/ Frame 89CD 4 KB
4 KB 109ms
81ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1283769126207215292/006.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d8e82625453aa6fe408db0a86db14a0f16149ee82b9f2178f425d9906c24a17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:44:55 GMT
x-content-type-options: nosniff
age: 77725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3774
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 14:49:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jan 2024 21:44:55 GMT

GET
H2 200 007.png
tpc.googlesyndication.com/sadbundle/1283769126207215292/ Frame 89CD 4 KB
4 KB 74ms
47ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1283769126207215292/007.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9e4fd8c52937c042340c02821f595067bead21a7c83892e0e9b268583f4504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:44:55 GMT
x-content-type-options: nosniff
age: 77725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4092
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 14:49:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jan 2024 21:44:55 GMT

GET
H2 200 overlayplay.png
tpc.googlesyndication.com/sadbundle/1283769126207215292/ Frame 89CD 3 KB
3 KB 76ms
49ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1283769126207215292/overlayplay.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=4238693171&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619753&bpp=16&bdt=277&idt=518&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&correlator=2376497474000&frm=20&pv=2&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=1330&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=slIMvcNKx2&p=http%3A//108.su&dtd=547

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f5910a7d58ac80a4d1da968f47fbaf9d2381f38197c3d132b5d3469049671d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:44:55 GMT
x-content-type-options: nosniff
age: 77725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3246
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 14:49:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Jan 2024 21:44:55 GMT

GET
H2 200 16247018630214447366
tpc.googlesyndication.com/daca_images/simgad/ Frame 6400 14 KB
14 KB 158ms
127ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16247018630214447366

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed53b712c64caf99f6d98ef072f7276dd556bbef57ea3cfa75c7558965174fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 10:07:31 GMT
x-content-type-options: nosniff
age: 292369
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13889
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 22:28:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 15 Jan 2024 10:07:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/ Frame 6400 22 KB
9 KB 115ms
84ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 02:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8889
x-xss-protection: 0
server: cafe
etag: 3049769697470197148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 02:21:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame 6400 3 KB
1 KB 112ms
102ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 11:19:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 11:19:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame 6400 18 KB
7 KB 104ms
91ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcb2a2d76154a28aee5a1e84fce890f1e5bd8ef41d5a7c8368f1db418409cc83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 19:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7536
x-xss-protection: 0
server: cafe
etag: 18409170587552385168
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 19:39:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6400 157 KB
48 KB 218ms
176ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 19:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 19:20:20 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame 6400 33 KB
13 KB 147ms
137ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4e2145c86f00dab4119fe15eb242717248c9f583a35c261ddb4922cc0d9ecbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 20:00:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13527
x-xss-protection: 0
server: cafe
etag: 11243775830031938465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 20:00:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6400 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COvnDdEbIY62LGcuu-wbrz7fIDabg0d9steKiysQPtYmqnJwvEAEg4v6iC2CV4pCCoAegAaTdmosDyAECqAMByAPJBKoEuwFP0NXXDkLUpDf2s2CQ5osoZ7h655vs26VVx66VEkq3ODIebLwZHICyYMrCZ88CwQEtqQ5ejMWBfe25zHLreqx82mTU5w0OT-T2chJJt7cTEOhaFc33k_7ny1xKC4LJFPmk8XMnbEZ6V6Qbu2fnerPbVkGI2ZsB9Lhm4Cl5fhrFTJViP_I5WqBsE5lzAHEetpVFN2OMCppXjBON0dZqRTQTZJC9wM2xx4_KgwAf_g7ziAZ-A_rlOcoPeGcPwASh_dyo7gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHxKLldKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEPdT0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMTU4NDk5ODQ1NDE0ODEwMhgA&sigh=rgtxIqndWFA&uach_m=[UACH]&cid=CAQSGwDq26N9_TGZXLluS4cwj8CKSIUa8_qNRWSWhRgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 18 Jan 2023 19:20:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Jan 2023 19:20:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 15BC 143 B
166 B 38ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=3690261318&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619788&bpp=8&bdt=312&idt=529&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942%2C3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=3894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=rO1Ot6lImM&p=http%3A//108.su&dtd=534
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 18:51:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9C35 143 B
166 B 36ms
36ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 18:51:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6400 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f14d0016a5ad56bb199f591ebdf33c99eaff264cba4500e9477ce304a7744b4f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5389 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b082ffcd993e8d08eb7248d5464161c6bc1250b8191f41f67be6e5f929aa49f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 15BC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
54ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 19:20:21 GMT
expires: Wed, 18 Jan 2023 19:20:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 19:20:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9C35
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
47ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 19:20:21 GMT
expires: Wed, 18 Jan 2023 19:20:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 19:20:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK map Show response
clustrmaps.com/ajax/ 2 KB
1 KB 233ms
232ms Script
text/plain 2606:4700:10::6816:3edb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://clustrmaps.com/ajax/map?callback=jQuery1124029903982269465534_1674069620637&last_hit_id=14233190710&initial_hit_id=14233190710&initial=true&animate=true&user=919907&url=%22810.su%22&id=1114618&globalTotal=false&mapType=widget&_=1674069620639

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js

Protocol

HTTP/1.1

Server

2606:4700:10::6816:3edb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.9

Resource Hash

44e2ce54962caa687c7a3ce6b7037506021c2c471941c37ca56c114061e8be63

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Jan 2023 19:20:21 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
X-Powered-By: PHP/7.4.9
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: text/plain;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 78b9affb7a3abbfe-FRA
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012301041800000/ 23 KB
8 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=pub-1584998454148102&plah=108.su

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ab0929ccb19b57ec09d81c1978a19ff6fd7ed6ab03464d74aa6cb2ce9e084f1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://108.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Jan 2023 18:07:14 GMT
age: 90787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7848
x-xss-protection: 0
server: sffe
etag: "9de0892da99263d1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 Jan 2024 18:07:14 GMT

GET
H2 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame DF8A 36 KB
16 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 10:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 10:03:30 GMT

GET
H2 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 962A 36 KB
16 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584998454148102&output=html&h=60&slotname=3887880942&adk=361109870&adf=419728201&pi=t.ma~as.3887880942&w=468&lmt=1260141896&url=http%3A%2F%2F108.su%2F&wgl=1&dt=1674069619772&bpp=7&bdt=296&idt=533&shv=r20230112&mjsv=m202212050101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3887880942&correlator=2376497474000&frm=20&pv=1&ga_vid=910995982.1674069620&ga_sid=1674069620&ga_hid=927875933&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=2457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44777877&oid=2&pvsid=3200909030394193&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoEebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=gY4Ba6RB89&p=http%3A//108.su&dtd=537

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 10:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 10:03:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: empire-host.ru
URL: http://empire-host.ru/partner/12/120x60_1.gif

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.108.su/	1970-01-20 18:22:45	Name: __gads Value: ID=b9f3265f643cc698-22a19e924edb0069:T=1674069620:RT=1674069620:S=ALNI_MadO9F620HP_vpI9valSO_oBnBs5g
.108.su/	1970-01-20 18:22:45	Name: __gpi Value: UID=00000ba4c4bf2911:T=1674069620:RT=1674069620:S=ALNI_Mbf3LaHVySKK5bHYcbtxUWyCN5tjA
.doubleclick.net/	1970-01-20 18:22:45	Name: IDE Value: AHWqTUnLH4IKlVpFZWI-TGBgyctpUfzh2Kn8WTHDhCbGlnTXJK36A1Pco4ytgQkUBDE
.doubleclick.net/	1970-01-20 09:01:13	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

108.su
adservice.google.com
adservice.google.de
cdn.ampproject.org
clustrmaps.com
code.jquery.com
empire-host.ru
googleads.g.doubleclick.net
it.sander.su
jc.revolvermaps.com
jf.revolvermaps.com
leosharq.com
pagead2.googlesyndication.com
partner.googleadservices.com
rf.revolvermaps.com
s05.flagcounter.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www4.clustrmaps.com
empire-host.ru
109.94.209.55
2001:4de0:ac18::1:a:2a
2606:4700:10::6816:3edb
2606:4700:10::ac43:1aa2
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:400d:802::2001
2a00:1450:400d:803::2002
2a00:1450:400d:806::2002
2a00:1450:400d:806::2004
2a00:1450:400d:80a::2002
2a00:f820:425::3
66.154.110.218
87.236.16.64
04005dc6e767cc2a3d076d9c59a4fa5e55f33f531481ef11bda76e1b2f056767
0b082ffcd993e8d08eb7248d5464161c6bc1250b8191f41f67be6e5f929aa49f
0f2713c4263b0223457a4a944813de809584f113c4c260e24813e6c505f9dc9f
11e27f79bfb749125d5f6a949c743d119e8be3cb513b90cd8b6654a6d142a575
12291b05e62887040de2433e2efe748a6d0eb0b6ac3ef2ab394c38b78908bcc1
131f9c0bd483286bedc1afabae54aad3716440f5e35415df1043c0b2ce86fb0d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ccc164595fdc03ff93de6a245a7280d95918a056ee7e47a8b8b282a5351bd29
2271ad9fa3006adf634a42ba4878e39cd853944f407e2bfc7c34498fbced7530
227d9e3bc06c5c45b0a355e20eff0b671a4172143f45ca383c79f959c2d6a7a2
230165959bff2b3b77aafb05b4826b00c4fbe659163d5a390d9a3477a4262133
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
2a90540988ff20cef034e2bf62bd05f2af420086248e41afcbd224936933cc8b
2beb31a62ec0a7e197d35dd8506379a6c5cb37e690ebb2488e77dcbcbc3da987
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32063b94f07a113923f13efd157110891e4cdc1036ae1b289213d8cb06d3fe0a
351294bb223daacba3a43ad24b3e5b36fa605df96f5f258e63f1f32dd07d4edd
35a027cd2e9474ceede26eaa2ac2d85f847c073536090588295a1c5198dfedbe
3c3b9b47eceecfcce6ae93daa02fddd60a42851d5e3b434f58a4eefed543689c
44e2ce54962caa687c7a3ce6b7037506021c2c471941c37ca56c114061e8be63
45c47100f16fc76fd967ae054c80350b42b6ee5a531d52f8ba5cfc107a622eae
4d8e82625453aa6fe408db0a86db14a0f16149ee82b9f2178f425d9906c24a17
4ed53b712c64caf99f6d98ef072f7276dd556bbef57ea3cfa75c7558965174fd
513d460a5a9c06a2f9833e37585d1f7ec1a04195a91d09c277c87b24e2c9dcb5
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
56c737d9b716683d6043d52f20e8c92d10e238cbe81df5d23241e1cf531157e1
5ab0929ccb19b57ec09d81c1978a19ff6fd7ed6ab03464d74aa6cb2ce9e084f1
5f5910a7d58ac80a4d1da968f47fbaf9d2381f38197c3d132b5d3469049671d9
60ad867e15806f5ac77374f6cd45a9f180d0f6755be47d86b10a1e192442759c
6484406dc4108de980e10db720d3a2204631d32e52b2b748754a75231384918f
6567caf7ff8a7da01ea3a955b6591a77048f255a6c8677ed7ab5afb7c421c9e0
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
717c7d523363f91758e767f89037b18e37c880bfac7364958307866b022e27bf
774bbd59add5315e34044cefb4cffd050a7f50ad7795a2dedec95e7104d97792
7801607b6bb89f3ac6af47fbcbc067eb2b8224d6d85679c354b59ce71bf23eb6
7a9e4fd8c52937c042340c02821f595067bead21a7c83892e0e9b268583f4504
81380b2043eef8dbfd708ba75f4b7a8f4cee7fbddf67ed0f44c8bfb2ec79365b
81508d021b30feaff7e256b6b9737b1e99d8e4ca6e5f97b8f5c549a484648ba0
864c96f2faa5d0ae693b256466e70cb628c059b5eb5913eb45b8f1c67fbf660f
869f505a57095ee3b7575fc4cf6e0c83038202591aedf287a90da4d5b22db2f5
87d95839994d019d53967584b97876ebd9d77455ea07f9f364a2f29d64d70230
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
892a8e74777f1efc23f431abe536a4448c6094b133b47f7992c811425d07a48a
8abd61120862c2b23750fd1a24d45867f9e4c8df0d9d545be6f7c2605dfa5037
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
ac83b17636c7fe52e8fad02a98d1976270655cbc8f162a68187013436c425d12
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
be564d71095025c866fb1329193c16b5d542792bdaae6cb26d80445fe3b7ec9c
c23c07af6fbacbe4d12ab645f6b1a4c29f043ee69726f7c214096efce1acd2d7
c375dfc4de029855edcfd2743815d92e9af04264f4b9c8f793dbe3968121144e
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
cb3ada278ca2edfd79b915802daf4e0e66c58e537edf721593abbd952c1e3484
cb41969e96a8c19d113d8a7f221c820143eacace0faf37ebb115a2cd93a356c1
cc4b7de4c0823525b3d0d9c3410a361221b81942649db2c5c31d2b4995f7cc21
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d4e2145c86f00dab4119fe15eb242717248c9f583a35c261ddb4922cc0d9ecbd
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
dc4c9242b10ae916757b3112834319df891e0bcd0ca7aaa32c4334d8e1b040a6
dd23796d9ba547cc1740907b7164c102bf6e16ffd568cdc857100d05933a3725
e3350c0f7c59c2ee5923801eabedc0f9ffbe4a63726610057a3416d863794cab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b6365f5ac027932327a6fd40044eed4d47782f50ade4ab671d459833d119c1
e845cfb5abc06448c475467bcf2cdbc4abb55ae058b4bb89ae88ebed41bee48a
ec02090e50de2586d88b5ab74617202fdc90241a680ce90d9731a1b26b8401fa
efc139ec3d6bcdb20e2bb0bc0036d3ba9439db4a74d74d24f89d99d1ca895d21
f14d0016a5ad56bb199f591ebdf33c99eaff264cba4500e9477ce304a7744b4f
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
f5356a0269edfc62e643490e8c98cac2cfbe7a650c9d7e980260bc82d62a42f6
f57a0600075650609195ef926192620c50e9d328c55a19f1c301ee6226416154
f6f06de5c2c348715b5ed575a9c3c6fc9beb689b2794a8cb69955671776611fe
f9c00e20e7d81c5a912b9d25f9bbfdbdb4e61013a07524e21ef507e2b617ffa3
faa985d20fe27d69a0c69e19b1fd5ad6c05b7a3b220e1e687c4d1d946f290597
fb5ad595c1b3df7350cf5f721f8df57d756863396c2dd91e1a88e2688c616b69
fcb2a2d76154a28aee5a1e84fce890f1e5bd8ef41d5a7c8368f1db418409cc83
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
ffc872a3365d1662913f722ca0bd6691c643662b7fd80a0f7e149fd3a0b255d3

108.su Open in urlscan Pro 109.94.209.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

51 %HTTPS

81 %IPv6

15 Domains

20 Subdomains

15 IPs

6 Countries

1373 kBTransfer

2928 kBSize

4 Cookies

17 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

108.su Open in urlscan Pro
109.94.209.55 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

51 %
HTTPS

81 %
IPv6

15
Domains

20
Subdomains

15
IPs

6
Countries

1373 kB
Transfer

2928 kB
Size

4
Cookies

90 HTTP transactions
4 data transactions