chinas-lafa.ru Open in urlscan Pro
185.4.64.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.aliexpress-lafa.ru/
Effective URL:
https://chinas-lafa.ru/
Submission: On February 24 via automatic, source certstream-suspicious (February 24th 2023, 6:34:44 am UTC) — Scanned from DE

Summary HTTP 258 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 28 IPs in 10 countries across 39 domains to perform 258 HTTP transactions. The main IP is 185.4.64.72, located in Moscow, Russian Federation and belongs to RECONN, RU. The main domain is chinas-lafa.ru.
TLS certificate: Issued by R3 on February 20th 2023. Valid for: 3 months.

This is the only time chinas-lafa.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	45.130.41.10 45.130.41.10	198610 (BEGET-AS) (BEGET-AS)
38	185.4.64.72 185.4.64.72	12722 (RECONN) (RECONN)
5	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
5 13	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
35	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1 56	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6 12	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 34	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
3 6	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
12 12	3.127.132.6 3.127.132.6	16509 (AMAZON-02) (AMAZON-02)
4 4	54.170.158.38 54.170.158.38	16509 (AMAZON-02) (AMAZON-02)
5 5	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4 4	52.58.18.234 52.58.18.234	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:81a6:56d8:c5db:8c4d	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:bf42:41f0:18cb:f8e	16509 (AMAZON-02) (AMAZON-02)
4 4	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:400b:802::2003	15169 (GOOGLE) (GOOGLE)
258	28

2 45.130.41.10 (Russian Federation) 2 redirects

ASN198610 (BEGET-AS, RU)

www.aliexpress-lafa.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aliexpress-lafa.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 185.4.64.72 (Moscow, Russian Federation)

ASN12722 (RECONN, RU)
PTR: valletta.coulated.eu

chinas-lafa.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:80d::2004 (Ireland) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 142.250.201.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:19ad (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.127.132.6 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-132-6.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.170.158.38 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-158-38.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.25.185 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.18.234 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-18-234.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (Castricum, Netherlands) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:81a6:56d8:c5db:8c4d (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.142 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:bf42:41f0:18cb:f8e (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.16 (United States) 4 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400b:802::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	1 MB
72	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 262 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184	365 KB
38	chinas-lafa.ru chinas-lafa.ru	513 KB
15	google.com 6 redirects adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	166 KB
12	bidswitch.net 12 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	6 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	483 KB
10	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9427	3 KB
6	tribalfusion.com 3 redirects a.tribalfusion.com — Cisco Umbrella Rank: 741 s.tribalfusion.com — Cisco Umbrella Rank: 1813	3 KB
5	casalemedia.com 5 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	4 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	4 KB
4	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 589	3 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 590	2 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 726	3 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 755 r.turn.com — Cisco Umbrella Rank: 3104	2 KB
4	avct.cloud 4 redirects ads.avct.cloud — Cisco Umbrella Rank: 3607	2 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1367	550 B
3	google.de adservice.google.de — Cisco Umbrella Rank: 8947	818 B
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3674	73 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1218	459 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 510	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 338	960 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6276	909 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	529 B
2	aliexpress-lafa.ru 2 redirects www.aliexpress-lafa.ru aliexpress-lafa.ru	247 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 730	718 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2856	104 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1398	586 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 596	191 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1794	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313	460 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1084	213 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 34240	611 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 782	45 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 957	576 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 459	864 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	603 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
258	39

	Domain	Requested by
56	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
38	chinas-lafa.ru	chinas-lafa.ru
34	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
34	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net chinas-lafa.ru
28	pagead2.googlesyndication.com	chinas-lafa.ru pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
12	x.bidswitch.net	12 redirects
12	www.google.com	6 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
10	www.googletagservices.com	googleads.g.doubleclick.net
10	mc.yandex.com	3 redirects chinas-lafa.ru mc.yandex.ru
7	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
5	ssum-sec.casalemedia.com	5 redirects
5	fonts.googleapis.com	chinas-lafa.ru googleads.g.doubleclick.net
4	ap.lijit.com	4 redirects
4	c1.adform.net	4 redirects
4	pm.w55c.net	4 redirects
4	ads.avct.cloud	4 redirects
3	rtb.openx.net	googleads.g.doubleclick.net
3	s.tribalfusion.com
3	a.tribalfusion.com	3 redirects
3	static.doubleclick.net	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	mc.yandex.ru	2 redirects chinas-lafa.ru
2	sync.teads.tv	1 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	sync.1rx.io	2 redirects
2	r.turn.com
2	ad.turn.com	2 redirects
2	eb2.3lift.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.mathtag.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	aliexpress-lafa.ru	1 redirects
1	www.aliexpress-lafa.ru	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
258	49

This site contains links to these domains. Also see Links.

Domain
dassdg.ru

Subject Issuer	Validity	Valid
chinas-lafa.ru R3	`2023-02-20` - `2023-05-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 37 frames:

Primary Page: https://chinas-lafa.ru/
Frame ID: 09F4FB57F87AC86C46E0FA3270DF6E16
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Frame ID: 5C1867BE00AC15FD2C75473BA28A0374
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&adk=1812271804&adf=3025194257&lmt=1677209797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220478454&bpp=8&bdt=355&idt=132&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4959468025329&frm=20&pv=2&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=184
Frame ID: 233AC072293065D0655178C24EC951D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2764999410&pi=t.aa~a.1647758531~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220478462&bpp=2&bdt=362&idt=186&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JfANqO0JUJ&p=https%3A//chinas-lafa.ru&dtd=191
Frame ID: EBA6991F27F70BEF0A3B4EB208B4483E
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 890FA6D19437027446718EA8B6F0E6F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46
Frame ID: C4A28DC178D641823F012F27AE4E8353
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280&nras=4&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kGhHceSCIg&p=https%3A//chinas-lafa.ru&dtd=50
Frame ID: 83A4E95BA0B0B4AD8875126F045B5B19
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=2658960439&pi=t.aa~a.639411702~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600&nras=5&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=2255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tx2oW9WzKp&p=https%3A//chinas-lafa.ru&dtd=53
Frame ID: 1A32AD9C90C16B833AF5BC30819DD886
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2989839523&adf=1330659970&pi=t.aa~a.390569361~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280&nras=6&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=2555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=uiGwheCI50&p=https%3A//chinas-lafa.ru&dtd=57
Frame ID: 19E949D778029DFD1CA34C7180DECD03
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=100&adk=768325812&adf=181015100&pi=t.aa~a.296243527~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x100&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280%2C345x280&nras=7&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=3921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=CYtyFeUqQj&p=https%3A//chinas-lafa.ru&dtd=63
Frame ID: 2A1ECC7079923C91A3BDA9D492755E1F
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=100&adk=3759327024&adf=4215032199&pi=t.aa~a.77755794~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x100&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=0&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280%2C345x280%2C700x100&nras=8&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=4041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=FXufvqJrtd&p=https%3A//chinas-lafa.ru&dtd=69
Frame ID: 786362A2D331A4C8209F9474615A0BCA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6D6B58F3F216F252FBF90A6F1E2E4CDE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0FECFAB57D6D8E5EDA9A6C6AF0DDEC9E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 104B299D1F7C1A6E7096A02A5FBE1594
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8C21AAB2F49BE30981A2CF1AE9FD3308
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3E71BA6C0AF7514227879C48F993640
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 0C88E51F1327352D2129C550CF2DB15E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 60666A1EFB666101AEF8A9811DBB8C1B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 641F0D1EABA2E9EF0D8BDBEB8C633FDB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EDDAA33694505D29C7E9CED492E83565
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6C316E4F82547988C9E45BB2C9E7FD55
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A40DE41C1D4EF471F63C193B432C1CA3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CAE584680D27A86167E1153000284FF2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FDB7192B1E64298FF364F30CBC52C602
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 75F30FC50E6D2E5C2450D8D467942D2A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B155FD88F62EB2A42360CDB5D343C6ED
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2262C60CA405A0EDA95441FC93C39BAB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C920397838E43807B367EDF8443E20A6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BE7D1C70EC72A961F54CD442127E97BF
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5F83CAA21E50BB6B2ABAABB8D6D8A943
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2A17CA7EF31E6D0D3B3AD699C00E5041
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 84250D6F2D3CC21C3EDCBE8C9B131845
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 70145BAE42E23C3B11EB577D3190A5C5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 29BC2111DE4B2A737F9783D4C161E2AB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 67C51D16253D778AC344B587E2286442
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: D9F9CD9886625C5F0F953214989D3FD3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: DB7B5850477D2F6123F050AFF7EE138D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Алиэкспресс на русском — сайт помощи покупателям

Page URL History Show full URLs

https://www.aliexpress-lafa.ru/ HTTP 301
https://chinas-lafa.ru/ Page URL

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

258
Requests

86 %
HTTPS

47 %
IPv6

39
Domains

49
Subdomains

28
IPs

10
Countries

2793 kB
Transfer

6817 kB
Size

44
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://dassdg.ru/index.php?devid=newali2
Title: <img class="aligncenter wp-image-24449 size-full" src="https://chinas-lafa.ru/wp-content/uploads/2020/10/hb305ef3fd434437c8e75007ad24a7529r.png" alt="" width="300" height="209" />

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.aliexpress-lafa.ru/ HTTP 301
https://chinas-lafa.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://aliexpress-lafa.ru/wp-content/uploads/2018/12/backly.png HTTP 301
https://chinas-lafa.ru/wp-content/uploads/2018/12/backly.png

Request Chain 60

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9924.w-y0RxVfOLST9qjnQ4aTjy2-AbEcOulPzNTMifulF5DMs-CuPeSUKRUH7PQAD7Ba.AsTWPDBw4xhn5FdbSpMgpN4qU-0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9924.j1ITzCnvdXJnnRpICUsT7LrYzEFJEyi7S4t5u_mBoyTa3NpM21IcA-7mvzBKcrmwae5kEou0GpFnYkWJxUVzR64mFO2sJYOA5cGczXlCexU%2C.S43fBHBG1v1e-RphmAVcvX-rv48%2C

Request Chain 62

https://mc.yandex.com/watch/61048837?wmode=7&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A800%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1583573584033%3Ahid%3A859821083%3Az%3A0%3Ai%3A20230224063438%3Aet%3A1677220479%3Ac%3A1%3Arn%3A353506357%3Arqn%3A1%3Au%3A1677220479967979705%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A92%2C105%2C103%2C2%2C264%2C0%2C%2C243%2C0%2C%2C%2C%2C861%3Aco%3A0%3Acpf%3A1%3Ans%3A1677220477534%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677220479%3At%3A%D0%90%D0%BB%D0%B8%D1%8D%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%E2%80%94%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%B8%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D0%B5%D0%BB%D1%8F%D0%BC&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/61048837/1?wmode=7&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A800%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1583573584033%3Ahid%3A859821083%3Az%3A0%3Ai%3A20230224063438%3Aet%3A1677220479%3Ac%3A1%3Arn%3A353506357%3Arqn%3A1%3Au%3A1677220479967979705%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A92%2C105%2C103%2C2%2C264%2C0%2C%2C243%2C0%2C%2C%2C%2C861%3Aco%3A0%3Acpf%3A1%3Ans%3A1677220477534%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677220479%3At%3A%D0%90%D0%BB%D0%B8%D1%8D%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%E2%80%94%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%B8%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D0%B5%D0%BB%D1%8F%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 63

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9924.mqBoGkwzFaqIhd87DyXI5ct5q9nG-Y19T-u059cVddSbHSTjYmJUaE2Eaq2snvgm.epuvP7zEQfXG6-6oKGmflywSPIQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9924.ZdXpeg-0IHDqDA4_D9h8iOvAlSj2_Jh1Eir6QKCfdVFMGCopj7bpw7H_VgGZ1M1trqHLtQf-9QdyZrE_kVNYQgJU4rQn8PFOu4IpV6-Etr0%2C.Po-MzRddv5XFU77r1fBNmgDs3pY%2C

Request Chain 110

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbt9T6vQEQsAkYrAIyCE7OJtFQvBYh HTTP 301
https://tpc.googlesyndication.com/simgad/6908947609828019434

Request Chain 208

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOkgvk0Jf_8c2KjWJydunhQ&google_cver=1&google_push=Aa02lx8_rOq7RgmIqqXgcbaeVRXzNZLtyJ2qMBUdh9q4QO1Qx6S5313MhHDKhHoZiY3ZRSUUKbCaVxlPzEyLLfDG9eWoaFr4oh6ZTOQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8_rOq7RgmIqqXgcbaeVRXzNZLtyJ2qMBUdh9q4QO1Qx6S5313MhHDKhHoZiY3ZRSUUKbCaVxlPzEyLLfDG9eWoaFr4oh6ZTOQ

Request Chain 209

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx9eXgWLvUV4SKEubxYPXhkBk_0fdWXUrUn8-c5072zU2pryArs7qr8KwTxcHy-J5uFKEv5_pG4vsMPbA250cxEzcvMKAwuBZA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9eXgWLvUV4SKEubxYPXhkBk_0fdWXUrUn8-c5072zU2pryArs7qr8KwTxcHy-J5uFKEv5_pG4vsMPbA250cxEzcvMKAwuBZA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx9eXgWLvUV4SKEubxYPXhkBk_0fdWXUrUn8-c5072zU2pryArs7qr8KwTxcHy-J5uFKEv5_pG4vsMPbA250cxEzcvMKAwuBZA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9eXgWLvUV4SKEubxYPXhkBk_0fdWXUrUn8-c5072zU2pryArs7qr8KwTxcHy-J5uFKEv5_pG4vsMPbA250cxEzcvMKAwuBZA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 211

https://ads.travelaudience.com/google_pixel?google_gid=CAESELoD1irb_dk20XXxIz7zLFM&google_cver=1&google_push=Aa02lx_aKlwyKR_QDAD5R-I6Mf-B4YUk8BLs0ms9xdivYP5Jh1QpjktPrv0z5q3RrNkwa4CdzvhLxBnvLo4sinMBToDQIl-miTaRccM HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UiqdeEuRSEu3D1iPfIe9kA2&google_push=Aa02lx_aKlwyKR_QDAD5R-I6Mf-B4YUk8BLs0ms9xdivYP5Jh1QpjktPrv0z5q3RrNkwa4CdzvhLxBnvLo4sinMBToDQIl-miTaRccM

Request Chain 212

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHe_dk0wbL66n64WBhG3nKY&google_cver=1&google_push=Aa02lx-XVnMVJ1e32Se30UE24aqoY5gR0masHsWDt5XG0YuGraCE1iewpso1ESQcpnkBB4Z_sjMYPupTi_0vzRf6EHwTfNyb9ApteA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHe_dk0wbL66n64WBhG3nKY&google_cver=1&google_push=Aa02lx-XVnMVJ1e32Se30UE24aqoY5gR0masHsWDt5XG0YuGraCE1iewpso1ESQcpnkBB4Z_sjMYPupTi_0vzRf6EHwTfNyb9ApteA HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=1ecebcc2-88f6-4a7b-9b38-d5ad64ea8eb0&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-AhKcXEHPA1PswZ2FWlzmcCKfUbhT1nORZd5dWr9NKHjWot_M7D9ZACpj7qI8JoZGUSx4bgYCbA4HHqiUCAqch8NHg7dh4_2w&google_hm=oWFWImwsQ9G1y89wCUDVWg==

Request Chain 213

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_cver=1&google_push=Aa02lx9tnjOyZPmB2JpTFBA1HIVnwgBYtyEThIP-aPHcRlJeEH3taULG1JF4K0XAJFtVpMl7EZrCzRKbtKt_OSmsMZ6msQyMG5m2h6g HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_push=Aa02lx9tnjOyZPmB2JpTFBA1HIVnwgBYtyEThIP-aPHcRlJeEH3taULG1JF4K0XAJFtVpMl7EZrCzRKbtKt_OSmsMZ6msQyMG5m2h6g&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_hm=Y_hagKOMubkFQPGA4I22KgAAFBwAAAIB&google_nid=index&google_push=Aa02lx9tnjOyZPmB2JpTFBA1HIVnwgBYtyEThIP-aPHcRlJeEH3taULG1JF4K0XAJFtVpMl7EZrCzRKbtKt_OSmsMZ6msQyMG5m2h6g

Request Chain 214

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEI430HTr_wgjv06k8ls13gg&google_cver=1&google_push=Aa02lx9SOpvBTMDsS9ZhovO-L_0zHU7Y0YeR_j3h2_cPMtR30sUyLKun-eL-5IU_hHb5NSmTx1lcWtjAI1rTOah8bfDwvkDuhwH7IW4 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9SOpvBTMDsS9ZhovO-L_0zHU7Y0YeR_j3h2_cPMtR30sUyLKun-eL-5IU_hHb5NSmTx1lcWtjAI1rTOah8bfDwvkDuhwH7IW4&google_gid=CAESEI430HTr_wgjv06k8ls13gg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMwODIwMjA2OTk5NTkxNzYzOTcxNQ%3D%3D&google_push=Aa02lx9SOpvBTMDsS9ZhovO-L_0zHU7Y0YeR_j3h2_cPMtR30sUyLKun-eL-5IU_hHb5NSmTx1lcWtjAI1rTOah8bfDwvkDuhwH7IW4

Request Chain 216

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEBwGn4qavbHJlML7b2m6i0&google_cver=1&google_push=Aa02lx8Luz-dLmmBMkPk3FiFV9ZAbppafmN2mEXqhkSZdJ1cywBhw3HmRMikGW2PuOUXrS4kZ05h9zhxhNJxDBt0qu0vy1fYgDm6K_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzkzOTUwNTE1Mzg2NjQwNjY5Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBwGn4qavbHJlML7b2m6i0&google_cver=1

Request Chain 217

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cver=1&google_push=Aa02lx-rC6MimcUaCl6ZQ981LFgICJskJ0MD4DS68Y4_PRkL6F42tONpD-P1yqrJMUcifm3usCuu2iEBH69gGoawn1oYOkh8Rm_sgI0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cver=1&google_push=Aa02lx-rC6MimcUaCl6ZQ981LFgICJskJ0MD4DS68Y4_PRkL6F42tONpD-P1yqrJMUcifm3usCuu2iEBH69gGoawn1oYOkh8Rm_sgI0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VXZ5WmxTOHgxUHZyRmU1&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cver=1&google_push=Aa02lx-rC6MimcUaCl6ZQ981LFgICJskJ0MD4DS68Y4_PRkL6F42tONpD-P1yqrJMUcifm3usCuu2iEBH69gGoawn1oYOkh8Rm_sgI0

Request Chain 218

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHe_dk0wbL66n64WBhG3nKY&google_cver=1&google_push=Aa02lx9RPc69HD5XMHVGKMW4MuSDP-g2L0qYG_s5VhopaQWGhwFOJsQHWQSMPBZMo1zf0t01k_rqH004Ei3XKFonN_3YvS5WsWvc4VI HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHe_dk0wbL66n64WBhG3nKY&google_cver=1&google_push=Aa02lx9RPc69HD5XMHVGKMW4MuSDP-g2L0qYG_s5VhopaQWGhwFOJsQHWQSMPBZMo1zf0t01k_rqH004Ei3XKFonN_3YvS5WsWvc4VI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9RPc69HD5XMHVGKMW4MuSDP-g2L0qYG_s5VhopaQWGhwFOJsQHWQSMPBZMo1zf0t01k_rqH004Ei3XKFonN_3YvS5WsWvc4VI&google_hm=oWFWImwsQ9G1y89wCUDVWg==

Request Chain 219

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_cver=1&google_push=Aa02lx94whie_Xt9hLZNJOolST3VnxHGQ2w_KGOvxTzQWlqximIowMhc4a1S2bd_7zNWxmNaNMxly8jwWldrs97P1amNqk2buYAI-w HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_push=Aa02lx94whie_Xt9hLZNJOolST3VnxHGQ2w_KGOvxTzQWlqximIowMhc4a1S2bd_7zNWxmNaNMxly8jwWldrs97P1amNqk2buYAI-w&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_hm=Y_hagKOMubkFQPGA4I22KgAAFBwAAAIB&google_nid=index&google_push=Aa02lx94whie_Xt9hLZNJOolST3VnxHGQ2w_KGOvxTzQWlqximIowMhc4a1S2bd_7zNWxmNaNMxly8jwWldrs97P1amNqk2buYAI-w

Request Chain 220

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOWpxdV4FPkd5zYfCPwozhY&google_cver=1&google_push=Aa02lx86SSeQLnenyQHv-hwMDAhe7VbaEa9YqBqAuMOHC4DJm7LAbQgqjPrAeHnFQ-7hMpBEDOyodzW-a9v4mODwVDg6R3W4hq8cHw HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx86SSeQLnenyQHv-hwMDAhe7VbaEa9YqBqAuMOHC4DJm7LAbQgqjPrAeHnFQ-7hMpBEDOyodzW-a9v4mODwVDg6R3W4hq8cHw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1677220480839 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-54f6fe38-0cde-40a2-85a9-82c705832ccb-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx86SSeQLnenyQHv-hwMDAhe7VbaEa9YqBqAuMOHC4DJm7LAbQgqjPrAeHnFQ-7hMpBEDOyodzW-a9v4mODwVDg6R3W4hq8cHw%26google_hm%3DA1T2_jgM3kCihamCxwWDLMs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx86SSeQLnenyQHv-hwMDAhe7VbaEa9YqBqAuMOHC4DJm7LAbQgqjPrAeHnFQ-7hMpBEDOyodzW-a9v4mODwVDg6R3W4hq8cHw&google_hm=A1T2_jgM3kCihamCxwWDLMs

Request Chain 222

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDC79xGtkN_wB0YLkAPfNAA&google_cver=1&google_push=Aa02lx9jo9uQj6fSUL4MfdAu4todt_RxrXfmmnJ8OuQn5j1Fp9d5KqkpB4p2fkk5s96RBFkpewe2cWob4DhCa_jisGLQZ5Jp-887uxQT HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDC79xGtkN_wB0YLkAPfNAA&google_cver=1&google_push=Aa02lx9jo9uQj6fSUL4MfdAu4todt_RxrXfmmnJ8OuQn5j1Fp9d5KqkpB4p2fkk5s96RBFkpewe2cWob4DhCa_jisGLQZ5Jp-887uxQT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a1615622-6c2c-43d1-b5cb-cf700940d55a&%%GOOGLE_PUSH_PAIR%%

Request Chain 224

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cver=1&google_push=Aa02lx8X9bpFQw7aqEzMvSYxyRSJuI_1olSc2PhtpLinp4SuDoUKe5uiRpY8hW2T7nuWY9t1R92OxwAO-6amtXAhpItisQPFjf2KKw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cver=1&google_push=Aa02lx8X9bpFQw7aqEzMvSYxyRSJuI_1olSc2PhtpLinp4SuDoUKe5uiRpY8hW2T7nuWY9t1R92OxwAO-6amtXAhpItisQPFjf2KKw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VXZ5WmxTOHgxUHZyRmU1&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cver=1&google_push=Aa02lx8X9bpFQw7aqEzMvSYxyRSJuI_1olSc2PhtpLinp4SuDoUKe5uiRpY8hW2T7nuWY9t1R92OxwAO-6amtXAhpItisQPFjf2KKw

Request Chain 225

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx-qbFV_yVd2IZd-evnEIgiahMPYAcLc4xzcWb4WInJKecT_hA0SjH6nDAxVw4aiWhWrsOppZ_dQfeb8QRBdyabU0jEpNdd8N-o&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-qbFV_yVd2IZd-evnEIgiahMPYAcLc4xzcWb4WInJKecT_hA0SjH6nDAxVw4aiWhWrsOppZ_dQfeb8QRBdyabU0jEpNdd8N-o%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx-qbFV_yVd2IZd-evnEIgiahMPYAcLc4xzcWb4WInJKecT_hA0SjH6nDAxVw4aiWhWrsOppZ_dQfeb8QRBdyabU0jEpNdd8N-o&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-qbFV_yVd2IZd-evnEIgiahMPYAcLc4xzcWb4WInJKecT_hA0SjH6nDAxVw4aiWhWrsOppZ_dQfeb8QRBdyabU0jEpNdd8N-o%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 226

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG2ECZEPhyvF1s-wG0okV9k&google_cver=1&google_push=Aa02lx8I0a0eMg59x9dNrRg9_0XEDodIVU9ndkYzN64lQi5Uju27slodQ5In1dDII-H6CNcR5rk1PsImzaFO85KcSO07q4iNpJcPAfk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8I0a0eMg59x9dNrRg9_0XEDodIVU9ndkYzN64lQi5Uju27slodQ5In1dDII-H6CNcR5rk1PsImzaFO85KcSO07q4iNpJcPAfk&google_hm=eS10dHhwZDc1RTJwRUlHa05FMUxEbkltYkptS3pOSWdnd35B

Request Chain 227

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHkwsWVRvpO_zHn0V0jtMA8&google_cver=1&google_push=Aa02lx_hvjlMwyavqZ930Qb-3TeUHncNS_QyLVlPDfRWkK60QM1shTP_OAs3yjQHRNCqJ4NoFWLCL9621fDZYyk0mxJKwY2VGBCBGA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHkwsWVRvpO_zHn0V0jtMA8&google_cver=1&google_push=Aa02lx_hvjlMwyavqZ930Qb-3TeUHncNS_QyLVlPDfRWkK60QM1shTP_OAs3yjQHRNCqJ4NoFWLCL9621fDZYyk0mxJKwY2VGBCBGA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc0MDAzOTMzNTU0MDExMjYzNw&google_push=Aa02lx_hvjlMwyavqZ930Qb-3TeUHncNS_QyLVlPDfRWkK60QM1shTP_OAs3yjQHRNCqJ4NoFWLCL9621fDZYyk0mxJKwY2VGBCBGA

Request Chain 230

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDC79xGtkN_wB0YLkAPfNAA&google_cver=1&google_push=Aa02lx_5-4E98bt20zcpiLCP6p0sxP6E210Z2bUijj4WOd1BW0smtsNfdUO5miBKitcWfpff4De-gViwhds5SmGVaRHz1qgpFTNOcRlN HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDC79xGtkN_wB0YLkAPfNAA&google_cver=1&google_push=Aa02lx_5-4E98bt20zcpiLCP6p0sxP6E210Z2bUijj4WOd1BW0smtsNfdUO5miBKitcWfpff4De-gViwhds5SmGVaRHz1qgpFTNOcRlN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a1615622-6c2c-43d1-b5cb-cf700940d55a&%%GOOGLE_PUSH_PAIR%%

Request Chain 232

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 235

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 236

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 239

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECC3KwkkJ2tHSNIjr06OZi0&google_cver=1&google_push=Aa02lx_gqkeiaBSFjd96xpUvCobQHq27pO9f9tQrtiAatcOxELqZGEihkNnOWziTu3qsFIvGcCYJVHH7Kf0Be9wCcRfiXcrP0_TNVGw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_gqkeiaBSFjd96xpUvCobQHq27pO9f9tQrtiAatcOxELqZGEihkNnOWziTu3qsFIvGcCYJVHH7Kf0Be9wCcRfiXcrP0_TNVGw&google_hm=PWqw4XaxRj67mDoPa0-XBAQ

Request Chain 240

https://ads.travelaudience.com/google_pixel?google_gid=CAESELoD1irb_dk20XXxIz7zLFM&google_cver=1&google_push=Aa02lx8rGlfqjvYL7s3QRZjWyZyoFaH609ygId54fV-rVDZzTSylCD1Gt5sqGXj1p0TBFn_QkAosnUAsOXLcRvV_1v3W1PxknT3crgw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UiqdeEuRSEu3D1iPfIe9kA2&google_push=Aa02lx8rGlfqjvYL7s3QRZjWyZyoFaH609ygId54fV-rVDZzTSylCD1Gt5sqGXj1p0TBFn_QkAosnUAsOXLcRvV_1v3W1PxknT3crgw

Request Chain 241

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHe_dk0wbL66n64WBhG3nKY&google_cver=1&google_push=Aa02lx-AhKcXEHPA1PswZ2FWlzmcCKfUbhT1nORZd5dWr9NKHjWot_M7D9ZACpj7qI8JoZGUSx4bgYCbA4HHqiUCAqch8NHg7dh4_2w HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHe_dk0wbL66n64WBhG3nKY&google_cver=1&google_push=Aa02lx-AhKcXEHPA1PswZ2FWlzmcCKfUbhT1nORZd5dWr9NKHjWot_M7D9ZACpj7qI8JoZGUSx4bgYCbA4HHqiUCAqch8NHg7dh4_2w HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=1ecebcc2-88f6-4a7b-9b38-d5ad64ea8eb0&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-AhKcXEHPA1PswZ2FWlzmcCKfUbhT1nORZd5dWr9NKHjWot_M7D9ZACpj7qI8JoZGUSx4bgYCbA4HHqiUCAqch8NHg7dh4_2w&google_hm=oWFWImwsQ9G1y89wCUDVWg==

Request Chain 243

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECzeVPIb6_xk-XGaRW1jrp4&google_cver=1&google_push=Aa02lx_xtLCcaKD1NBfAzoyQuk846Ph-fNjeB2xzanjItxMgefqCw6nFMopZ8ZBvsMpZmhf1XSrTpRvWWs-avLBBq8YmJVLZ67AHdQ0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVJNVJQTlMtMy0zNzhO&google_push=Aa02lx_xtLCcaKD1NBfAzoyQuk846Ph-fNjeB2xzanjItxMgefqCw6nFMopZ8ZBvsMpZmhf1XSrTpRvWWs-avLBBq8YmJVLZ67AHdQ0

Request Chain 245

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGGtPXoZFLhtTTHlxCRwHNg&google_cver=1&google_push=Aa02lx_HXHpWwiqGO3sHRo9n0pSi0QZDYNrwizQAuEkI78CPruS9y7DjgCH2GvUGjOZrxdJSaoZIfUH4dieobYnQouV-9A0kjaqEmH4 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGGtPXoZFLhtTTHlxCRwHNg&google_cver=1&google_push=Aa02lx_HXHpWwiqGO3sHRo9n0pSi0QZDYNrwizQAuEkI78CPruS9y7DjgCH2GvUGjOZrxdJSaoZIfUH4dieobYnQouV-9A0kjaqEmH4&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_HXHpWwiqGO3sHRo9n0pSi0QZDYNrwizQAuEkI78CPruS9y7DjgCH2GvUGjOZrxdJSaoZIfUH4dieobYnQouV-9A0kjaqEmH4&google_hm=GNXKrGZHqP8NGS8zS2CKDJ-b

Request Chain 249

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPuJUSLNfSfN2ICX8aiRMHc&google_cver=1&google_push=Aa02lx_5duvLKuPgFyqZ_wBZM6kl8UEmFUEqlY9ZP8Zx-razJgkM2XQ3RYwr7WFpjPZOwd5jQFe9Soe5Kuigz-MhJxVqSUvY4Ztlfg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMzYwNzEwOTgwMjg1MDQ0NQ%3D%3D&google_push=Aa02lx_5duvLKuPgFyqZ_wBZM6kl8UEmFUEqlY9ZP8Zx-razJgkM2XQ3RYwr7WFpjPZOwd5jQFe9Soe5Kuigz-MhJxVqSUvY4Ztlfg

Request Chain 250

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG2ECZEPhyvF1s-wG0okV9k&google_cver=1&google_push=Aa02lx_O4oXu3gculHYjSTDRpkDoi96cX7H0qbAhKcupM7SAzsj52f2vt1E6xfJcu7dFao1jmQ6LLZvsAH8lWNM4r_vhIKbd3vkvzwM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_O4oXu3gculHYjSTDRpkDoi96cX7H0qbAhKcupM7SAzsj52f2vt1E6xfJcu7dFao1jmQ6LLZvsAH8lWNM4r_vhIKbd3vkvzwM&google_hm=eS1CbTBJRS4xRTJwRnlOVUhyX1h5U0hmWlE1NmFLSWFUcH5B

Request Chain 251

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHkwsWVRvpO_zHn0V0jtMA8&google_cver=1&google_push=Aa02lx_ZHGxue4Za9fmpHVMEeZFJZpS_s3F2RWFkSYb-qoVPlJiFXVMqowk4PBDiIqTwSACzZJTA-7QtbiwWxQeFaTJ6sh27RclHNHg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHkwsWVRvpO_zHn0V0jtMA8&google_cver=1&google_push=Aa02lx_ZHGxue4Za9fmpHVMEeZFJZpS_s3F2RWFkSYb-qoVPlJiFXVMqowk4PBDiIqTwSACzZJTA-7QtbiwWxQeFaTJ6sh27RclHNHg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxOTgyNTU1MjY0MjgzNzc3Ng&google_push=Aa02lx_ZHGxue4Za9fmpHVMEeZFJZpS_s3F2RWFkSYb-qoVPlJiFXVMqowk4PBDiIqTwSACzZJTA-7QtbiwWxQeFaTJ6sh27RclHNHg

Request Chain 253

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_cver=1&google_push=Aa02lx_Z_VHp3q7fklhxiAl5CucITvnEslapAtGq-vSOFwzhD70_x7x_JDcG38Qkdj17yiGYqvd9eqKyYcEiPwTNiUdWW62mNEDnNQk HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_hm=Y_hagKOMubkFQPGA4I22KgAAFBwAAAIB&google_nid=index&google_push=Aa02lx_Z_VHp3q7fklhxiAl5CucITvnEslapAtGq-vSOFwzhD70_x7x_JDcG38Qkdj17yiGYqvd9eqKyYcEiPwTNiUdWW62mNEDnNQk

Request Chain 254

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGGtPXoZFLhtTTHlxCRwHNg&google_cver=1&google_push=Aa02lx-ZqY8FR_FewFnF1_fFAaj8uByQQYypJfToLfA_7y2eJvtCDAwnwzL_EWwU-v2O_ZSj-RF0t2X9CltFk6hMoAWOl-eg5wi7IYE HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGGtPXoZFLhtTTHlxCRwHNg&google_cver=1&google_push=Aa02lx-ZqY8FR_FewFnF1_fFAaj8uByQQYypJfToLfA_7y2eJvtCDAwnwzL_EWwU-v2O_ZSj-RF0t2X9CltFk6hMoAWOl-eg5wi7IYE&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-ZqY8FR_FewFnF1_fFAaj8uByQQYypJfToLfA_7y2eJvtCDAwnwzL_EWwU-v2O_ZSj-RF0t2X9CltFk6hMoAWOl-eg5wi7IYE&google_hm=GNXKrGZHqP8NGS8zS2CKDJ-b

Request Chain 257

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 259

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEBwGn4qavbHJlML7b2m6i0&google_cver=1&google_push=Aa02lx9gCjw6_e6Td8CAWkLsdVPSgWx38s-v4b2b3BB61y9xAYHf2lDtldqXK5qK7jQsoXceip5R5Lf8ohupTCgBsLHYuxWtwor__qQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzkzOTUwNTE1Mzg2NjQwNjY5Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBwGn4qavbHJlML7b2m6i0&google_cver=1

Request Chain 261

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx_KsQkbgDtICD3djjPO-GID9dU6HFy05YOFi1ho7YuBm0LqioMHhk8rqKsRzZzfMcYRThiv9r0G9mxIzEuK_ZIV2KzSlWCn5Do&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_KsQkbgDtICD3djjPO-GID9dU6HFy05YOFi1ho7YuBm0LqioMHhk8rqKsRzZzfMcYRThiv9r0G9mxIzEuK_ZIV2KzSlWCn5Do%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx_KsQkbgDtICD3djjPO-GID9dU6HFy05YOFi1ho7YuBm0LqioMHhk8rqKsRzZzfMcYRThiv9r0G9mxIzEuK_ZIV2KzSlWCn5Do&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_KsQkbgDtICD3djjPO-GID9dU6HFy05YOFi1ho7YuBm0LqioMHhk8rqKsRzZzfMcYRThiv9r0G9mxIzEuK_ZIV2KzSlWCn5Do%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 262

https://um.simpli.fi/gp_match?google_gid=CAESEPOV1_Seh1zh33rNgPSGa5o&google_cver=1&google_push=Aa02lx_wqI61Uz6m_8nNjsGELO77oKezkhhUbs09cKkg828BV8rEV1KYMywT9s59gn12wn3slIngzMF_VjGVZTndTPOo9z9pH82NpjM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92B3FC199DBE4B5C9CC9C79B374EDEA4&google_push=Aa02lx_wqI61Uz6m_8nNjsGELO77oKezkhhUbs09cKkg828BV8rEV1KYMywT9s59gn12wn3slIngzMF_VjGVZTndTPOo9z9pH82NpjM

Request Chain 265

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBJwvdaHY-jMzOmRNWiD_uw&google_cver=1&google_push=Aa02lx_aF6E4SYIfO-NWXwet89MdIjn93-qi1no8U8TcFjwOW9655E9ACIFJYbOJEwEOmFwkYj8GCanotVKh1n9XFTzaVA-Rut8UfgA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_aF6E4SYIfO-NWXwet89MdIjn93-qi1no8U8TcFjwOW9655E9ACIFJYbOJEwEOmFwkYj8GCanotVKh1n9XFTzaVA-Rut8UfgA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 267

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 269

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

258 HTTP transactions
22 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
chinas-lafa.ru/
Redirect Chain

https://www.aliexpress-lafa.ru/
https://chinas-lafa.ru/

116 KB
19 KB

300ms
104ms

Document
text/html

185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 680382ba4a666b07a80a8cb7b953778b10434cf8445f9584bd67e7265843b069

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 06:34:37 GMT
last-modified: Fri, 24 Feb 2023 03:36:37 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 317
content-type: text/html; charset=iso-8859-1
date: Fri, 24 Feb 2023 06:34:37 GMT
location: https://chinas-lafa.ru/
server: nginx-reuseport/1.21.1

GET
H2 200 wc-blocks-vendors-style-5879503df6db87473470b138e49fcc23.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 10 KB
2 KB 53ms
47ms Stylesheet
text/css 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style-5879503df6db87473470b138e49fcc23.css
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 4a25eb6972f4a513da7ead5d8c0f74832ed42b1ae5e1f13ed3ea36f0865a59c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:37 GMT
content-encoding: gzip
last-modified: Thu, 26 Jan 2023 15:15:12 GMT
server: nginx
etag: W/"63d29900-28c3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wc-blocks-style-5b82df54451145d470af4e7c2a8548fa.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 239 KB
24 KB 66ms
60ms Stylesheet
text/css 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style-5b82df54451145d470af4e7c2a8548fa.css
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 9cab18dfde5e759ec0150d15909fed33098e3998dbdb6c6c3f2e680eaf42a236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:37 GMT
content-encoding: gzip
last-modified: Thu, 26 Jan 2023 15:15:12 GMT
server: nginx
etag: W/"63d29900-3ba31"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 classic-themes.min.css
chinas-lafa.ru/wp-includes/css/ 217 B
391 B 67ms
60ms Stylesheet
text/css 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-includes/css/classic-themes.min.css
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:37 GMT
last-modified: Sat, 14 Jan 2023 05:35:59 GMT
server: nginx
etag: "63c23f3f-d9"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 217
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles-6b41df7c82e49d100abdba2f1bceb370.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 67ms
61ms Stylesheet
text/css 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/styles-6b41df7c82e49d100abdba2f1bceb370.css
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 76ae9cfefc587779be483adfc76d0d3406e5bcef31c2005dac224bd5e1079841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:37 GMT
content-encoding: gzip
last-modified: Thu, 26 Jan 2023 15:15:12 GMT
server: nginx
etag: W/"63d29900-8f8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 styles.min.css
chinas-lafa.ru/wp-content/plugins/expert-review/assets/public/css/ 100 KB
10 KB 111ms
105ms Stylesheet
text/css 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/plugins/expert-review/assets/public/css/styles.min.css
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: a980b0b6b4b4f9cfdb443b03cc7d00e2a9ace7bbbb5c3d1bbd1064ec80339a59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:37 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 16:38:41 GMT
server: nginx
etag: W/"6127c391-18fef"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce-layout-d3556967b5f2a3743d20361bd65d4544.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/ 17 KB
3 KB 112ms
107ms Stylesheet
text/css 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-layout-d3556967b5f2a3743d20361bd65d4544.css
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: d1d3bda3abb4a198ac62f317ba910adede1affc22020165d7f2919a46f6c481f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:37 GMT
content-encoding: gzip
last-modified: Thu, 26 Jan 2023 15:15:12 GMT
server: nginx
etag: W/"63d29900-458f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce-smallscreen-831476ff0ea4ff5ecffe89b7180c7688.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/ 7 KB
1 KB 113ms
107ms Stylesheet
text/css 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen-831476ff0ea4ff5ecffe89b7180c7688.css
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 3ddf90d6f5bc7849f1b0840de0475a0506924a1c770f325934f5ea8a87e270a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:37 GMT
content-encoding: gzip
last-modified: Thu, 26 Jan 2023 15:15:12 GMT
server: nginx
etag: W/"63d29900-1b81"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce-6b8fcf5dd8d28739be6aae0448496d31.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/ 62 KB
9 KB 113ms
107ms Stylesheet
text/css 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-6b8fcf5dd8d28739be6aae0448496d31.css
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 4ba56e2af3a3cfc4a267c21e8b77e1e6f5d34b3c663be871eb8b1dd9d4094607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:37 GMT
content-encoding: gzip
last-modified: Thu, 26 Jan 2023 15:15:12 GMT
server: nginx
etag: W/"63d29900-f8fd"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpp-3d9c41dcd095c9b189c9b9db243a4ccd.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/wordpress-popular-posts/assets/css/ 292 B
466 B 113ms
107ms Stylesheet
text/css 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/wordpress-popular-posts/assets/css/wpp-3d9c41dcd095c9b189c9b9db243a4ccd.css
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 6b67b2995f11a31d6c53e0b447c49c7db7e40a771a18eadeb8f8f5720fa78327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:37 GMT
last-modified: Thu, 26 Jan 2023 15:15:12 GMT
server: nginx
etag: "63d29900-124"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 292
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 145ms
60ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Requested by

Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4088c4396769f8eda76e6f28917417d031b5d62da99e90135de61cefa16dfafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:46:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Feb 2023 06:34:38 GMT

GET
H2 200 style.min.css
chinas-lafa.ru/wp-content/themes/root/assets/css/ 163 KB
33 KB 113ms
108ms Stylesheet
text/css 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/themes/root/assets/css/style.min.css
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: bb634caf818dca49be8d3dc845f77ddd0b9b7871f3d3184a0e9a110bb45b8e9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:37 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 06:41:27 GMT
server: nginx
etag: W/"63c24e97-28a9a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app-5b1b611d9890590e817c782ca7274fc4.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/simple-lightbox/client/css/ 230 B
404 B 113ms
108ms Stylesheet
text/css 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/simple-lightbox/client/css/app-5b1b611d9890590e817c782ca7274fc4.css
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: a72972ba5538156db48b6714082da0291d6098067f3d652ca9cc5dcd4ca3485f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
last-modified: Thu, 26 Jan 2023 15:15:12 GMT
server: nginx
etag: "63d29900-e6"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
chinas-lafa.ru/wp-content/plugins/wp-coupons-and-deals/assets/css/dist/ 71 KB
11 KB 113ms
108ms Stylesheet
text/css 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/plugins/wp-coupons-and-deals/assets/css/dist/style.min.css
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 798b29407614413f2456386987e82e4f090d486596674d35e7f163beb9102935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 05:38:58 GMT
server: nginx
etag: W/"63c23ff2-11a9e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
chinas-lafa.ru/wp-content/themes/root_child/ 266 B
440 B 113ms
109ms Stylesheet
text/css 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/themes/root_child/style.css
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 052896930d987cb9c366d2fadbd2e8744cf4d5939d2e947f2047fdb64aabf620

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
last-modified: Sat, 19 Feb 2022 07:31:12 GMT
server: nginx
etag: "62109cc0-10a"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 266
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
chinas-lafa.ru/wp-includes/js/jquery/ 88 KB
30 KB 113ms
109ms Script
application/javascript 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-includes/js/jquery/jquery.min.js
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 05:35:59 GMT
server: nginx
etag: W/"63c23f3f-15e54"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpp.min.js Show response
chinas-lafa.ru/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
2 KB 51ms
47ms Script
application/javascript 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Sat, 17 Sep 2022 17:01:06 GMT
server: nginx
etag: W/"6325fd52-bd7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
chinas-lafa.ru/wp-content/plugins/wp-coupons-and-deals/assets/js/ 31 KB
6 KB 64ms
54ms Script
application/javascript 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/plugins/wp-coupons-and-deals/assets/js/main.js
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 7743f39ddc516c5d0540ce147ac3ba086974ec1dda39ef4fbb87b3a7915fb021

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 05:38:58 GMT
server: nginx
etag: W/"63c23ff2-7cee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome-webfont.ttf
chinas-lafa.ru/wp-content/themes/root/fonts/ 162 KB
162 KB 113ms
109ms Font
application/octet-stream 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/themes/root/fonts/fontawesome-webfont.ttf
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

Referer: https://chinas-lafa.ru/
Origin: https://chinas-lafa.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
last-modified: Sat, 14 Jan 2023 06:41:27 GMT
server: nginx
accept-ranges: bytes
etag: "63c24e97-286ac"
content-length: 165548
content-type: application/octet-stream

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
47 KB 119ms
45ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6b0d87462a59946820841adae9cec0059604e2d6864b91639861a8fa6081224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48145
x-xss-protection: 0
server: cafe
etag: 10889171735870655304
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 06:34:38 GMT

GET
H2 200 fontawesome-webfont.woff2
chinas-lafa.ru/wp-content/themes/root/fonts/ 75 KB
76 KB 112ms
109ms Font
font/woff2 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://chinas-lafa.ru/
Origin: https://chinas-lafa.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
last-modified: Sat, 14 Jan 2023 06:41:27 GMT
server: nginx
accept-ranges: bytes
etag: "63c24e97-12d68"
content-length: 77160
content-type: font/woff2

GET
H2 200 index.js Show response
chinas-lafa.ru/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 64ms
55ms Script
application/javascript 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/plugins/contact-form-7/includes/swv/js/index.js
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 06:30:38 GMT
server: nginx
etag: W/"63c24c0e-2945"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.js Show response
chinas-lafa.ru/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 66ms
57ms Script
application/javascript 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 06:30:38 GMT
server: nginx
etag: W/"63c24c0e-316c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.min.js Show response
chinas-lafa.ru/wp-content/plugins/expert-review/assets/public/js/ 12 KB
4 KB 67ms
58ms Script
application/javascript 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/plugins/expert-review/assets/public/js/scripts.min.js
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 68d17341a90b4af7400a9096afe504bf2d21bf378c5f3e594436dbba105afe84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 16:38:41 GMT
server: nginx
etag: W/"6127c391-2f87"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.blockUI.min.js Show response
chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 67ms
58ms Script
application/javascript 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 05:38:40 GMT
server: nginx
etag: W/"63c23fe0-2521"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js.cookie.min.js Show response
chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
1 KB 67ms
59ms Script
application/javascript 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 05:38:40 GMT
server: nginx
etag: W/"63c23fe0-72a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 woocommerce.min.js Show response
chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
989 B 68ms
59ms Script
application/javascript 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 05:38:40 GMT
server: nginx
etag: W/"63c23fe0-85b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cart-fragments.min.js Show response
chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 68ms
60ms Script
application/javascript 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 05:38:40 GMT
server: nginx
etag: W/"63c23fe0-b7a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.min.js Show response
chinas-lafa.ru/wp-content/themes/root/assets/js/ 7 KB
3 KB 68ms
60ms Script
application/javascript 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/themes/root/assets/js/scripts.min.js
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 06:41:27 GMT
server: nginx
etag: W/"63c24e97-1d5e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 clipboard.min.js Show response
chinas-lafa.ru/wp-includes/js/ 9 KB
3 KB 68ms
61ms Script
application/javascript 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-includes/js/clipboard.min.js
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 700c8bd73d93522ca53cdc35e2a71e96caf7c344bc7a8391f3af90c10b917033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Sat, 14 Jan 2023 05:35:59 GMT
server: nginx
etag: W/"63c23f3f-2331"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazyload.min.js Show response
chinas-lafa.ru/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/ 5 KB
2 KB 69ms
61ms Script
application/javascript 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
last-modified: Sat, 17 Jul 2021 07:07:59 GMT
server: nginx
etag: W/"60f281cf-15d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1259e384f61c72a215e1c9b25c3cbc9d42d98c7ac4cb2fb290fc34ab6cc58bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43f9c247438df69c6c2bc91f8267dde1862558c1032a04148838e324fb42f7e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

backly.png
chinas-lafa.ru/wp-content/uploads/2018/12/
Redirect Chain

https://aliexpress-lafa.ru/wp-content/uploads/2018/12/backly.png
https://chinas-lafa.ru/wp-content/uploads/2018/12/backly.png

8 KB
8 KB

53ms
52ms

Image
image/png

185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chinas-lafa.ru/wp-content/uploads/2018/12/backly.png
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 18d776fb6668d0ef688694a98545815994f4308db2cd10a7ea1649de0dc28f35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
last-modified: Mon, 16 Mar 2020 11:18:27 GMT
server: nginx
etag: "5e6f6083-20a7"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8359
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://chinas-lafa.ru/wp-content/uploads/2018/12/backly.png
date: Fri, 24 Feb 2023 06:34:38 GMT
server: nginx-reuseport/1.21.1
content-length: 350
content-type: text/html; charset=iso-8859-1

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 85ms
35ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chinas-lafa.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:23:53 GMT
x-content-type-options: nosniff
age: 137445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 16:23:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 70ms
20ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chinas-lafa.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 599310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 08:06:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 73ms
23ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chinas-lafa.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 59342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 14:05:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 76ms
37ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chinas-lafa.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 01:23:47 GMT
x-content-type-options: nosniff
age: 191451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:23:47 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7be2fc598e2bb1478e0800c4af94de1811ce909e79b9ef67324b51843073aafb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ae732203f63d8eec2a0f935869470b71b5644926c8d13d898ec7dd109918dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 224ms
103ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63f47caa-11fef"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73711
expires: Fri, 24 Feb 2023 07:34:38 GMT

GET
DATA 200
OK truncated
/ 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 966 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d6b8ecb2f70ad50610c2956c63e8b068d64b18b39ab2d3736fa5a81c8a2cac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 541 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cc98d8e92a98749ce2cc2ecfd5cba57cdffa8e04048f66785646ddd3a2d6f75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2c52a5a147e63e95afb2e063a0af8dc27e920bb027b2b8b1ffe1867bc8fb5b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 / Show response
chinas-lafa.ru/ 260 B
405 B 239ms
239ms XHR
application/json 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to

Full URL: https://chinas-lafa.ru/?wc-ajax=get_refreshed_fragments
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 307a4591edefbe1dc23df1c2e891454e4e908b771d881f6cc3e19c54942bf575

Request headers

Accept: */*
Referer: https://chinas-lafa.ru/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 LafaLogo-e1546191454950.png
chinas-lafa.ru/wp-content/uploads/2018/12/ 2 KB
2 KB 50ms
50ms Image
image/png 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chinas-lafa.ru/wp-content/uploads/2018/12/LafaLogo-e1546191454950.png
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: a10283381ca468005bdfb498c8ee591c121f8b64a93eade5fdb762ca2ad8bd80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
last-modified: Mon, 16 Mar 2020 11:18:27 GMT
server: nginx
etag: "5e6f6083-653"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1619
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 screenshot_3-330x140.png
chinas-lafa.ru/wp-content/uploads/2021/10/ 27 KB
27 KB 52ms
52ms Image
image/png 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chinas-lafa.ru/wp-content/uploads/2021/10/screenshot_3-330x140.png
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 780d7ba204df4bf6e7eeac03ffd0c7520ee2113aa39fdd521f03c4909f8ff200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
last-modified: Thu, 28 Oct 2021 05:47:02 GMT
server: nginx
etag: "617a3956-6c1b"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 27675
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 screenshot_3-330x140.png
chinas-lafa.ru/wp-content/uploads/2021/08/ 22 KB
22 KB 54ms
51ms Image
image/png 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chinas-lafa.ru/wp-content/uploads/2021/08/screenshot_3-330x140.png
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 2b47ce393ee927d93c3f2f7294f5b467e8662cba5c61e98f91761b96764b3c9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
last-modified: Fri, 20 Aug 2021 13:57:08 GMT
server: nginx
etag: "611fb4b4-5787"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 22407
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 meyzu-330x140.jpg
chinas-lafa.ru/wp-content/uploads/2021/04/ 4 KB
4 KB 56ms
53ms Image
image/jpeg 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chinas-lafa.ru/wp-content/uploads/2021/04/meyzu-330x140.jpg
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 0e01cb2c163c8cca3deba719e4e5620244fd231cb641a2f6fb787e2201c91f9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
last-modified: Tue, 13 Apr 2021 14:28:08 GMT
server: nginx
etag: "6075aa78-1112"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4370
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dooling-330x140.jpg
chinas-lafa.ru/wp-content/uploads/2021/04/ 5 KB
5 KB 57ms
54ms Image
image/jpeg 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chinas-lafa.ru/wp-content/uploads/2021/04/dooling-330x140.jpg
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: f4bf6742a3b2dbbbbbb39be2ce47b2940ae05774099b714911e2d57f5dba857e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
last-modified: Tue, 13 Apr 2021 13:57:50 GMT
server: nginx
etag: "6075a35e-138b"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5003
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Markery-shop5575131-store-330x140.jpg
chinas-lafa.ru/wp-content/uploads/2021/03/ 19 KB
19 KB 56ms
55ms Image
image/jpeg 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chinas-lafa.ru/wp-content/uploads/2021/03/Markery-shop5575131-store-330x140.jpg
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 986c8a6074a6717f62e027cb56a312c44b713d8d2b1d6e8572ba093b790ea3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
last-modified: Sun, 28 Mar 2021 09:06:18 GMT
server: nginx
etag: "6060470a-4bf5"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 19445
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bobot-330x140.jpg
chinas-lafa.ru/wp-content/uploads/2021/04/ 9 KB
9 KB 57ms
56ms Image
image/jpeg 185.4.64.72
RECONN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chinas-lafa.ru/wp-content/uploads/2021/04/bobot-330x140.jpg
Requested by: Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS: valletta.coulated.eu
Software: nginx /
Resource Hash: 9ce833bc46f70606effbdcbe468c005d00d546f0b51e5fc5c6b2089ba3fed3ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
last-modified: Sun, 04 Apr 2021 08:40:37 GMT
server: nginx
etag: "60697b85-22ac"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8876
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/ 360 KB
119 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961121494812113&plah=chinas-lafa.ru&bust=31072532

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddf559016e28457565a4dee9108615bda3146b36aa6454b036d68f38038e13ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121305
x-xss-protection: 0
server: cafe
etag: 13881426421412459716
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 06:34:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame 5C18 10 KB
5 KB 65ms
22ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 23:28:01 GMT
etag: 10353107486223812946
expires: Thu, 09 Mar 2023 23:28:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
603 B 75ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=chinas-lafa.ru&callback=_gfp_s_&client=ca-pub-5961121494812113

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961121494812113&plah=chinas-lafa.ru&bust=31072532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

836cb4944060809bb3f884d997618fb770646deef2344405a9e0a9db78c921cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 86ms
24ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=chinas-lafa.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 133ms
52ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=chinas-lafa.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 233A 425 KB
71 KB 923ms
919ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&adk=1812271804&adf=3025194257&lmt=1677209797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220478454&bpp=8&bdt=355&idt=132&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4959468025329&frm=20&pv=2&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=184

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0f01328cdf0537c6948fee3df7a58a6b9c090548d54ce3e351abc338531bdba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 72177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:39 GMT
expires: Fri, 24 Feb 2023 06:34:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EBA6 93 KB
33 KB 519ms
517ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2764999410&pi=t.aa~a.1647758531~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220478462&bpp=2&bdt=362&idt=186&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JfANqO0JUJ&p=https%3A//chinas-lafa.ru&dtd=191

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fe224a662fd4befb593ee367d9c46a54af297cf5c6419fe3a8eac5e1607922a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33993
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:39 GMT
expires: Fri, 24 Feb 2023 06:34:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9924.w-y0RxVfOLST9qjnQ4aTjy2-AbEcOulPzNTMifulF5DMs-CuPeSUKRUH7PQAD7Ba.AsTWPDBw4xhn5FdbSpMgpN4qU-0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9924.j1ITzCnvdXJnnRpICUsT7LrYzEFJEyi7S4t5u_mBoyTa3NpM21IcA-7mvzBKcrmwae5kEou0GpFnYkWJxUVzR64mFO2sJYOA5cGczXlCexU%2C.S43fBHBG1v1e-RphmAVcvX-rv48%2C

43 B
67 B

55ms
55ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9924.j1ITzCnvdXJnnRpICUsT7LrYzEFJEyi7S4t5u_mBoyTa3NpM21IcA-7mvzBKcrmwae5kEou0GpFnYkWJxUVzR64mFO2sJYOA5cGczXlCexU%2C.S43fBHBG1v1e-RphmAVcvX-rv48%2C

Requested by

Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9924.j1ITzCnvdXJnnRpICUsT7LrYzEFJEyi7S4t5u_mBoyTa3NpM21IcA-7mvzBKcrmwae5kEou0GpFnYkWJxUVzR64mFO2sJYOA5cGczXlCexU%2C.S43fBHBG1v1e-RphmAVcvX-rv48%2C
date: Fri, 24 Feb 2023 06:34:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 56ms
52ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:38 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63f47caa-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 24 Feb 2023 07:34:38 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/61048837/
Redirect Chain

https://mc.yandex.com/watch/61048837?wmode=7&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A800%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3A...
https://mc.yandex.com/watch/61048837/1?wmode=7&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A800%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...

454 B
564 B

56ms
56ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61048837/1?wmode=7&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A800%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1583573584033%3Ahid%3A859821083%3Az%3A0%3Ai%3A20230224063438%3Aet%3A1677220479%3Ac%3A1%3Arn%3A353506357%3Arqn%3A1%3Au%3A1677220479967979705%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A92%2C105%2C103%2C2%2C264%2C0%2C%2C243%2C0%2C%2C%2C%2C861%3Aco%3A0%3Acpf%3A1%3Ans%3A1677220477534%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677220479%3At%3A%D0%90%D0%BB%D0%B8%D1%8D%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%E2%80%94%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%B8%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D0%B5%D0%BB%D1%8F%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

27f34c324b28a59932214c2b2c999b9492987a892c2abfadded8b80113f2428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 24-Feb-2023 06:34:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://chinas-lafa.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 454
x-xss-protection: 1; mode=block
expires: Fri, 24-Feb-2023 06:34:38 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:38 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 24-Feb-2023 06:34:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/61048837/1?wmode=7&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A800%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1583573584033%3Ahid%3A859821083%3Az%3A0%3Ai%3A20230224063438%3Aet%3A1677220479%3Ac%3A1%3Arn%3A353506357%3Arqn%3A1%3Au%3A1677220479967979705%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A92%2C105%2C103%2C2%2C264%2C0%2C%2C243%2C0%2C%2C%2C%2C861%3Aco%3A0%3Acpf%3A1%3Ans%3A1677220477534%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677220479%3At%3A%D0%90%D0%BB%D0%B8%D1%8D%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%E2%80%94%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%B8%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D0%B5%D0%BB%D1%8F%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://chinas-lafa.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 24-Feb-2023 06:34:38 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9924.mqBoGkwzFaqIhd87DyXI5ct5q9nG-Y19T-u059cVddSbHSTjYmJUaE2Eaq2snvgm.epuvP7zEQfXG6-6oKGmflywSPIQ%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9924.ZdXpeg-0IHDqDA4_D9h8iOvAlSj2_Jh1Eir6QKCfdVFMGCopj7bpw7H_VgGZ1M1trqHLtQf-9QdyZrE_kVNYQgJU4rQn8PFOu4IpV6-Etr0%2C.Po-MzRddv5XFU77r1f...

43 B
103 B

52ms
52ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9924.ZdXpeg-0IHDqDA4_D9h8iOvAlSj2_Jh1Eir6QKCfdVFMGCopj7bpw7H_VgGZ1M1trqHLtQf-9QdyZrE_kVNYQgJU4rQn8PFOu4IpV6-Etr0%2C.Po-MzRddv5XFU77r1fBNmgDs3pY%2C

Requested by

Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:39 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9924.ZdXpeg-0IHDqDA4_D9h8iOvAlSj2_Jh1Eir6QKCfdVFMGCopj7bpw7H_VgGZ1M1trqHLtQf-9QdyZrE_kVNYQgJU4rQn8PFOu4IpV6-Etr0%2C.Po-MzRddv5XFU77r1fBNmgDs3pY%2C
date: Fri, 24 Feb 2023 06:34:39 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 030db783cd93f01ccad1528166361a91.js Show response
www.gstatic.com/mysidia/ Frame EBA6 9 KB
5 KB 113ms
28ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/030db783cd93f01ccad1528166361a91.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2764999410&pi=t.aa~a.1647758531~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220478462&bpp=2&bdt=362&idt=186&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JfANqO0JUJ&p=https%3A//chinas-lafa.ru&dtd=191

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3deda25f1d4dacb2dcb6291e32e305b3390f6225a657f45ce798101dcfcb9865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4099
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 03:30:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 May 2023 00:53:05 GMT

GET
H2 200 96e6597bbe8feeef4b24492bd7546dfa.js Show response
www.gstatic.com/mysidia/ Frame EBA6 18 KB
8 KB 115ms
31ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/96e6597bbe8feeef4b24492bd7546dfa.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eded262e09382cfeea00c85a3c7275601aefe6f5ed388acd844f6eaae755c424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 03:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7610
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 May 2023 03:28:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EBA6 6 KB
768 B 53ms
52ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 06:34:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Feb 2023 06:34:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame EBA6 2 KB
818 B 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H2 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame EBA6 5 KB
2 KB 113ms
30ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 14:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2003
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 03:30:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 May 2023 14:44:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame EBA6 22 KB
9 KB 64ms
13ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame EBA6 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 21:57:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame EBA6 20 KB
8 KB 66ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBA6 158 KB
49 KB 78ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 06:34:39 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame EBA6 33 KB
14 KB 30ms
28ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 May 2023 19:00:31 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10214501875724676972/ Frame EBA6 37 KB
38 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10214501875724676972/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415fc936b40c1d88bd62cf215a99494b6b53e637c893bafa9dddaf00af1ac08d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 13:18:40 GMT
x-content-type-options: nosniff
age: 494159
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38202
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 02:55:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 18 Feb 2024 13:18:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EBA6 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgaZLflr4Y9nEKY2PjuwP-riImAPOjo_xVe7I_-3YDtuGhsvCARABIPOJwzlglfrwgYwHoAHRtv6bA8gBCakCx4mQ5WfIsT6oAwHIA8sEqgS-AU_QQZCEZexjfyvhrHWPecENAUS9muzNyAT_4lLyVniDWDtb6d0pekRpLm7F8PjcJooFeBqilizVUf5NDMX62zm6OSekQA7G5yvnKP4RDhu3rsIJ2GBFsrlwT8R4Z2uM68RHiBt5sJ6EzrdjxPXCmIvPi57xUPfkXLPcufmQeTPavRGuRSOcIw90aOll5JfspkPkZ-VXanF8sNGzouaTEsJYPJHEztA8_3V1W3kh_jupXyTECDk4_APaU5U_jZzABJuNhoqZApIFBAgEGAGSBQQIBRgEoAYugAeXyYFkqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQhahA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTU5NjExMjE0OTQ4MTIxMTMYAA&sigh=bewlQBLAyKQ&uach_m=[UACH]&cid=CAQSGwDUE5ymuYBY46TVZsGq_nxPzCGz43fapAAjIBgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2764999410&pi=t.aa~a.1647758531~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220478462&bpp=2&bdt=362&idt=186&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JfANqO0JUJ&p=https%3A//chinas-lafa.ru&dtd=191
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Feb 2023 06:34:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Feb 2023 06:34:39 GMT

GET
DATA 200
OK truncated
/ Frame EBA6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 909dac5e5edabf55e2ed41ed1095d57f62f4fe858bff92aabefa428f66c7a7c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EBA6 15 KB
16 KB 17ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 599311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 08:06:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EBA6 15 KB
15 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:09:06 GMT
x-content-type-options: nosniff
age: 26733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 23:09:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EBA6 15 KB
15 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 59343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 14:05:36 GMT

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 890F 36 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 15:31:01 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EBA6 0
20 B 50ms
50ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEmJhbm5lckJXaXRob3V0Qm9keQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAAAcQDAECg0QAyEAAAAAAKCEQDAECg0QCiEAAADAzMwhQDAECg0QDSEAAAAAAAAAADAECg4QHioIMTA5MHgyODAwBAoOEBkqCDEwOTB4MjgwMAQKDRAOIQAAAAAAAAAAMAQKDRAEIQAAAAAA9IRAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAADJAMAQKDRAFIQAAAM3M9IRAMAQKDRAQIQAAAACgvuBAMAQKDRARIQAAAAAARtFAMAQKDRASIQAAAAAAABRAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAAM3MPIZAMAQKDRAUIQAAAACAJ-1AMAQKDRAVIQAAAAAAACZAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAAM3M6IZAMAQKDRAyIQAAAAAwM9M_MAQKDRAzIQAAAAAwM9M_MAQKDRA0IQAAAAAwM9M_MAQKDRA1IQAAAAAwM9M_MAQKDRA2IQAAAAAwM9M_MAQKDRA3IQAAAAAwM9M_MAQKDRA4IQAAAABmZgZAMAQKDRA5IQAAAGZmQoBAMAQKDRA6IQAAAAAAqIBAMAQKDRA7IQAAAGZmOoZAMAQKDRA8IQAAAGZmOoZAMAQKDRA9IQAAAM3MPIZAMAQKDRA-IQAAAGZmeoZAMAQKDRA_IQAAAGZmeoZAMAQKDRBAIQAAAJqZCYdAMAQSGkNObjczWmJGcmYwQ0ZZMkhnd2NkZWh3Q013IhdzY3JlYW0vdGhyb25lX2ltYWdlX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/96e6597bbe8feeef4b24492bd7546dfa.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 75ms
45ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6dd8c1e8f65e0bca37136a958d6149fc72c51458bd36e1a4410f978a5e629dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11299
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/ 150 KB
51 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/reactive_library_fy2021.js?bust=31072532

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40c18132003b04630288fdd1e0ac1dd52032f4d25a4abc084a8d77c5bae2be15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52085
x-xss-protection: 0
server: cafe
etag: 7320899426352065729
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 06:34:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 27ms
25ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=chinas-lafa.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 59ms
58ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=chinas-lafa.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C4A2 82 KB
33 KB 405ms
405ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3f6f509fc0efb4969dea2aa47f4f40fbd1e4b6f0d374fb0bfdbf8c1cc3e18ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 33254
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 83A4 83 KB
33 KB 522ms
521ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280&nras=4&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kGhHceSCIg&p=https%3A//chinas-lafa.ru&dtd=50

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d75cec9493deeb296a86d9bc07b177b53d5ddc829b40e5601e631eab2735dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 33602
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A32 83 KB
33 KB 380ms
379ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=2658960439&pi=t.aa~a.639411702~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600&nras=5&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=2255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tx2oW9WzKp&p=https%3A//chinas-lafa.ru&dtd=53

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1a57b8f005951736ca059f93603c2cd056ac28e3b1b1224ddb0c81b8eebfd7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 33640
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 19E9 83 KB
33 KB 553ms
552ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2989839523&adf=1330659970&pi=t.aa~a.390569361~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280&nras=6&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=2555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=uiGwheCI50&p=https%3A//chinas-lafa.ru&dtd=57

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4a5d9ad906e779edc85421af1d0dfda136d748a4cc3363b045cf6e097af7fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 33634
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A1E 85 KB
33 KB 334ms
334ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=100&adk=768325812&adf=181015100&pi=t.aa~a.296243527~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x100&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280%2C345x280&nras=7&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=3921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=CYtyFeUqQj&p=https%3A//chinas-lafa.ru&dtd=63

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16d565730c530c7fee5d86cc219eee5e8e79cfd5fdeabdd5b677df0e2583805c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 34067
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7863 97 KB
36 KB 349ms
343ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=100&adk=3759327024&adf=4215032199&pi=t.aa~a.77755794~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x100&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=0&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280%2C345x280%2C700x100&nras=8&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=4041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=FXufvqJrtd&p=https%3A//chinas-lafa.ru&dtd=69

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c3d4b722d656d586368bd9a6de018374b9b4db64500f7572f1873266583d447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 36451
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 06:34:39 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 27ms
26ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=chinas-lafa.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 56ms
55ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=chinas-lafa.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 6D6B 10 KB
4 KB 19ms
18ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 04:22:58 GMT
etag: 10353107486223812946
expires: Fri, 10 Mar 2023 04:22:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 0FEC 10 KB
4 KB 20ms
18ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 04:22:58 GMT
etag: 10353107486223812946
expires: Fri, 10 Mar 2023 04:22:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 104B 10 KB
4 KB 18ms
17ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 04:22:58 GMT
etag: 10353107486223812946
expires: Fri, 10 Mar 2023 04:22:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 6D6B 3 KB
601 B 66ms
66ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:39:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Feb 2023 06:34:39 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 6D6B 2 KB
765 B 21ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 6D6B 22 KB
9 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 6D6B 3 KB
1 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 21:57:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 6D6B 20 KB
8 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D6B 158 KB
48 KB 39ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 06:34:39 GMT

GET
H3 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 6D6B 33 KB
14 KB 45ms
41ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 May 2023 19:00:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C21 13 KB
5 KB 18ms
17ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 21:59:36 GMT
expires: Fri, 23 Feb 2024 21:59:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A3E7 783 B
1 KB 154ms
52ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48209aa618644e1312801bc5c9e72b92712d84357106e33420cde02239b6e04e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bKzp7SgcoeoXvxEYrsovMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chinas-lafa.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-bKzp7SgcoeoXvxEYrsovMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
expires: Fri, 24 Feb 2023 06:34:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 28320175799864759_6964399381997030015.png
static.doubleclick.net/dynamic/5/413908956/ Frame 6D6B 7 KB
7 KB 78ms
17ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/413908956/28320175799864759_6964399381997030015.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b8e4b94a3311119c4d0e393f404bd063d03bd8e39f6b0266fc63fbbe63d088b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 15:56:31 GMT
x-content-type-options: nosniff
age: 311888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 11:45:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 15:56:31 GMT

GET
H2 200 17709405692257819613_12833839367074063534.jpeg
static.doubleclick.net/dynamic/5/413908956/ Frame 6D6B 1 KB
1 KB 79ms
20ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/413908956/17709405692257819613_12833839367074063534.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcc94568b8a61838dece8e2d53937032423a6a2114fc6cb1204237bb982754d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:20:33 GMT
x-content-type-options: nosniff
age: 317646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1128
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 14:34:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 14:20:33 GMT

GET
H2 200 17545194470355903327_420488434184544528.gif
static.doubleclick.net/dynamic/5/413908956/ Frame 6D6B 5 KB
5 KB 78ms
19ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/413908956/17545194470355903327_420488434184544528.gif

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b82224c466db6d3255c733ca3f7d4fd02ececc7779cf0831b2f4b53986b5e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 13:13:01 GMT
x-content-type-options: nosniff
age: 321698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4651
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 02:45:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 13:13:01 GMT

GET
H3

200

6908947609828019434
tpc.googlesyndication.com/simgad/ Frame 6D6B
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbt9T6vQEQsAkYrAIyCE7OJtFQvBYh
https://tpc.googlesyndication.com/simgad/6908947609828019434

29 KB
29 KB

26ms
23ms

Image
image/png

2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6908947609828019434

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96ab8cc4f3a7cd925e86b72b10530fc8c427bd053c1a1c858f08d53bc346f592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 08:22:43 GMT
x-content-type-options: nosniff
age: 598316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29464
x-xss-protection: 0
last-modified: Mon, 17 Dec 2018 09:53:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Feb 2024 08:22:43 GMT

Redirect headers

date: Thu, 23 Feb 2023 23:09:04 GMT
x-content-type-options: nosniff
server: cafe
age: 26735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6908947609828019434
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 25 Mar 2023 23:09:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6D6B 0
0 75ms
68ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COJCRflr4Y5CmKZnQ3gOP7IjQCNzTsJVvpKDw28YR267_64g5EAEg84nDOWCV-vCBjAegAdWU_scDyAEJqQLHiZDlZ8ixPqgDAcgDywSqBL4BT9CST_58TYZ8kh6hBqOuIbtYe_9WoNzL-s0Usf74ZyfXReQYKB-LUt0SjrIUtyFdiMr-KSWcFwvoqWSbiJ_7KrT2mAGkKyELP-asScW1OKXLLvvsQLzdvcXpG3w7_dt-DG80AgB3c8QIEtpPy1GEm-9POXmUduLeSJG4fndlOm94vp42nOPfn4sWTHFnP3taABedXicU2AKyGAI6szhfVOGJG2Cxs9IONIXncLt75RJ-LFsV2YjRz3mPztUONMAEgZuy_KQEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7y_qS6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQqdIa0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwuIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNTk2MTEyMTQ5NDgxMjExMxgA&sigh=wRCFBIAk8HI&uach_m=[UACH]&cid=CAQSGwDUE5ymc_SWMHwLG77uVXRetPyowCWCz27P1RgB&template_id=494&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Requested by

Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Feb 2023 06:34:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 0FEC 8 KB
895 B 67ms
62ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:34:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Feb 2023 06:34:39 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 0FEC 2 KB
765 B 29ms
20ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 0FEC 22 KB
9 KB 32ms
23ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 0FEC 3 KB
1 KB 31ms
22ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 21:57:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 0FEC 20 KB
8 KB 32ms
22ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FEC 158 KB
48 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 06:34:39 GMT

GET
H3 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 0FEC 33 KB
14 KB 51ms
42ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 May 2023 19:00:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 104B 6 KB
672 B 72ms
56ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:38:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Feb 2023 06:34:39 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 104B 2 KB
765 B 30ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 104B 22 KB
9 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 104B 3 KB
1 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31052
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 21:57:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 104B 20 KB
8 KB 40ms
25ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 104B 158 KB
48 KB 46ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 06:34:39 GMT

GET
H3 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 104B 33 KB
14 KB 55ms
40ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 May 2023 19:00:31 GMT

GET
DATA 200
OK truncated
/ Frame 6D6B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8075abef2c79145d62d3e523e226d17743dc22249a89e616e22a5ee176f5e978

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C88 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 15:31:01 GMT

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C21 36 KB
14 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 15:31:01 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6484499600694128856/ Frame 0FEC 79 KB
79 KB 17ms
15ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6484499600694128856/14763004658117789537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d2cd43feb045f215d374801b4fc81ed8724dc49ca9d5a3acbc71dd3ad8ffb16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:14:51 GMT
x-content-type-options: nosniff
age: 573589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80402
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 12:07:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Feb 2024 15:14:51 GMT

GET
DATA 200
OK truncated
/ Frame 0FEC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0FEC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0FEC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da47d29db2f58ef01756e137cfc5ed46607546b02f7bd903ea5febd389d5f23c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/6484499600694128856/ Frame 104B 41 KB
41 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6484499600694128856/2076313506083323656

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d548bf2f7211cca05cbaafb6dd37166f432b209e477f744b6a87cdef6dda751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 10:37:40 GMT
x-content-type-options: nosniff
age: 158220
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41533
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 12:07:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 10:37:40 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16775698391400985251/ Frame 104B 3 KB
3 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16775698391400985251/14763004658117789537?w=100&h=100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540c1e5a5531635bb49a761947ce74122c931574934b66ec653b992b48d8d032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 06:35:02 GMT
x-content-type-options: nosniff
age: 604778
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2568
x-xss-protection: 0
last-modified: Wed, 28 Dec 2022 11:19:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Feb 2024 06:35:02 GMT

GET
DATA 200
OK truncated
/ Frame 104B 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 104B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 181ce09bcf6bb9ed9834039cf1b36ff310d524229ef2ef02206dd0bbe3f827ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 6066 36 KB
14 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 15:31:01 GMT

GET
H3 200 3477008370711199073
tpc.googlesyndication.com/daca_images/simgad/ Frame 2A1E 28 KB
28 KB 21ms
20ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3477008370711199073

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=100&adk=768325812&adf=181015100&pi=t.aa~a.296243527~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x100&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280%2C345x280&nras=7&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=3921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=CYtyFeUqQj&p=https%3A//chinas-lafa.ru&dtd=63

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f7bc266de02bed8688ac49dd75942c6dde057d6e18e2d042d8f269d6485721b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:41:33 GMT
x-content-type-options: nosniff
age: 316387
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29135
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:37:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Feb 2024 14:41:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 2A1E 22 KB
9 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 2A1E 3 KB
1 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 21:57:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 2A1E 20 KB
8 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2A1E 0
0 55ms
53ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzre8rMt1kH9kRfH0CEcMe_FkqLv5g7TfzhlokyQTz39r-OKDjq0fWCEhfzvsLML7ufwVd3jbM8zdDClUm8JnYGffKDQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=100&adk=768325812&adf=181015100&pi=t.aa~a.296243527~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x100&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280%2C345x280&nras=7&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=3921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=CYtyFeUqQj&p=https%3A//chinas-lafa.ru&dtd=63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A1E 158 KB
48 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 06:34:40 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 2A1E 33 KB
13 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:41:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0FEC 0
18 B 59ms
59ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CU533flr4Y5GmKZnQ3gOP7IjQCOWU1P9uodbYhbQR-vWPy6kFEAEg84nDOWCV-vCBjAegAcH4tNIDyAEJqQLHiZDlZ8ixPqgDAcgDywSqBMMBT9DZBE7OeanzGy1gZz7fumOs5PAq82wku2GcI4Eiscci0Gk0lWFiRdRbRw5-PMKxR_Amsm3M5XcDHjPI09EAGkBxNrY9nX6_nzMuKhA_As1KXvqobybcfUzW-lC8UsozoqAbtWQCYGsGZZBmIy0pkNkDnOGg3aRuprD6pEyLoW1BrG8VdQMrtpQwCAalhPy4AknGN2gBCHyA6nyia9ZHE_HHdlIJuwyuh-DWKg-USVJbnF1fMbLxkl4tDdDg0qLCGKTdwAS-8fS9rgSSBQQIBBgBkgUECAUYBKAGLoAHp4fLLagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP_WC9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTU5NjExMjE0OTQ4MTIxMTMYAA&sigh=tVx-Dq_NhbI&uach_m=[UACH]&cid=CAQSGwDUE5ymc_SWMHwLG77uVXRetPyowCWCz27P1RgB&template_id=5000&vis=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Feb 2023 06:34:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A3E7 0
0 52ms
51ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=1444586785248371&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 641F 36 KB
14 KB 28ms
16ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 15:31:01 GMT

GET
H3 200 3477008370711199073
tpc.googlesyndication.com/daca_images/simgad/ Frame 7863 28 KB
28 KB 30ms
20ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3477008370711199073

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=100&adk=3759327024&adf=4215032199&pi=t.aa~a.77755794~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x100&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=0&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280%2C345x280%2C700x100&nras=8&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=4041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=FXufvqJrtd&p=https%3A//chinas-lafa.ru&dtd=69

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f7bc266de02bed8688ac49dd75942c6dde057d6e18e2d042d8f269d6485721b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:41:33 GMT
x-content-type-options: nosniff
age: 316387
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29135
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:37:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Feb 2024 14:41:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 7863 22 KB
9 KB 31ms
20ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 7863 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 21:57:07 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 7863 67 B
97 B 20ms
19ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 01:23:49 GMT
x-content-type-options: nosniff
server: cafe
age: 18651
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Sat, 25 Feb 2023 01:23:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 7863 20 KB
8 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7863 158 KB
48 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 06:34:40 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 7863 33 KB
13 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:41:38 GMT

GET
H3 200 4438323775352012982
tpc.googlesyndication.com/daca_images/simgad/ Frame 1A32 87 KB
87 KB 32ms
27ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4438323775352012982

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=2658960439&pi=t.aa~a.639411702~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600&nras=5&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=2255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tx2oW9WzKp&p=https%3A//chinas-lafa.ru&dtd=53

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c27af179861d6270eaafc74f148fde6f47b849331186aa9b8d270a4b3ff638f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:47:40 GMT
x-content-type-options: nosniff
age: 316020
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89497
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:36:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Feb 2024 14:47:40 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 1A32 22 KB
9 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1A32 3 KB
1 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 21:57:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1A32 20 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1A32 0
0 56ms
55ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSayqgFhW6IjetEo3Q9LzW3hPhLUaphCCYtxdu8749RwY-PChhYYq-c1VUQo2M2G5JnjnkIwqAJoiaQPQp0w0yly1H5A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=2658960439&pi=t.aa~a.639411702~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600&nras=5&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=2255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tx2oW9WzKp&p=https%3A//chinas-lafa.ru&dtd=53
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A32 158 KB
48 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 06:34:40 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 1A32 33 KB
13 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:41:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2A1E 0
0 67ms
65ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEU7Vf1r4Y5qfMY-S1fAPldqGkAiotuClbqvEoqSfENvZHhABIPOJwzlglfrwgYwHoAHW-JbVAcgBAqkCLVwf5XDHsT6oAwHIA8kEqgTBAU_Qn8TxJBiqWw4OefKm2P7citvlKdXYERoEQVgNSmO3D_r5P6KvU9tUkX723dd4B_Jzx9yNUoBauQowZ3PaOSzYFQRYjffRJb20xpGCXIu7BhS5NEFnPhwfbmWzw1n-F2XkETF-kbklS8rIpFGdB9679BV6FMldvJS2ISRulfqLuAbc_F4iz-8WHdHjmyqgQIcQK10Z_QpW21-sxAPwqP8Eh5Ngjea8yGOMEyfIdyC-e1Yy1IfflOEAPTk4IgvxgX_ABJfm252BBJIFBAgEGAGSBQQIBRgEoAYCgAecwrcFqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQqbwl0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNTk2MTEyMTQ5NDgxMjExMxgA&sigh=gsw6SHKJFVk&uach_m=[UACH]&cid=CAQSPADUE5ymusZrVTkvXVubBdQOEr5zUArcyLXg5NQwQy5RYBKaVo_ZWbkPCAyR4l65sbX_IZ8oZTsDUUCd6hgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=100&adk=768325812&adf=181015100&pi=t.aa~a.296243527~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x100&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280%2C345x280&nras=7&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=3921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=CYtyFeUqQj&p=https%3A//chinas-lafa.ru&dtd=63
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Feb 2023 06:34:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 104B 0
18 B 59ms
58ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CffO-flr4Y5KmKZnQ3gOP7IjQCOWU1P9uodbYhbQRv7vBuMEJEAEg84nDOWCV-vCBjAegAcH4tNIDyAEJqQLHiZDlZ8ixPqgDAcgDywSqBMABT9BOBXjATKskYc1A3cfQiXzmPFbJEC0xM7bJQwYAreiLsxh7tOYIUl4iK8Tyt2LXYX3qRGYbw4iDN4LQU3XhwTh74vrrP0VuGbHjB2vagXqBthhkF9rK7yYHmJCMgZMXy7NNQqWKaNKTcz0zl2tSaRfqVwH0ZZEMwLTIk0ZtCAr7Wn7eyzxAayv5IGKGQQnhbxLZZzE9yPqYKojK34_vNc_egqz41BhTzahh3MwNe3mmODC2LZ1lvyoHit02O5PgwAS-8fS9rgSSBQQIBBgBkgUECAUYBKAGLoAHp4fLLagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIvgB9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01OTYxMTIxNDk0ODEyMTEzGAA&sigh=jo_uJIIg9dg&uach_m=[UACH]&cid=CAQSGwDUE5ymc_SWMHwLG77uVXRetPyowCWCz27P1RgB&template_id=484&vis=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Feb 2023 06:34:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4438323775352012982
tpc.googlesyndication.com/daca_images/simgad/ Frame C4A2 87 KB
87 KB 16ms
15ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4438323775352012982

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c27af179861d6270eaafc74f148fde6f47b849331186aa9b8d270a4b3ff638f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:47:40 GMT
x-content-type-options: nosniff
age: 316020
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89497
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:36:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Feb 2024 14:47:40 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame C4A2 22 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame C4A2 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 21:57:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame C4A2 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C4A2 0
0 54ms
54ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRItpS4IP1FuK8QAkNdhZTJnXGFWLipgcznuqL8_k4rHyjfC1DBwDAn8OIB0z1R508zWfAHIA7rt8aNXQihR232pNOE0Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4A2 158 KB
48 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 06:34:40 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame C4A2 33 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:41:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7863 0
0 66ms
65ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSwT7f1r4Y7jtMcrJ1fAPlI6LqAWotuClbqvEoqSfENvZHhABIPOJwzlglfrwgYwHoAHW-JbVAcgBAqkCDqtjOsnLsT6oAwHIA8kEqgTAAU_Q6p4nZ4XWJ8WAzI_FLC2zFSr-LOYz1XXUv0WuwbLcTSUoEuoprD8IfUhy-BMc5azwMNugPuwf1PVRjaYFCJuHvxZ05PEmOb14JRdcvdA9ibJYwes3dIWwedpt59fE8-ViMw8QhRYNeqyggAUefV1GtDxokf_kWlqA8qxxMWCKCglypRTmg_EBhReXtnAheDnWPbCF2mDecDJINQwVVEsKDbcyoImlo7CiJ7IK5GXm-_2tDDkzHHxVuyWUpZfbGcAEl-bbnYEEkgUECAQYAZIFBAgFGASgBgKAB5zCtwWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCwi0HSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi01OTYxMTIxNDk0ODEyMTEzGAA&sigh=-Vb1moLpT1Q&uach_m=[UACH]&cid=CAQSPADUE5ymougCPsDkA3pYHht2Uc0i6lSv4lMUJfOsGO1efxq89suGiBd9L2ZOxPJpr9-PJpCpfI4p7IEDIBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=100&adk=3759327024&adf=4215032199&pi=t.aa~a.77755794~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x100&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=0&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280%2C345x280%2C700x100&nras=8&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=4041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=FXufvqJrtd&p=https%3A//chinas-lafa.ru&dtd=69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Feb 2023 06:34:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1A32 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_ai0f1r4Y6P7L8StrASdqaaoB6i24KVuk8WkhboQ2tuV3ucwEAEg84nDOWCV-vCBjAegAdb4ltUByAECqQKD_n03IcmxPqgDAcgDyQSqBMABT9A8nSo7KpK2D_pZcxIV3bWLxbmXJuVxPyXqvgeyhxMWkipbw2qEp26rc0KPMKuKWV9sX-0FAvSeOVVomkPERZT0YVIrvdfAzO-w-GdZtcsAxBtqLhmEKuSmJlw8pyy5cs3zWNr9zwDS0PuSH_LS_286JkeMQdMR6neqNUwvOIozeR8gmWCkPsWTe3ZSCebk20sppFdT4m1euHyoOZBa8ux6l8ttpsgTV_kobdvFDC44vH93L_ESbWA8--kXMIurwAS_5tudgQSSBQQIBBgBkgUECAUYBKAGAoAHnMK3BagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL3bGdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTU5NjExMjE0OTQ4MTIxMTMYAA&sigh=6K3GAg1pFiQ&uach_m=[UACH]&cid=CAQSPADUE5ym5V9-Was346OEhWByQMdnLT_NQ2R_bG2RrLUqjW-pIurUAvPO6RE5dyZLzkJRrPAJX7Em_GcTKRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=2658960439&pi=t.aa~a.639411702~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600&nras=5&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=2255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tx2oW9WzKp&p=https%3A//chinas-lafa.ru&dtd=53
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Feb 2023 06:34:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 10166212230151140203
tpc.googlesyndication.com/daca_images/simgad/ Frame 83A4 68 KB
68 KB 21ms
21ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10166212230151140203

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280&nras=4&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kGhHceSCIg&p=https%3A//chinas-lafa.ru&dtd=50

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39f8043ade55658b1ea29a4590efff9e241767f44e6897c06a74d7a4c9927e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:49:07 GMT
x-content-type-options: nosniff
age: 315933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69320
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:36:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Feb 2024 14:49:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 83A4 22 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 83A4 3 KB
1 KB 25ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 21:57:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 83A4 20 KB
8 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 83A4 0
0 57ms
50ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRE_ZcMokxrFsdV2KYCtrb7lbq1SK5GP4QdFIzuo5zQ6L7Hxuuf-GPQIVBIta7PJgYDQVXKvtOyDe5YPrbPeZXyFhPjqg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280&nras=4&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kGhHceSCIg&p=https%3A//chinas-lafa.ru&dtd=50
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83A4 158 KB
48 KB 76ms
69ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 06:34:40 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 83A4 33 KB
13 KB 25ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:41:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C4A2 0
0 61ms
61ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3cjkf1r4Y7_JL8SNjuwPm6Wz0AKotuClbpPFpIW6ENrbld7nMBABIPOJwzlglfrwgYwHoAHW-JbVAcgBAqkC8Cz-YezHsT6oAwHIA8kEqgTAAU_QWZDkZCFhFMjI7eI8eP5VW0h1LR1JxcVKaKCq-gnWUAzTfa7jbkVuQk-pjlrT7xPSNpv0BDvDCSq0gW0xq8FOEg19CzdeIKUazxI2w8HTmpliJedJWYvGkFmq27OlXru9qRZBl67nZ1FlQ975HGWK44-iOSSf5irCnDbNNIZM6MwZJqgM6SdkJHxIe5n3EGmwNeZ0q2w5j7aTsklIF9W0xniEiETFmlTCeorfGrk5-NwrmN9QV4cwqR_QI6HN2MAEv-bbnYEEkgUECAQYAZIFBAgFGASgBgKAB5zCtwWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC5zjTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi01OTYxMTIxNDk0ODEyMTEzGAA&sigh=TFFsejBdbJ4&uach_m=[UACH]&cid=CAQSPADUE5ymyiQqdoS5R5hk13jk1TUYQ_w5GBqYRwr6OIhw2KpmiKg7_bd5jDSQsUE3TbCUyC5v8U18JGYIhhgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Feb 2023 06:34:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 12773207224866836069
tpc.googlesyndication.com/daca_images/simgad/ Frame 19E9 34 KB
34 KB 19ms
18ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/12773207224866836069

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2989839523&adf=1330659970&pi=t.aa~a.390569361~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280&nras=6&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=2555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=uiGwheCI50&p=https%3A//chinas-lafa.ru&dtd=57

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3297c3e4b6a9930ef832ff00abdcf89d74fbbb14e886541bcdbee2a721ecda46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 14:36:57 GMT
x-content-type-options: nosniff
age: 316663
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34743
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:36:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Feb 2024 14:36:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 19E9 22 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 19E9 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 21:57:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 19E9 20 KB
8 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:59:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 19E9 0
0 67ms
66ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRg3k3iR0J5nsZ4zMBdELIcmPw_3hntH2N6M_8wXo2FPtufNoxyAqeFd9ARt9isYd4kVjyGx3PBD_sUYJ2V3yG5UEoIFA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2989839523&adf=1330659970&pi=t.aa~a.390569361~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280&nras=6&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=2555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=uiGwheCI50&p=https%3A//chinas-lafa.ru&dtd=57
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 19E9 158 KB
48 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 06:34:40 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 19E9 33 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13432
x-xss-protection: 0
server: cafe
etag: 14260516833774306430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 19:41:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 83A4 0
0 64ms
57ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4cMBf1r4Y__EMKuB1fAP-NSH-AyotuClbsPJpIW6ENrbld7nMBABIPOJwzlglfrwgYwHoAHW-JbVAcgBAqkCDqtjOsnLsT6oAwHIA8kEqgTAAU_Qx5fYvCnHFzEtLENTzrcPHpS13xQFddxdQTIc1WvCU0FjndIQG3ytwuHHLdcXvYJcexVPrmDPy_mMzmS5l6-1cv2EZth-hQc6fKAvUDVU7qdHKFsODDXiIUTiProEkAjaGgdiLSlPlCTrNmL2mq4mClxjUpM0tPizazB32YSe_JvNIB8hZfnpG-QB9BSx8os56JIW0B8eJRQYbqzxFjiVx3RunJSp3vaOXfMwW2CbyqdfhiWhD1uuDcNm0tsmFcAEv-bbnYEEkgUECAQYAZIFBAgFGASgBgKAB5zCtwWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCT9VbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi01OTYxMTIxNDk0ODEyMTEzGAA&sigh=Qp96-WvE8ns&uach_m=[UACH]&cid=CAQSPADUE5ym9-cZY3pPqwIiFS1XWiasXzGbKvpvVEuamdMx8h61JKhxky6_xWgDekXUfnuyU1x_M17qWnpuPRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280&nras=4&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kGhHceSCIg&p=https%3A//chinas-lafa.ru&dtd=50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Feb 2023 06:34:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EDDA 143 B
166 B 15ms
14ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=100&adk=768325812&adf=181015100&pi=t.aa~a.296243527~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x100&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280%2C345x280&nras=7&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=3921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=CYtyFeUqQj&p=https%3A//chinas-lafa.ru&dtd=63
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:08:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6C31 1 KB
643 B 21ms
14ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 21:24:38 GMT
etag: 48472445140208031
expires: Fri, 24 Feb 2023 21:24:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A40D 143 B
166 B 17ms
14ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=100&adk=3759327024&adf=4215032199&pi=t.aa~a.77755794~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x100&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=0&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280%2C345x280%2C700x100&nras=8&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=4041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=FXufvqJrtd&p=https%3A//chinas-lafa.ru&dtd=69
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:08:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CAE5 1 KB
643 B 16ms
14ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 21:24:38 GMT
etag: 48472445140208031
expires: Fri, 24 Feb 2023 21:24:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FDB7 143 B
166 B 15ms
14ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=2658960439&pi=t.aa~a.639411702~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600&nras=5&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=2255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tx2oW9WzKp&p=https%3A//chinas-lafa.ru&dtd=53
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:08:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 75F3 1 KB
643 B 15ms
14ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 21:24:38 GMT
etag: 48472445140208031
expires: Fri, 24 Feb 2023 21:24:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2A1E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5324df7294efd98371423ecae3f9e1575a8ed8b2dc4a36840eee6d4d222f789b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 19E9 0
0 68ms
67ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYJ1Sf1r4Y43mMIK81fAPhPikkAGotuClbvu_oqSfENvZHhABIPOJwzlglfrwgYwHoAHW-JbVAcgBAqkCDqtjOsnLsT6oAwHIA8kEqgTAAU_QszyXuIhlb3i3wjMpGlxnaXQL1qZKFElPJDJ5q1wg5FdPVdmsOwIi05clDQjc9YIjNL2VsPxsUGVwB12u7BjX5DpHfxfABBrmd0S21ym6AuOU3yRrA5TfUirJCNNZsXMYY3kaeoO9aHYSS1JG4K392exJiGTx-h0JcgK8bulvLsegVT8gvIF2q54OIMkwiqKsF2MNzuagE8oiiCQUW-r8MA1Y6rgack5lCNGAyZ5e4QSZ-OwgWO-Ld7n730ytHsAEl-bbnYEEkgUECAQYAZIFBAgFGASgBgKAB5zCtwWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCCjX3SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi01OTYxMTIxNDk0ODEyMTEzGAA&sigh=d5KHZHWexMc&uach_m=[UACH]&cid=CAQSPADUE5ymia--vX2WBeKE8lvc_sHalYw4zmSrkC8bbJq2TD7OE6Z0qqB6NX5MZBLh91Ly_riN9Ycok61kkBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2989839523&adf=1330659970&pi=t.aa~a.390569361~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280&nras=6&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=2555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=uiGwheCI50&p=https%3A//chinas-lafa.ru&dtd=57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Feb 2023 06:34:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EBA6 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaHKvRZHJo3BaAFt_4bhD4dpsFbd9fD_2qgUc2aZFvQA3959CxFDLguxoprlZJHCCT0hAjTUM1u2L6lx9mlPyZaGf-wrL8TsQyBPCjF_dR7c6IyTanQjDu-HXTt45XkioOwo5ihw&sai=AMfl-YS7HhXIv92wOLZXh7Sma07-jl4v4ONkb77QKoQIPMiUZvneDzs67_B-UzT4I1XGpEysfK9eDChyz3FY&sig=Cg0ArKJSzLPd2agJi-GcEAE&cid=CAQSGwDUE5ymuYBY46TVZsGq_nxPzCGz43fapAAjIBgB&id=lidar2&mcvt=1128&p=0,0,280,1090&mtos=1128,1128,1128,1128,1128&tos=1128,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2801298807&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677220478655&rpt=734&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1A32 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24f4be3fa933a84ee7ac1a104ae0129dffd2fa250e53e5d583af8dacbdf03414

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7863 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bd38caa52895c7f1edccb2fb7d6961b0ed5b3d8b76a84772cf50b8f1ade358c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B155 143 B
166 B 15ms
14ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:08:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2262 1 KB
643 B 18ms
18ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 21:24:38 GMT
etag: 48472445140208031
expires: Fri, 24 Feb 2023 21:24:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C920 143 B
166 B 18ms
14ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280&nras=4&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kGhHceSCIg&p=https%3A//chinas-lafa.ru&dtd=50
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:08:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BE7D 1 KB
643 B 17ms
15ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 21:24:38 GMT
etag: 48472445140208031
expires: Fri, 24 Feb 2023 21:24:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C4A2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a6d1f046fd17e77a67224a08442170394ed8508f4bccd6a684269957167b76d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 83A4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b64deaed20cb7b592fc5d2b455251529dedf04e333d5d5bdc127d352b4e8b19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F83 143 B
166 B 14ms
14ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2989839523&adf=1330659970&pi=t.aa~a.390569361~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280&nras=6&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=2555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=uiGwheCI50&p=https%3A//chinas-lafa.ru&dtd=57
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:08:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2A17 1 KB
643 B 16ms
14ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 21:24:38 GMT
etag: 48472445140208031
expires: Fri, 24 Feb 2023 21:24:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6C31
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOkgvk0Jf_8c2KjWJydunhQ&google_cver=1&google_push=Aa02lx8_rOq7RgmIqqXgcbaeVRXzNZLtyJ2qMBUdh9q4QO1Qx6S5313MhHDKhHoZiY3ZRSUUKbCaVxlPzEyLLfDG...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8_rOq7RgmIqqXgcbaeVRXzNZLtyJ2qMBUdh9q4QO1Qx6S5313MhHDKhHoZiY3ZRSUUKbCaVxlPzEyLLfDG9eWoaFr4oh6ZTOQ

170 B
232 B

58ms
54ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8_rOq7RgmIqqXgcbaeVRXzNZLtyJ2qMBUdh9q4QO1Qx6S5313MhHDKhHoZiY3ZRSUUKbCaVxlPzEyLLfDG9eWoaFr4oh6ZTOQ

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 24 Feb 2023 06:34:40 GMT
Server: MT3 475 4bd2ccd master cdg-pixel-x29 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8_rOq7RgmIqqXgcbaeVRXzNZLtyJ2qMBUdh9q4QO1Qx6S5313MhHDKhHoZiY3ZRSUUKbCaVxlPzEyLLfDG9eWoaFr4oh6ZTOQ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 24 Feb 2023 06:34:39 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6C31
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx9eXgWLvUV4SKEubxYPXhkBk_0fdWXUrUn8-c5072zU2pryArs7qr8KwTxcHy-J5uFKEv5_pG4vsMPbA250cxEzcvMKAwuBZ...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx9eXgWLvUV4SKEubxYPXhkBk_0fdWXUrUn8-c5072zU2pryArs7qr8KwTxcHy-J5uFKEv5_pG4vsMPbA250cxEzcvMKAwu...

43 B
395 B

179ms
169ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx9eXgWLvUV4SKEubxYPXhkBk_0fdWXUrUn8-c5072zU2pryArs7qr8KwTxcHy-J5uFKEv5_pG4vsMPbA250cxEzcvMKAwuBZA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9eXgWLvUV4SKEubxYPXhkBk_0fdWXUrUn8-c5072zU2pryArs7qr8KwTxcHy-J5uFKEv5_pG4vsMPbA250cxEzcvMKAwuBZA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79e62d46b87091d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 105
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx9eXgWLvUV4SKEubxYPXhkBk_0fdWXUrUn8-c5072zU2pryArs7qr8KwTxcHy-J5uFKEv5_pG4vsMPbA250cxEzcvMKAwuBZA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9eXgWLvUV4SKEubxYPXhkBk_0fdWXUrUn8-c5072zU2pryArs7qr8KwTxcHy-J5uFKEv5_pG4vsMPbA250cxEzcvMKAwuBZA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79e62d451efc91d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6C31 70 B
265 B 106ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENDBYQMjbmIYo3LKHDyOUWE&google_cver=1&google_push=Aa02lx_BbQKw6bHWT0iru2t8Vyw8uiccN2nwpr_dQtxAfAcFYmg792MlDBj5EFVvaDhaL1_KNGWY1SJkUkfYYvJbr-t8QFDuJjkxBMo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=100&adk=768325812&adf=181015100&pi=t.aa~a.296243527~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x100&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280%2C345x280&nras=7&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=3921&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=CYtyFeUqQj&p=https%3A//chinas-lafa.ru&dtd=63
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6C31
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELoD1irb_dk20XXxIz7zLFM&google_cver=1&google_push=Aa02lx_aKlwyKR_QDAD5R-I6Mf-B4YUk8BLs0ms9xdivYP5Jh1QpjktPrv0z5q3RrNkwa4CdzvhLxBnvLo4sinMB...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UiqdeEuRSEu3D1iPfIe9kA2&google_push=Aa02lx_aKlwyKR_QDAD5R-I6Mf-B4YUk8BLs0ms9xdivYP5Jh1QpjktPrv0z5q3RrNkwa4CdzvhLxBnvLo4sinMBToDQIl-miTaRccM

170 B
329 B

54ms
52ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UiqdeEuRSEu3D1iPfIe9kA2&google_push=Aa02lx_aKlwyKR_QDAD5R-I6Mf-B4YUk8BLs0ms9xdivYP5Jh1QpjktPrv0z5q3RrNkwa4CdzvhLxBnvLo4sinMBToDQIl-miTaRccM

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 24 Feb 2023 06:34:40 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UiqdeEuRSEu3D1iPfIe9kA2&google_push=Aa02lx_aKlwyKR_QDAD5R-I6Mf-B4YUk8BLs0ms9xdivYP5Jh1QpjktPrv0z5q3RrNkwa4CdzvhLxBnvLo4sinMBToDQIl-miTaRccM
x-host: tde-deliveryengine-production-cdcfc8b9-m4575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C31
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHe_dk0wbL66n64WBhG3nKY&google_cver=1&google_push=Aa02lx-XVnMVJ1e32Se30UE24aqoY5gR0masHsWDt5XG0YuGraCE1iewpso1ESQcpnkBB4Z_sjMYPupTi_0vzRf6EHwT...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHe_dk0wbL66n64WBhG3nKY&google_cver=1&google_push=Aa02lx-XVnMVJ1e32Se30UE24aqoY5gR0masHsWDt5XG0YuGraCE1iewpso1ESQcpnkBB4Z_sjMYPupTi_0vzR...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=1ecebcc2-88f6-4a7b-9b38-d5ad64ea8eb0&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-AhKcXEHPA1PswZ2FWlzmcCKfUbhT1nORZd5dWr9NKHjWot_M7D9ZACpj7qI8JoZGUSx4bgYCbA4HHqiUCAqch8NHg7dh4_2w&google_hm=oWFWImwsQ9G1y89wCUDV...

170 B
188 B

54ms
54ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-AhKcXEHPA1PswZ2FWlzmcCKfUbhT1nORZd5dWr9NKHjWot_M7D9ZACpj7qI8JoZGUSx4bgYCbA4HHqiUCAqch8NHg7dh4_2w&google_hm=oWFWImwsQ9G1y89wCUDVWg==

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-AhKcXEHPA1PswZ2FWlzmcCKfUbhT1nORZd5dWr9NKHjWot_M7D9ZACpj7qI8JoZGUSx4bgYCbA4HHqiUCAqch8NHg7dh4_2w&google_hm=oWFWImwsQ9G1y89wCUDVWg==
date: Fri, 24 Feb 2023 06:34:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6C31
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_hm=Y_hagKOMubkFQPGA4I22KgAAFBwAAAIB&google_nid=index&google_push=Aa02lx9tnjOyZPmB2JpTFBA1HIVnwgBYtyETh...

170 B
232 B

57ms
54ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_hm=Y_hagKOMubkFQPGA4I22KgAAFBwAAAIB&google_nid=index&google_push=Aa02lx9tnjOyZPmB2JpTFBA1HIVnwgBYtyEThIP-aPHcRlJeEH3taULG1JF4K0XAJFtVpMl7EZrCzRKbtKt_OSmsMZ6msQyMG5m2h6g

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADg8M%2BIwH1%2F615NaaTeHuhoEgP6poMzKr8Aj9hPgFrDyBdigKPn9%2BE4vjbhGxEfZVPx4PXGcoE0QHZhxZDQA%2Fx7pdjHjj1eKyJqVJqEvxxSM0uwEEomPA%2F6EVcHafvpeeKjbKPLtJsxBVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_hm=Y_hagKOMubkFQPGA4I22KgAAFBwAAAIB&google_nid=index&google_push=Aa02lx9tnjOyZPmB2JpTFBA1HIVnwgBYtyEThIP-aPHcRlJeEH3taULG1JF4K0XAJFtVpMl7EZrCzRKbtKt_OSmsMZ6msQyMG5m2h6g
cache-control: no-cache
cf-ray: 79e62d459aad9c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6C31
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEI430HTr_wgjv06k8ls13gg&google_cver=1&google_push=Aa02lx9SOpvBTMDsS9ZhovO-L_0zHU7Y0YeR_j3h2_cPMtR30sUyLKun-eL-5IU_hHb5NSmTx1lcWtjAI1rTOah8bfDwvkDuhw...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9SOpvBTMDsS9ZhovO-L_0zHU7Y0YeR_j3h2_cPMtR30sUyLKun-eL-5IU_hHb5NSmTx1lcWtjAI1rTOah8bfDwvkDuhwH...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMwODIwMjA2OTk5NTkxNzYzOTcxNQ%3D%3D&google_push=Aa02lx9SOpvBTMDsS9ZhovO-L_0zHU7Y0YeR_j3h2_cPMtR30sUyLKun...

170 B
232 B

60ms
54ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMwODIwMjA2OTk5NTkxNzYzOTcxNQ%3D%3D&google_push=Aa02lx9SOpvBTMDsS9ZhovO-L_0zHU7Y0YeR_j3h2_cPMtR30sUyLKun-eL-5IU_hHb5NSmTx1lcWtjAI1rTOah8bfDwvkDuhwH7IW4

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDMwODIwMjA2OTk5NTkxNzYzOTcxNQ%3D%3D&google_push=Aa02lx9SOpvBTMDsS9ZhovO-L_0zHU7Y0YeR_j3h2_cPMtR30sUyLKun-eL-5IU_hHb5NSmTx1lcWtjAI1rTOah8bfDwvkDuhwH7IW4
date: Fri, 24 Feb 2023 06:34:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6C31 0
139 B 146ms
49ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KI0dCLdhGzBwhVuD5lzC_BxXMvfd_aLT8QNdEOznXX3kECw4AjiN8ypoFpqLyS1u-177zS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame CAE5
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEBwGn4qavbHJlML7b2m6i0&google_cver=1&google_push=Aa02lx8Luz-dLmmBMkPk3FiFV9ZAbppafmN2mEXqhkSZdJ1cywBhw3HmRMikGW2PuOUXrS4kZ05h9zhxhNJxDBt0qu0vy1fYgDm6K_M
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzkzOTUwNTE1Mzg2NjQwNjY5Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBwGn4qavbHJlML7b2m6i0&google_cver=1

43 B
398 B

46ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBwGn4qavbHJlML7b2m6i0&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBwGn4qavbHJlML7b2m6i0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CAE5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VXZ5WmxTOHgxUHZyRmU1&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cver=1&google_push=Aa02lx-rC6MimcUaCl6ZQ981LFgICJskJ0MD4DS68Y4_PRk...

170 B
232 B

57ms
53ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VXZ5WmxTOHgxUHZyRmU1&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cver=1&google_push=Aa02lx-rC6MimcUaCl6ZQ981LFgICJskJ0MD4DS68Y4_PRkL6F42tONpD-P1yqrJMUcifm3usCuu2iEBH69gGoawn1oYOkh8Rm_sgI0

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 06:34:40 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-00e9cdd216e437ef6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VXZ5WmxTOHgxUHZyRmU1&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cver=1&google_push=Aa02lx-rC6MimcUaCl6ZQ981LFgICJskJ0MD4DS68Y4_PRkL6F42tONpD-P1yqrJMUcifm3usCuu2iEBH69gGoawn1oYOkh8Rm_sgI0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CAE5
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHe_dk0wbL66n64WBhG3nKY&google_cver=1&google_push=Aa02lx9RPc69HD5XMHVGKMW4MuSDP-g2L0qYG_s5VhopaQWGhwFOJsQHWQSMPBZMo1zf0t01k_rqH004Ei3XKFonN_3Y...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHe_dk0wbL66n64WBhG3nKY&google_cver=1&google_push=Aa02lx9RPc69HD5XMHVGKMW4MuSDP-g2L0qYG_s5VhopaQWGhwFOJsQHWQSMPBZMo1zf0t01k_rqH004Ei3XKF...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9RPc69HD5XMHVGKMW4MuSDP-g2L0qYG_s5VhopaQWGhwFOJsQHWQSMPBZMo1zf0t01k_rqH004Ei3XKFonN_3YvS5WsWvc4VI&google_hm=oWFWImwsQ9G1y89wCUDV...

170 B
188 B

54ms
53ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9RPc69HD5XMHVGKMW4MuSDP-g2L0qYG_s5VhopaQWGhwFOJsQHWQSMPBZMo1zf0t01k_rqH004Ei3XKFonN_3YvS5WsWvc4VI&google_hm=oWFWImwsQ9G1y89wCUDVWg==

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9RPc69HD5XMHVGKMW4MuSDP-g2L0qYG_s5VhopaQWGhwFOJsQHWQSMPBZMo1zf0t01k_rqH004Ei3XKFonN_3YvS5WsWvc4VI&google_hm=oWFWImwsQ9G1y89wCUDVWg==
date: Fri, 24 Feb 2023 06:34:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CAE5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_hm=Y_hagKOMubkFQPGA4I22KgAAFBwAAAIB&google_nid=index&google_push=Aa02lx94whie_Xt9hLZNJOolST3VnxHGQ2w_K...

170 B
232 B

58ms
56ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_hm=Y_hagKOMubkFQPGA4I22KgAAFBwAAAIB&google_nid=index&google_push=Aa02lx94whie_Xt9hLZNJOolST3VnxHGQ2w_KGOvxTzQWlqximIowMhc4a1S2bd_7zNWxmNaNMxly8jwWldrs97P1amNqk2buYAI-w

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feEog9DrP%2BKFMcI4YEyR9VTw%2BHNwLzXB7woUvyEgVeMenVWFvtukHROnTo6Zar63ZVi4wUh2dh6k6i8It7HL8mwulRpGttS9DD1GkwzW%2FgVyAhfQVC%2BiZ%2F86bpZ4H5DWNqT%2FF4B7j5jDXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_hm=Y_hagKOMubkFQPGA4I22KgAAFBwAAAIB&google_nid=index&google_push=Aa02lx94whie_Xt9hLZNJOolST3VnxHGQ2w_KGOvxTzQWlqximIowMhc4a1S2bd_7zNWxmNaNMxly8jwWldrs97P1amNqk2buYAI-w
cache-control: no-cache
cf-ray: 79e62d459aae9c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CAE5
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx86SSeQLnenyQHv-hwMDAhe7VbaEa9YqBqAuMOHC4DJm7LAbQgqjPrAeHnFQ-7hMpBEDOyodzW-a9v4mODwVDg6R3W4hq8cHw&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-54f6fe38-0cde-40a2-85a9-82c705832ccb-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx86SSeQLnenyQHv-hwMD...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx86SSeQLnenyQHv-hwMDAhe7VbaEa9YqBqAuMOHC4DJm7LAbQgqjPrAeHnFQ-7hMpBEDOyodzW-a9v4mODwVDg6R3W4hq8cHw&google_hm=A1T2_jgM3kCihamCxwWDLMs

170 B
188 B

53ms
52ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx86SSeQLnenyQHv-hwMDAhe7VbaEa9YqBqAuMOHC4DJm7LAbQgqjPrAeHnFQ-7hMpBEDOyodzW-a9v4mODwVDg6R3W4hq8cHw&google_hm=A1T2_jgM3kCihamCxwWDLMs

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx86SSeQLnenyQHv-hwMDAhe7VbaEa9YqBqAuMOHC4DJm7LAbQgqjPrAeHnFQ-7hMpBEDOyodzW-a9v4mODwVDg6R3W4hq8cHw&google_hm=A1T2_jgM3kCihamCxwWDLMs
date: Fri, 24 Feb 2023 06:34:41 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX54f6fe380cde40a285a982c705832ccb003
content-type: text/html

GET googleredir
googlecm.hit.gemius.pl/ Frame CAE5 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CAE5
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDC79xGtk...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDC...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a1615622-6c2c-43d1-b5cb-cf700940d55a&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

52ms
52ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a1615622-6c2c-43d1-b5cb-cf700940d55a&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a1615622-6c2c-43d1-b5cb-cf700940d55a&%%GOOGLE_PUSH_PAIR%%
date: Fri, 24 Feb 2023 06:34:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CAE5 0
40 B 137ms
49ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I8bDRfhkd--TIYdilmiNO43WlgY34dyphKye_MFOAZZSpbemaEDJTee42WdJ5n6X_pUDYPkQE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 75F3
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VXZ5WmxTOHgxUHZyRmU1&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cver=1&google_push=Aa02lx8X9bpFQw7aqEzMvSYxyRSJuI_1olSc2PhtpLinp4S...

170 B
232 B

57ms
52ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VXZ5WmxTOHgxUHZyRmU1&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cver=1&google_push=Aa02lx8X9bpFQw7aqEzMvSYxyRSJuI_1olSc2PhtpLinp4SuDoUKe5uiRpY8hW2T7nuWY9t1R92OxwAO-6amtXAhpItisQPFjf2KKw

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 06:34:40 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-04a4a3c9d6b291794@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VXZ5WmxTOHgxUHZyRmU1&google_gid=CAESEPlTk169Lb9tY-eDjQ0w0V4&google_cver=1&google_push=Aa02lx8X9bpFQw7aqEzMvSYxyRSJuI_1olSc2PhtpLinp4SuDoUKe5uiRpY8hW2T7nuWY9t1R92OxwAO-6amtXAhpItisQPFjf2KKw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 75F3
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx-qbFV_yVd2IZd-evnEIgiahMPYAcLc4xzcWb4WInJKecT_hA0SjH6nDAxVw4aiWhWrsOppZ_dQfeb8QRBdyabU0jEpNdd8N...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx-qbFV_yVd2IZd-evnEIgiahMPYAcLc4xzcWb4WInJKecT_hA0SjH6nDAxVw4aiWhWrsOppZ_dQfeb8QRBdyabU0jEpNdd...

43 B
430 B

177ms
168ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx-qbFV_yVd2IZd-evnEIgiahMPYAcLc4xzcWb4WInJKecT_hA0SjH6nDAxVw4aiWhWrsOppZ_dQfeb8QRBdyabU0jEpNdd8N-o&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-qbFV_yVd2IZd-evnEIgiahMPYAcLc4xzcWb4WInJKecT_hA0SjH6nDAxVw4aiWhWrsOppZ_dQfeb8QRBdyabU0jEpNdd8N-o%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79e62d46b86f91d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1136
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx-qbFV_yVd2IZd-evnEIgiahMPYAcLc4xzcWb4WInJKecT_hA0SjH6nDAxVw4aiWhWrsOppZ_dQfeb8QRBdyabU0jEpNdd8N-o&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-qbFV_yVd2IZd-evnEIgiahMPYAcLc4xzcWb4WInJKecT_hA0SjH6nDAxVw4aiWhWrsOppZ_dQfeb8QRBdyabU0jEpNdd8N-o%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79e62d451efe91d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 75F3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG2ECZEPhyvF1s-wG0okV9k&google_cver=1&google_push=Aa02lx8I0a0eMg59x9dNrRg9_0XEDodIVU9ndkYzN64lQi5Uju27slodQ5In1dDII-H6CNcR5rk1PsImzaFO85KcSO07q4i...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8I0a0eMg59x9dNrRg9_0XEDodIVU9ndkYzN64lQi5Uju27slodQ5In1dDII-H6CNcR5rk1PsImzaFO85KcSO07q4iNpJcPAfk&google_hm=eS10dHhwZDc1RTJwRUl...

170 B
232 B

57ms
53ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8I0a0eMg59x9dNrRg9_0XEDodIVU9ndkYzN64lQi5Uju27slodQ5In1dDII-H6CNcR5rk1PsImzaFO85KcSO07q4iNpJcPAfk&google_hm=eS10dHhwZDc1RTJwRUlHa05FMUxEbkltYkptS3pOSWdnd35B

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 24 Feb 2023 06:34:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8I0a0eMg59x9dNrRg9_0XEDodIVU9ndkYzN64lQi5Uju27slodQ5In1dDII-H6CNcR5rk1PsImzaFO85KcSO07q4iNpJcPAfk&google_hm=eS10dHhwZDc1RTJwRUlHa05FMUxEbkltYkptS3pOSWdnd35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75F3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHkwsWVRvpO_zHn0V0jtMA8&google_cver=1&google_push=Aa02lx_hvjlMwyavqZ930Qb-3TeUHncNS_QyLVlPDfRWkK60QM1shTP_OAs3yjQHRNCqJ4NoFWLCL962...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHkwsWVRvpO_zHn0V0jtMA8&google_cver=1&google_push=Aa02lx_hvjlMwyavqZ930Qb-3TeUHncNS_QyLVlPDfRWkK60QM1shTP_OAs3yjQHRNCqJ4NoFWL...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc0MDAzOTMzNTU0MDExMjYzNw&google_push=Aa02lx_hvjlMwyavqZ930Qb-3TeUHncNS_QyLVlPDfRWkK60QM1shTP_OAs3yjQHRNCqJ4NoFWLCL9...

170 B
188 B

55ms
55ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc0MDAzOTMzNTU0MDExMjYzNw&google_push=Aa02lx_hvjlMwyavqZ930Qb-3TeUHncNS_QyLVlPDfRWkK60QM1shTP_OAs3yjQHRNCqJ4NoFWLCL9621fDZYyk0mxJKwY2VGBCBGA

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc0MDAzOTMzNTU0MDExMjYzNw&google_push=Aa02lx_hvjlMwyavqZ930Qb-3TeUHncNS_QyLVlPDfRWkK60QM1shTP_OAs3yjQHRNCqJ4NoFWLCL9621fDZYyk0mxJKwY2VGBCBGA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 75F3 43 B
351 B 70ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIFwC3c6OjOF06xUKNesH-o&google_cver=1&google_push=Aa02lx8VUBPMCISOqpWyvMqXMcLC8nMk8GiUbN2MKrL1hn0XSKg2m5Irduj0e_uBsuSxAom2XJ8_VPL417RnvsncmzjtXk8ddQpgydk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=2658960439&pi=t.aa~a.639411702~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600&nras=5&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=2255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tx2oW9WzKp&p=https%3A//chinas-lafa.ru&dtd=53
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ovancko6me0pkkcdk75clkoefbu008fq

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 75F3 0
45 B 120ms
17ms Image
text/plain 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOa4-I3AEThqi2Qn5rUk27k&google_cver=1&google_push=Aa02lx9DwIK3N-X6VJJylqyKX_WjbvXdppVwaelelNhannW8qG-6T9RsWS07-2_kh7XkiP-5PlMasU4J9RCbndv-a7WPtIaPwvWO9q0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=2658960439&pi=t.aa~a.639411702~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600&nras=5&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=2255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=tx2oW9WzKp&p=https%3A//chinas-lafa.ru&dtd=53
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75F3
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDC79xGtk...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDC...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a1615622-6c2c-43d1-b5cb-cf700940d55a&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

54ms
53ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a1615622-6c2c-43d1-b5cb-cf700940d55a&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=a1615622-6c2c-43d1-b5cb-cf700940d55a&%%GOOGLE_PUSH_PAIR%%
date: Fri, 24 Feb 2023 06:34:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 75F3 0
49 B 134ms
49ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LBXHGqgJaBpCck_Ey51OV2LWqJ4-hXxjtWuPrKhdWSRMULnNKHZho_mjAqWQQLyBr48McroQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EDDA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
33ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
expires: Fri, 24 Feb 2023 06:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 2A1E 62 KB
23 KB 67ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58fad70c6f1cbf5134f2fb9e9ae1e0f7b5eb7dd27895f22e0e6cf61574f968cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:54:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2409
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23523
x-xss-protection: 0
server: cafe
etag: 10769982060255438035
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 06:54:31 GMT

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8425 36 KB
14 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 15:31:01 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A40D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
33ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
expires: Fri, 24 Feb 2023 06:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FDB7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

35ms
28ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
expires: Fri, 24 Feb 2023 06:34:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 19E9 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99d39e3d1c883db700cde4683fe976e57e4cdf32f3829f2e1d3b65db83b6ae0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8C21 0
12 B 14ms
14ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hvHNwA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2262
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECC3KwkkJ2tHSNIjr06OZi0&google_cver=1&google_push=Aa02lx_gqkeiaBSFjd96xpUvCobQHq27pO9f9tQrtiAatcOxELqZGEihkNnOWziTu3qsFIvGcCYJVHH7Kf0...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_gqkeiaBSFjd96xpUvCobQHq27pO9f9tQrtiAatcOxELqZGEihkNnOWziTu3qsFIvGcCYJVHH7Kf0Be9wCcRfiXcrP0_TNVGw&google_hm=PWqw4XaxRj67mDoPa...

170 B
232 B

58ms
57ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_gqkeiaBSFjd96xpUvCobQHq27pO9f9tQrtiAatcOxELqZGEihkNnOWziTu3qsFIvGcCYJVHH7Kf0Be9wCcRfiXcrP0_TNVGw&google_hm=PWqw4XaxRj67mDoPa0-XBAQ

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_gqkeiaBSFjd96xpUvCobQHq27pO9f9tQrtiAatcOxELqZGEihkNnOWziTu3qsFIvGcCYJVHH7Kf0Be9wCcRfiXcrP0_TNVGw&google_hm=PWqw4XaxRj67mDoPa0-XBAQ
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2262
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELoD1irb_dk20XXxIz7zLFM&google_cver=1&google_push=Aa02lx8rGlfqjvYL7s3QRZjWyZyoFaH609ygId54fV-rVDZzTSylCD1Gt5sqGXj1p0TBFn_QkAosnUAsOXLcRvV_...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UiqdeEuRSEu3D1iPfIe9kA2&google_push=Aa02lx8rGlfqjvYL7s3QRZjWyZyoFaH609ygId54fV-rVDZzTSylCD1Gt5sqGXj1p0TBFn_QkAosnUAsOXLcRvV_1v3W1PxknT3crgw

170 B
232 B

60ms
55ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UiqdeEuRSEu3D1iPfIe9kA2&google_push=Aa02lx8rGlfqjvYL7s3QRZjWyZyoFaH609ygId54fV-rVDZzTSylCD1Gt5sqGXj1p0TBFn_QkAosnUAsOXLcRvV_1v3W1PxknT3crgw

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 24 Feb 2023 06:34:40 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UiqdeEuRSEu3D1iPfIe9kA2&google_push=Aa02lx8rGlfqjvYL7s3QRZjWyZyoFaH609ygId54fV-rVDZzTSylCD1Gt5sqGXj1p0TBFn_QkAosnUAsOXLcRvV_1v3W1PxknT3crgw
x-host: tde-deliveryengine-production-cdcfc8b9-hl8df
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2262
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHe_dk0wbL66n64WBhG3nKY&google_cver=1&google_push=Aa02lx-AhKcXEHPA1PswZ2FWlzmcCKfUbhT1nORZd5dWr9NKHjWot_M7D9ZACpj7qI8JoZGUSx4bgYCbA4HHqiUCAqch...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHe_dk0wbL66n64WBhG3nKY&google_cver=1&google_push=Aa02lx-AhKcXEHPA1PswZ2FWlzmcCKfUbhT1nORZd5dWr9NKHjWot_M7D9ZACpj7qI8JoZGUSx4bgYCbA4HHqi...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=1ecebcc2-88f6-4a7b-9b38-d5ad64ea8eb0&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-AhKcXEHPA1PswZ2FWlzmcCKfUbhT1nORZd5dWr9NKHjWot_M7D9ZACpj7qI8JoZGUSx4bgYCbA4HHqiUCAqch8NHg7dh4_2w&google_hm=oWFWImwsQ9G1y89wCUDV...

170 B
188 B

53ms
53ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-AhKcXEHPA1PswZ2FWlzmcCKfUbhT1nORZd5dWr9NKHjWot_M7D9ZACpj7qI8JoZGUSx4bgYCbA4HHqiUCAqch8NHg7dh4_2w&google_hm=oWFWImwsQ9G1y89wCUDVWg==
date: Fri, 24 Feb 2023 06:34:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 2262 42 B
213 B 88ms
20ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEKR56_TWByfqXK4WVurMTHY&google_push=Aa02lx9Ts1ZYDJm3k5RjVU2eO7BfBTh-QdItKJh5SP_sNoo414El1Cawu2ph2O2-gH3I3kqaOGrRE_Qn8TPKuuOs4A9-9VT8dnTaTNQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2262
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECzeVPIb6_xk-XGaRW1jrp4&google_cver=1&google_push=Aa02lx_xtLCcaKD1NBfAzoyQuk846Ph-fNjeB2xzanjItxMgefqCw6nFMopZ8ZBvsMpZmhf1XSr...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVJNVJQTlMtMy0zNzhO&google_push=Aa02lx_xtLCcaKD1NBfAzoyQuk846Ph-fNjeB2xzanjItxMgefqCw6nFMopZ8ZBvsMpZmhf1XSrTpRvWWs-avLBBq8YmJVLZ67AHdQ0

170 B
188 B

54ms
53ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVJNVJQTlMtMy0zNzhO&google_push=Aa02lx_xtLCcaKD1NBfAzoyQuk846Ph-fNjeB2xzanjItxMgefqCw6nFMopZ8ZBvsMpZmhf1XSrTpRvWWs-avLBBq8YmJVLZ67AHdQ0

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVJNVJQTlMtMy0zNzhO&google_push=Aa02lx_xtLCcaKD1NBfAzoyQuk846Ph-fNjeB2xzanjItxMgefqCw6nFMopZ8ZBvsMpZmhf1XSrTpRvWWs-avLBBq8YmJVLZ67AHdQ0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 2262 43 B
297 B 139ms
25ms Image
image/gif 2a05:d01c:1d8:8101:bf42:41f0:18cb:f8e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIucZUqrEEUlFV6wIUVeC1k&google_cver=1&google_push=Aa02lx8AE-Mx1tN-2ABMWbfKR190B8shj02Ab4m2Uvvi_ATad7JOK7yjaUa66FVg1XR3bF7i-35hGS_N-VFC9hbDr25BVJemqyfY4bk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:bf42:41f0:18cb:f8e London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2262
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGGtPXoZFLhtTTHlxCRwHNg&google_cver=1&google_push=Aa02lx_HXHpWwiqGO3sHRo9n0pSi0QZDYNrwizQAuEkI78CPruS9y7DjgCH2GvUGjOZrxdJSaoZIfUH4dieobYnQo...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGGtPXoZFLhtTTHlxCRwHNg&google_cver=1&google_push=Aa02lx_HXHpWwiqGO3sHRo9n0pSi0QZDYNrwizQAuEkI78CPruS9y7DjgCH2GvUGjOZrxdJSaoZIfUH4dieobYnQo...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_HXHpWwiqGO3sHRo9n0pSi0QZDYNrwizQAuEkI78CPruS9y7DjgCH2GvUGjOZrxdJSaoZIfUH4dieobYnQouV-9A0kjaqEmH4&google_hm=GNXKrGZHqP8NGS8zS2C...

170 B
188 B

61ms
60ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_HXHpWwiqGO3sHRo9n0pSi0QZDYNrwizQAuEkI78CPruS9y7DjgCH2GvUGjOZrxdJSaoZIfUH4dieobYnQouV-9A0kjaqEmH4&google_hm=GNXKrGZHqP8NGS8zS2CKDJ-b

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 24 Feb 2023 06:34:41 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_HXHpWwiqGO3sHRo9n0pSi0QZDYNrwizQAuEkI78CPruS9y7DjgCH2GvUGjOZrxdJSaoZIfUH4dieobYnQouV-9A0kjaqEmH4&google_hm=GNXKrGZHqP8NGS8zS2CKDJ-b
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2262 0
49 B 61ms
50ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IhVFEgvK785aOEJag26S_bwu5cHhOtMVzkOlLvAMMSlezbt6jjV6EyzA9VHBdu90xmj5SU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7014 36 KB
14 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 15:31:01 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame BE7D 0
191 B 71ms
12ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECDGwsMw7TL2gYM6TAwGomQ&google_cver=1&google_push=Aa02lx-eN025BBJvFKt7ZNuPP3kophXmatGjlHqElDIZcCHn4jKaoWeXqh-_bhfvIxwdZtZbHhsVGui8mjVGT8rSrIRskr4Oeqwicg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280&nras=4&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kGhHceSCIg&p=https%3A//chinas-lafa.ru&dtd=50
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BE7D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPuJUSLNfSfN2ICX8aiRMHc&google_cver=1&google_push=Aa02lx_5duvLKuPgFyqZ_wBZM6kl8UEmFUEqlY9ZP8Zx-razJgkM2XQ3RYwr7WFpjPZOwd5jQFe9Soe5Kuigz-...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMzYwNzEwOTgwMjg1MDQ0NQ%3D%3D&google_push=Aa02lx_5duvLKuPgFyqZ_wBZM6kl8UEmFUEqlY9ZP8Zx-razJgkM2XQ3RYwr7WFpjPZOwd5jQFe9Soe5Kuigz-MhJx...

170 B
188 B

54ms
54ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMzYwNzEwOTgwMjg1MDQ0NQ%3D%3D&google_push=Aa02lx_5duvLKuPgFyqZ_wBZM6kl8UEmFUEqlY9ZP8Zx-razJgkM2XQ3RYwr7WFpjPZOwd5jQFe9Soe5Kuigz-MhJxVqSUvY4Ztlfg

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMzYwNzEwOTgwMjg1MDQ0NQ%3D%3D&google_push=Aa02lx_5duvLKuPgFyqZ_wBZM6kl8UEmFUEqlY9ZP8Zx-razJgkM2XQ3RYwr7WFpjPZOwd5jQFe9Soe5Kuigz-MhJxVqSUvY4Ztlfg
Date: Fri, 24 Feb 2023 06:34:40 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BE7D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG2ECZEPhyvF1s-wG0okV9k&google_cver=1&google_push=Aa02lx_O4oXu3gculHYjSTDRpkDoi96cX7H0qbAhKcupM7SAzsj52f2vt1E6xfJcu7dFao1jmQ6LLZvsAH8lWNM4r_vhIKb...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_O4oXu3gculHYjSTDRpkDoi96cX7H0qbAhKcupM7SAzsj52f2vt1E6xfJcu7dFao1jmQ6LLZvsAH8lWNM4r_vhIKbd3vkvzwM&google_hm=eS1CbTBJRS4xRTJwRnl...

170 B
232 B

58ms
55ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_O4oXu3gculHYjSTDRpkDoi96cX7H0qbAhKcupM7SAzsj52f2vt1E6xfJcu7dFao1jmQ6LLZvsAH8lWNM4r_vhIKbd3vkvzwM&google_hm=eS1CbTBJRS4xRTJwRnlOVUhyX1h5U0hmWlE1NmFLSWFUcH5B

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 24 Feb 2023 06:34:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_O4oXu3gculHYjSTDRpkDoi96cX7H0qbAhKcupM7SAzsj52f2vt1E6xfJcu7dFao1jmQ6LLZvsAH8lWNM4r_vhIKbd3vkvzwM&google_hm=eS1CbTBJRS4xRTJwRnlOVUhyX1h5U0hmWlE1NmFLSWFUcH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BE7D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHkwsWVRvpO_zHn0V0jtMA8&google_cver=1&google_push=Aa02lx_ZHGxue4Za9fmpHVMEeZFJZpS_s3F2RWFkSYb-qoVPlJiFXVMqowk4PBDiIqTwSACzZJTA-7Qt...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHkwsWVRvpO_zHn0V0jtMA8&google_cver=1&google_push=Aa02lx_ZHGxue4Za9fmpHVMEeZFJZpS_s3F2RWFkSYb-qoVPlJiFXVMqowk4PBDiIqTwSACzZJT...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxOTgyNTU1MjY0MjgzNzc3Ng&google_push=Aa02lx_ZHGxue4Za9fmpHVMEeZFJZpS_s3F2RWFkSYb-qoVPlJiFXVMqowk4PBDiIqTwSACzZJTA-7...

170 B
188 B

53ms
52ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxOTgyNTU1MjY0MjgzNzc3Ng&google_push=Aa02lx_ZHGxue4Za9fmpHVMEeZFJZpS_s3F2RWFkSYb-qoVPlJiFXVMqowk4PBDiIqTwSACzZJTA-7QtbiwWxQeFaTJ6sh27RclHNHg

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxOTgyNTU1MjY0MjgzNzc3Ng&google_push=Aa02lx_ZHGxue4Za9fmpHVMEeZFJZpS_s3F2RWFkSYb-qoVPlJiFXVMqowk4PBDiIqTwSACzZJTA-7QtbiwWxQeFaTJ6sh27RclHNHg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame BE7D 43 B
135 B 23ms
10ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIFwC3c6OjOF06xUKNesH-o&google_cver=1&google_push=Aa02lx_SkqRS-mILYjOR8XMt0zcQIEo943X3LyREbQPa4tfWhl2OIl6MJCqaZ-bU8c66xoPJJTbj9buuR-d8YDtl8Iunu3baQ8lALQw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1608&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280&nras=4&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=kGhHceSCIg&p=https%3A//chinas-lafa.ru&dtd=50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 7duu7e68ite060jrhjbkn1qlapcgrs5c

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BE7D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_hm=Y_hagKOMubkFQPGA4I22KgAAFBwAAAIB&google_nid=index&google_push=Aa02lx_Z_VHp3q7fklhxiAl5CucITvnEslapA...

170 B
232 B

58ms
55ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_hm=Y_hagKOMubkFQPGA4I22KgAAFBwAAAIB&google_nid=index&google_push=Aa02lx_Z_VHp3q7fklhxiAl5CucITvnEslapAtGq-vSOFwzhD70_x7x_JDcG38Qkdj17yiGYqvd9eqKyYcEiPwTNiUdWW62mNEDnNQk

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0uByBnIJZtHb%2FZpHwpOSPQfh18wFMBZNlL2I5d%2FrelbRRgiFxtUxNEWuu13PQxx%2B7VLHpY9yiSmpXVqqmxhCcqZyWUCQ3htcWMp5zdp8bOVUOg1tR7qscEcnaPqaxc7vpnpJlWK4jh5gg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENtpes-viTK21kuP1wXSjno&google_hm=Y_hagKOMubkFQPGA4I22KgAAFBwAAAIB&google_nid=index&google_push=Aa02lx_Z_VHp3q7fklhxiAl5CucITvnEslapAtGq-vSOFwzhD70_x7x_JDcG38Qkdj17yiGYqvd9eqKyYcEiPwTNiUdWW62mNEDnNQk
cache-control: no-cache
cf-ray: 79e62d458b089948-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BE7D
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGGtPXoZFLhtTTHlxCRwHNg&google_cver=1&google_push=Aa02lx-ZqY8FR_FewFnF1_fFAaj8uByQQYypJfToLfA_7y2eJvtCDAwnwzL_EWwU-v2O_ZSj-RF0t2X9CltFk6hMo...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGGtPXoZFLhtTTHlxCRwHNg&google_cver=1&google_push=Aa02lx-ZqY8FR_FewFnF1_fFAaj8uByQQYypJfToLfA_7y2eJvtCDAwnwzL_EWwU-v2O_ZSj-RF0t2X9CltFk6hMo...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-ZqY8FR_FewFnF1_fFAaj8uByQQYypJfToLfA_7y2eJvtCDAwnwzL_EWwU-v2O_ZSj-RF0t2X9CltFk6hMoAWOl-eg5wi7IYE&google_hm=GNXKrGZHqP8NGS8zS2C...

170 B
188 B

54ms
53ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-ZqY8FR_FewFnF1_fFAaj8uByQQYypJfToLfA_7y2eJvtCDAwnwzL_EWwU-v2O_ZSj-RF0t2X9CltFk6hMoAWOl-eg5wi7IYE&google_hm=GNXKrGZHqP8NGS8zS2CKDJ-b

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 24 Feb 2023 06:34:41 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-ZqY8FR_FewFnF1_fFAaj8uByQQYypJfToLfA_7y2eJvtCDAwnwzL_EWwU-v2O_ZSj-RF0t2X9CltFk6hMoAWOl-eg5wi7IYE&google_hm=GNXKrGZHqP8NGS8zS2CKDJ-b
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BE7D 0
40 B 61ms
49ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOAau-oABPef459jpDU6GhONRfJif6GhImN2dxfDl4FN1cgBE6pU_qanB3k19ojEVxF1C1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 29BC 36 KB
14 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 15:31:01 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B155
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
26ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:41 GMT
expires: Fri, 24 Feb 2023 06:34:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 67C5 36 KB
14 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=3140027163&adf=1965459203&pi=t.aa~a.639400137~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=700x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=2&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280&nras=3&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=aU4XpxPtRC&p=https%3A//chinas-lafa.ru&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 15:31:01 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2A17
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEBwGn4qavbHJlML7b2m6i0&google_cver=1&google_push=Aa02lx9gCjw6_e6Td8CAWkLsdVPSgWx38s-v4b2b3BB61y9xAYHf2lDtldqXK5qK7jQsoXceip5R5Lf8ohupTCgBsLHYuxWtwor__qQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzkzOTUwNTE1Mzg2NjQwNjY5Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBwGn4qavbHJlML7b2m6i0&google_cver=1

43 B
398 B

15ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBwGn4qavbHJlML7b2m6i0&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEBwGn4qavbHJlML7b2m6i0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2A17 0
104 B 155ms
28ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPYhFahkyoCXs7OIrQJ48rQ&google_cver=1&google_push=Aa02lx8HNCKrAOz9RDMNUSBxc9Gz2gxaPVyFLKdm08aLFSMDG6oyIBpyR-M87snPywAdPRfK3mQHWQDuv2lih0DQdqz11VzRaZQn9g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2989839523&adf=1330659970&pi=t.aa~a.390569361~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280&nras=6&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=2555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=uiGwheCI50&p=https%3A//chinas-lafa.ru&dtd=57
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 2A17
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx_KsQkbgDtICD3djjPO-GID9dU6HFy05YOFi1ho7YuBm0LqioMHhk8rqKsRzZzfMcYRThiv9r0G9mxIzEuK_ZIV2KzSlWCn5...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx_KsQkbgDtICD3djjPO-GID9dU6HFy05YOFi1ho7YuBm0LqioMHhk8rqKsRzZzfMcYRThiv9r0G9mxIzEuK_ZIV2KzSlWC...

43 B
417 B

166ms
165ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx_KsQkbgDtICD3djjPO-GID9dU6HFy05YOFi1ho7YuBm0LqioMHhk8rqKsRzZzfMcYRThiv9r0G9mxIzEuK_ZIV2KzSlWCn5Do&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_KsQkbgDtICD3djjPO-GID9dU6HFy05YOFi1ho7YuBm0LqioMHhk8rqKsRzZzfMcYRThiv9r0G9mxIzEuK_ZIV2KzSlWCn5Do%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79e62d47790d91d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 56
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMZ1QxGq7rSHchZlCrbzmhw&google_cver=1&google_push=Aa02lx_KsQkbgDtICD3djjPO-GID9dU6HFy05YOFi1ho7YuBm0LqioMHhk8rqKsRzZzfMcYRThiv9r0G9mxIzEuK_ZIV2KzSlWCn5Do&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_KsQkbgDtICD3djjPO-GID9dU6HFy05YOFi1ho7YuBm0LqioMHhk8rqKsRzZzfMcYRThiv9r0G9mxIzEuK_ZIV2KzSlWCn5Do%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 79e62d45dfaf91d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A17
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPOV1_Seh1zh33rNgPSGa5o&google_cver=1&google_push=Aa02lx_wqI61Uz6m_8nNjsGELO77oKezkhhUbs09cKkg828BV8rEV1KYMywT9s59gn12wn3slIngzMF_VjGVZTndTPOo9z9pH82NpjM
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92B3FC199DBE4B5C9CC9C79B374EDEA4&google_push=Aa02lx_wqI61Uz6m_8nNjsGELO77oKezkhhUbs09cKkg828BV8rEV1KYMywT9s59gn12wn3slIngzMF_VjGVZTn...

170 B
188 B

54ms
54ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92B3FC199DBE4B5C9CC9C79B374EDEA4&google_push=Aa02lx_wqI61Uz6m_8nNjsGELO77oKezkhhUbs09cKkg828BV8rEV1KYMywT9s59gn12wn3slIngzMF_VjGVZTndTPOo9z9pH82NpjM

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 24 Feb 2023 06:34:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92B3FC199DBE4B5C9CC9C79B374EDEA4&google_push=Aa02lx_wqI61Uz6m_8nNjsGELO77oKezkhhUbs09cKkg828BV8rEV1KYMywT9s59gn12wn3slIngzMF_VjGVZTndTPOo9z9pH82NpjM
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 23 Feb 2023 06:34:40 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2A17 70 B
264 B 41ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENDBYQMjbmIYo3LKHDyOUWE&google_cver=1&google_push=Aa02lx9vPyk5hhlVK8JWOTyCK7w6-rTDDV8NpdxmZrFHme98w1hWy3fqNzj_kKPT9zA2B08dcgGBoXPAcWJCrdL28vdTHTWeIIHfyzw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2989839523&adf=1330659970&pi=t.aa~a.390569361~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280&nras=6&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=2555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=uiGwheCI50&p=https%3A//chinas-lafa.ru&dtd=57
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 dds
rtb.openx.net/sync/ Frame 2A17 43 B
64 B 27ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIFwC3c6OjOF06xUKNesH-o&google_cver=1&google_push=Aa02lx-3h5YQ9iiTvJY3pWmhydglTVsRl_ZEPGz-9tMgh6YKFU1J9JnLd3eQTlIPw7drNX4CAbEawNjbsGkKozUypWQhPDvyEmUHU_8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2989839523&adf=1330659970&pi=t.aa~a.390569361~rp.1&w=345&fwrn=4&fwrnh=100&lmt=1677209797&rafmt=1&to=qs&pwprc=3663841965&format=345x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677220479707&bpp=1&bdt=1607&idt=-M&shv=r20230222&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db7c228e3aef6c807-22bd27f7fbdc000a%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ&gpic=UID%3D00000bbb3de3beb0%3AT%3D1677220478%3ART%3D1677220478%3AS%3DALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ&prev_fmts=0x0%2C1090x280%2C700x280%2C300x600%2C700x280&nras=6&correlator=4959468025329&frm=20&pv=1&ga_vid=1086123129.1677220479&ga_sid=1677220479&ga_hid=608064339&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=2555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44777877%2C44773810%2C31072532&oid=2&psts=AD37Y7tLoiUdx5gdM-q4lR3hnf8mmyIzHeTfVQMkQR7iAa_WBSkIIARRYqBZR2cpCN3WvGKApX1Q3KTXMNkN8H4&pvsid=1444586785248371&tmod=6643293&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=uiGwheCI50&p=https%3A//chinas-lafa.ru&dtd=57
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:40 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: mkbe71rpffvp0r4cqduel8sioconbdir

GET
H2

200

report
sync.teads.tv/um/ Frame 2A17
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBJwvdaHY-jMzOmRNWiD_uw&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx_aF6E4SYIfO-NWXwet89MdIjn93-qi1no8U8TcFjwOW9655E9ACIFJYbOJEwEOmFwkYj8GCanotVKh1n9XFTzaVA-Rut8UfgA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

32ms
32ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 24 Feb 2023 06:34:41 GMT
pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2A17 0
49 B 60ms
50ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-962BA15FWoudNrYpIxnvI4TH5cWRYakBAV0CKggnu8n3QL67EpCouYQKWjuEQusvHxWG_A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:34:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C920
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

23ms
23ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:41 GMT
expires: Fri, 24 Feb 2023 06:34:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:41 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame D9F9 36 KB
14 KB 23ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 15:31:01 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F83
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
30ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:41 GMT
expires: Fri, 24 Feb 2023 06:34:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 06:34:41 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame DB7B 36 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 15:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 15:31:01 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2A1E 0
234 B 376ms
126ms Ping
image/gif 2607:f8b0:400b:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lei5rpt1&e=21060101&ctx=2&gqid=f1r4Y8mNMM3Yx_APs5SqmA0&qqid=CNraopfFrf0CFQ9JFQgdFa0Bgg&met.4=fb.b5~lb.il~cmrload.s1~ol.s8~bdt.-1ai~bpp.-1t~dtd.-3~dt.-1u&met.3=733.ll~748.m4~749.m4~742.li_q~735.nr_1~555.rx~739.rx~556.rx_1~738.s2~113.11l_4~112.11k_5&met.1=1.lei5rorh~6.1~7.1~8.1~9.1~10.1~12.3~13.9d~14.9q~15.a8~16.rx~17.rx~18.rz~19.s1~20.s1~21.s8&met.7=CAUQCBgBKAEw3gI4-AdoA3DRAni_jAKAAZOKAogBpKkFsAEBuAED~CBcQBhgBIPYCKPYCMJIDOBxo9wJwiwN4--UBgAHP4wGIAc_jAbABAbgBAw~CAkQChgBIPYCKPYCMJMDOB1o-AJwjQN4mkeAAe5EiAHZrgGwAQG4AQM~CB4QChgBIPYCKPYCMLIDODxolQNwrwN4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIPYCKPYCMK8DODlolQNwqgN4_kKAAdJAiAGOnQGwAQG4AQM~CBsQBhgBIPYCKPYCMM0DOFY~CBwQChgBIPYCKPYCMLMDODxolQNwsAN4pGuAAfhoiAG-hgKwAQG4AQM~CCoQChgBIPYCKPYCMLsDOEU~CCEQBBgBIJMDKJMDMNcDOENolQNw1gN4rAKwAQG4AQM~CCgQBRgBIJoFKJoFMKsFOBFonQVwqwV4vQOAAZEBiAGPAbABAbgBAw~CBwQBRgBIJsFKJsFMLIFOBdoowVwsQV4lgeAAeoEiAGWCbABAbgBAw~CCgQChgBIKoIKKoIMPsIOFFAqwhIughQughY3ghgxwho3ghw7gh4j7oBgAHjtwGIAdbvA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400b:802::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0FEC 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUEUO_zhxwNNKzfWfcOnc3rBtz_--jbixbbifoqLtfn-kGaBspgq2isci57kTM-a2CX6j7L_FcYQ5y15dO-ghFg78N5L-YXX3dpgN2kBSovPOax5zeyOkdGatjNhciwEqIMyQnAw&sai=AMfl-YTS6j-9b_TNUb94QBEK9Vedljic8VT9lqwh1gzIqntXKBhnDwZl8FtcaxYTo7SzWO7ttWkfmxTtWNJr&sig=Cg0ArKJSzBK9MqFVmo8nEAE&cid=CAQSGwDUE5ymc_SWMHwLG77uVXRetPyowCWCz27P1RgB&id=lidar2&mcvt=1046&p=0,0,500,180&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677220479829&rpt=273&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 104B 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupOUyq9EYixrfu1e8IAtSMZwjy85vZjb7DnaJGXf-3elqfr9_K5TCFP6esoZbN6luJ3gsMP3BGyVSRvK9VWdzJi5IkN4f_VhQAyGoOjAW9Gal5cGknLP5aHppjfoFDqYbUlITP2Q&sai=AMfl-YQVntEOZLvPfJqRxQsRbJBImz9-PzioTby2Be8mKKy93fe-9iDIrGaHSWb2IiXVecib97l6c6yKsQ04&sig=Cg0ArKJSzJwTPICKxI5WEAE&cid=CAQSGwDUE5ymc_SWMHwLG77uVXRetPyowCWCz27P1RgB&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677220479832&rpt=298&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6D6B 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRK15vdfsQ6DqM8YYH-7ojy2GcmtEnzezO7mZSCyXqztt2H55HqJR0uUakn5GumeYdvP-88hfrvettinTlbM_wePo-sp29T561ngc-mhQ1UpqXUF-HaZsjW1stYNkwhJiynqcQ8A&sai=AMfl-YRfVF-RKDc_7dYF0n0W5IZ9BWJhDsgwt4bMEn5B0bqUOpafQf9zztjmZ3VbE4IDztGDP5WhyqWFcsxQ&sig=Cg0ArKJSzIYDti6vth9zEAE&cid=CAQSGwDUE5ymc_SWMHwLG77uVXRetPyowCWCz27P1RgB&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=73,699,1002,1173,1278&tos=73,626,303,171,105&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677220479818&rpt=220&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=1444586785248371&bg=!SkmlSR3NAAZYlHKzeJQ7ADkAdvg8WuJKRbTCkrrbyMx8luNDnHBlh7iiA3It_r4svMrQnfYo3vYpF-yU2XjRo4UsSMqh9NDOtu0CAAACnlIAAAADaAEHCgCORcd7F8DjNn5PzJjR9ewJBsvxfGsY51Orl2_7S7XbXJRLMKLEeRcj7zFIzTH4tBcajZeDF652nDlqT6oJXsjkW8DIyqpxWJfWB9dTAoU3BDtNVO7WGH5-b2E-JvPQOQMGEyX9HGeNfVkaaRmd1S3mDnaALnAGp_USWpE3Fo-6qi1-Tvd2TIambvnU6XO_-JkCqRkSDp6Xr0xyJgcsVTd8SNx4IWpRKwuhOPHudmyCpxsbsePa1VSbnBBpwdftoZ39rLFlLTg00yKsfwwIPpTUUT3Ai8DKkIhcis_1vtN24A2dHBsFXle_02ShvwN9XNYcBjQqeGEdnHBt16wUw3XEkSv7sMtR0wQSckyRT94Q2Mqu8lyB2mszgTtBNpNOo-0YGflM2JMOOxvJ177SzsXXv_zSMDZZkt3UwJrKg6sa5lpQyLguoH7VuVrkObLIPMXp56Ove-frpya-bLcT2j38kx69ryaKYexmb-lnSGLLp0xn8ZwAkjgdVSG8TFxjbYgFc3BF5WOlETchZVBFflPm-oL2zOfZlATYmsv6h5hd9Xdva5_IA34bCyc0mWs8S8Vb0Vr3KRwi5FOv0vkXqzsciW4IQ_5GfH_kZLkXdciXLQEX_rBe4Hi03OWBp0XV6pKKJnN4fxrTQwxNcVPR8nNJ7c62t7HgTWlhGUljdee8J3WPD4RJXpNNkHmPGJKl7eH6d0hDYGh7yGmpoyyz6JMIbWAhL48hkTzsiFLWe5otLS-JkdbBDPNykAH5n6ZRvjthXyzjqEDfJzaevMvRV9FwN0sNzR1jsKTRA38w3MgvN-RAIAp1kwr33dlU7my5kxqKZ9nhtlkYLxjgIRAO-sqI80U87FosoykhYDtB0UkTY-MISL4zjouMS_-lWzHcum9h8hP2rbklMi2r6jOp7daXF2w9th2j2mgWAyJN1cQ7YAZrfsfsxwN1tk_J98Zlfqa9hqfmOcl7oMkIVJiYBu55b4WbEYclgrSlKYrFgLUKUsaP8iEzJ7ryXY6pxMaznzvmqaur6A5FQ3K2FkzoD_OzGeglwDTCSaoVHHzD0Ui9Hhb3SGpusUmrps_luK72mSBXGahe8mOUobvEdw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chinas-lafa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

POST
H2 200 61048837 Show response
mc.yandex.com/webvisor/ 43 B
145 B 309ms
52ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/61048837?wmode=0&wv-part=1&wv-hit=859821083&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&rn=9415264&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1677220482%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230224063442%3Au%3A1677220479967979705%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1677220482&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chinas-lafa.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:42 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 24-Feb-2023 06:34:42 GMT
content-type: image/gif
access-control-allow-origin: https://chinas-lafa.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 24-Feb-2023 06:34:42 GMT

POST
H2 200 61048837 Show response
mc.yandex.com/webvisor/ 43 B
73 B 56ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/61048837?wmode=0&wv-part=1&wv-hit=859821083&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&rn=853609345&wv-type=3&browser-info=we%3A1%3Aet%3A1677220483%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230224063442%3Au%3A1677220479967979705%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1677220483&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chinas-lafa.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:42 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 24-Feb-2023 06:34:42 GMT
content-type: image/gif
access-control-allow-origin: https://chinas-lafa.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 24-Feb-2023 06:34:42 GMT

POST
H2 200 61048837 Show response
mc.yandex.com/webvisor/ 43 B
145 B 56ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/61048837?wmode=0&wv-part=2&wv-hit=859821083&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&rn=795145229&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1677220483%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230224063443%3Au%3A1677220479967979705%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1677220483&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chinas-lafa.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 06:34:43 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 24-Feb-2023 06:34:43 GMT
content-type: image/gif
access-control-allow-origin: https://chinas-lafa.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 24-Feb-2023 06:34:43 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDcM1Sj4QaD3Lyhn8vVPBtM&google_cver=1&google_push=Aa02lx8itAhVfEtOCvUTKwHzAsOUijUI0Qf_sfBJII_bStDhU-v9QA4arxVOBImtu0zF83POjP77rdCR03s2eqQdVWtZT30Avv-icSPs

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
chinas-lafa.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3de26fesht1n4hnlh31a609h3s
.chinas-lafa.ru/	1970-01-20 18:39:16	Name: _ym_uid Value: 1677220479967979705
.chinas-lafa.ru/	1970-01-20 18:39:16	Name: _ym_d Value: 1677220479
.chinas-lafa.ru/	1970-01-20 19:15:16	Name: __gads Value: ID=b7c228e3aef6c807-22bd27f7fbdc000a:T=1677220478:RT=1677220478:S=ALNI_Ma7H-avREvc-o5HSUybJeNjaAjZgQ
.chinas-lafa.ru/	1970-01-20 19:15:16	Name: __gpi Value: UID=00000bbb3de3beb0:T=1677220478:RT=1677220478:S=ALNI_MZu3SykF174o4dmBPl4be_Ux6z-xQ
.chinas-lafa.ru/	1970-01-20 09:54:52	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 09:53:41	Name: sync_cookie_csrf Value: 2102800651fake
.mc.yandex.ru/	1970-01-20 09:53:41	Name: sync_cookie_csrf Value: 1128699804fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 477237871677220478
.yandex.com/	1970-01-20 19:29:40	Name: i Value: 5N1pywW3fIpqRBBTiwAnnClO3Gz4LFAy/a/zDqI8/deHQ1Nd63G87I9uaqq7J2MUqbihRyKfG3qak/y754dl0npl0HA=
.yandex.com/	1970-01-20 18:39:16	Name: yandexuid Value: 9751316811677220478
.yandex.com/	1970-01-20 18:39:16	Name: yuidss Value: 9751316811677220478
.yandex.com/	1970-01-20 18:39:16	Name: ymex Value: 1708756478.yc.1677220478#1708756478.yrts.1677220478#1708756478.yrtsi.1677220478
.chinas-lafa.ru/	1970-01-20 09:53:42	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 19:15:16	Name: IDE Value: AHWqTUnvLB1Xfnj1PFck0xXlLKOEDVOe2cwlkUE2AansGJWa97ZRdk9Fycnd8zD9_Zs
.doubleclick.net/	1970-01-20 09:53:41	Name: test_cookie Value: CheckForPermission
.3lift.com/	1970-01-20 12:03:16	Name: tluid Value: 4308202069995917639715
.w55c.net/	1970-01-20 19:21:02	Name: wfivefivec Value: UvyZlS8x1PvrFe5
.travelaudience.com/	1970-01-20 19:21:02	Name: _tracker Value: %7B%22UUID%22%3A%22522A9D78-4B91-484B-B70F-588F7C87BD90%22%7D
.casalemedia.com/	1970-01-20 18:39:16	Name: CMID Value: Y-hagKOMubkFQPGA4I22KgAA
.casalemedia.com/	1970-01-20 12:03:16	Name: CMPS Value: 5148
.casalemedia.com/	1970-01-20 12:03:16	Name: CMPRO Value: 5148
.adform.net/	1970-01-20 10:33:59	Name: C Value: 1
ads.travelaudience.com/	1970-01-20 19:21:02	Name: _tracker Value: %7B%22UUID%22%3A%22522A9D78-4B91-484B-B70F-588F7C87BD90%22%7D
.mathtag.com/	1970-01-20 19:19:35	Name: uuid Value: 38cf63f8-5a80-4100-9c69-24f51fcbfe7d
.mathtag.com/	1970-01-20 10:36:52	Name: mt_mop Value: 4:1677220480
.w55c.net/	1970-01-20 10:36:52	Name: matchgoogle Value: 5
.turn.com/	1970-01-20 14:12:52	Name: uid Value: 3939505153866406697
.1rx.io/	1970-01-20 18:39:16	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-54f6fe38-0cde-40a2-85a9-82c705832ccb-003%22%7D
.yahoo.com/	1970-01-20 18:39:38	Name: A3 Value: d=AQABBIBa-GMCEMhhP4EkNQebGWLq4PUL3PcFEgEBAQGs-WMCZAAAAAAA_eMAAA&S=AQAAAom6XMMX73YgSpfgyNXQQmM
.ctnsnet.com/	1970-01-20 18:39:16	Name: gid_CAESECC3KwkkJ2tHSNIjr06OZi0 Value: 1
.ctnsnet.com/	1970-01-20 18:39:16	Name: cid_3d6ab0e176b1463ebb983a0f6b4f9704 Value: 1
.bidswitch.net/	1970-01-20 18:39:16	Name: c Value: 1677220480
.bidswitch.net/	1970-01-20 18:39:16	Name: tuuid Value: a1615622-6c2c-43d1-b5cb-cf700940d55a
.lijit.com/	1970-01-20 18:39:16	Name: ljt_reader Value: GNXKrGZHqP8NGS8zS2CKDJ-b
.adfarm1.adition.com/	1970-01-20 12:03:16	Name: UserID1 Value: 7203607109802850445
.doubleclick.net/	1970-01-20 09:53:44	Name: DSID Value: NO_DATA
.adform.net/	1970-01-20 11:20:04	Name: uid Value: 8719825552642837776
.innovid.com/	1970-01-20 12:03:16	Name: uuid Value: 00d5cb52-a00d-49ff-a15a-5eb7465c6004-20230224 01:34:40
.simpli.fi/	1970-01-20 18:40:42	Name: suid Value: 92B3FC199DBE4B5C9CC9C79B374EDEA4
.targeting.unrulymedia.com/	1970-01-20 18:39:16	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-54f6fe38-0cde-40a2-85a9-82c705832ccb-003%22%7D
.bidswitch.net/	1970-01-20 18:39:16	Name: tuuid_lu Value: 1677220481
ads.avct.cloud/	1970-01-20 18:39:16	Name: uuid Value: 1ecebcc2-88f6-4a7b-9b38-d5ad64ea8eb0
.tribalfusion.com/	1970-01-20 12:03:16	Name: ANON_ID Value: aVnseFpyXahbqiVREF6udISg7YteEptf92uGywfcZcirxrFvAZa2XcOWYKZbf6mtqkmePvNuJUFUS1KF9OxcoQF

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDcM1Sj4QaD3Lyhn8vVPBtM&google_cver=1&google_push=Aa02lx8itAhVfEtOCvUTKwHzAsOUijUI0Qf_sfBJII_bStDhU-v9QA4arxVOBImtu0zF83POjP77rdCR03s2eqQdVWtZT30Avv-icSPs Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.avct.cloud
ads.travelaudience.com
adservice.google.com
adservice.google.de
ag.innovid.com
aliexpress-lafa.ru
ap.lijit.com
c1.adform.net
chinas-lafa.ru
cm.g.doubleclick.net
csi.gstatic.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
rtb.openx.net
s.tribalfusion.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.doubleclick.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.aliexpress-lafa.ru
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
googlecm.hit.gemius.pl
104.111.217.42
104.18.25.185
13.248.245.213
142.250.201.194
185.29.134.248
185.4.64.72
185.86.139.101
2001:678:cb4:bbbb::11
213.19.147.45
216.52.2.16
2606:4700::6812:19ad
2607:f8b0:400b:802::2003
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80d::2004
2a00:1450:400d:80d::200a
2a00:1450:400d:80e::2002
2a02:6b8::1:119
2a02:fa8:8806:12::1400
2a05:d018:d29:3602:81a6:56d8:c5db:8c4d
2a05:d01c:1d8:8101:bf42:41f0:18cb:f8e
3.127.132.6
3.33.220.150
34.160.236.64
35.186.193.173
35.186.253.211
35.190.0.66
35.204.158.49
37.157.5.142
45.130.41.10
52.58.18.234
54.170.158.38
69.173.144.138
85.114.159.118
98.98.134.242
025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4
052896930d987cb9c366d2fadbd2e8744cf4d5939d2e947f2047fdb64aabf620
0b64deaed20cb7b592fc5d2b455251529dedf04e333d5d5bdc127d352b4e8b19
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3d4b722d656d586368bd9a6de018374b9b4db64500f7572f1873266583d447
0cc98d8e92a98749ce2cc2ecfd5cba57cdffa8e04048f66785646ddd3a2d6f75
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0e01cb2c163c8cca3deba719e4e5620244fd231cb641a2f6fb787e2201c91f9e
10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10
16d565730c530c7fee5d86cc219eee5e8e79cfd5fdeabdd5b677df0e2583805c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
181ce09bcf6bb9ed9834039cf1b36ff310d524229ef2ef02206dd0bbe3f827ba
18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526
18d776fb6668d0ef688694a98545815994f4308db2cd10a7ea1649de0dc28f35
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
1fe224a662fd4befb593ee367d9c46a54af297cf5c6419fe3a8eac5e1607922a
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
24f4be3fa933a84ee7ac1a104ae0129dffd2fa250e53e5d583af8dacbdf03414
27f34c324b28a59932214c2b2c999b9492987a892c2abfadded8b80113f2428e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b47ce393ee927d93c3f2f7294f5b467e8662cba5c61e98f91761b96764b3c9c
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
2d6b8ecb2f70ad50610c2956c63e8b068d64b18b39ab2d3736fa5a81c8a2cac9
307a4591edefbe1dc23df1c2e891454e4e908b771d881f6cc3e19c54942bf575
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3297c3e4b6a9930ef832ff00abdcf89d74fbbb14e886541bcdbee2a721ecda46
39f8043ade55658b1ea29a4590efff9e241767f44e6897c06a74d7a4c9927e5e
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3ddf90d6f5bc7849f1b0840de0475a0506924a1c770f325934f5ea8a87e270a7
3deda25f1d4dacb2dcb6291e32e305b3390f6225a657f45ce798101dcfcb9865
4088c4396769f8eda76e6f28917417d031b5d62da99e90135de61cefa16dfafa
40c18132003b04630288fdd1e0ac1dd52032f4d25a4abc084a8d77c5bae2be15
415fc936b40c1d88bd62cf215a99494b6b53e637c893bafa9dddaf00af1ac08d
43f9c247438df69c6c2bc91f8267dde1862558c1032a04148838e324fb42f7e1
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48209aa618644e1312801bc5c9e72b92712d84357106e33420cde02239b6e04e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4a25eb6972f4a513da7ead5d8c0f74832ed42b1ae5e1f13ed3ea36f0865a59c9
4ae732203f63d8eec2a0f935869470b71b5644926c8d13d898ec7dd109918dc4
4ba56e2af3a3cfc4a267c21e8b77e1e6f5d34b3c663be871eb8b1dd9d4094607
4bd38caa52895c7f1edccb2fb7d6961b0ed5b3d8b76a84772cf50b8f1ade358c
4d548bf2f7211cca05cbaafb6dd37166f432b209e477f744b6a87cdef6dda751
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7bc266de02bed8688ac49dd75942c6dde057d6e18e2d042d8f269d6485721b
5324df7294efd98371423ecae3f9e1575a8ed8b2dc4a36840eee6d4d222f789b
540c1e5a5531635bb49a761947ce74122c931574934b66ec653b992b48d8d032
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58fad70c6f1cbf5134f2fb9e9ae1e0f7b5eb7dd27895f22e0e6cf61574f968cd
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
680382ba4a666b07a80a8cb7b953778b10434cf8445f9584bd67e7265843b069
68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4
68d17341a90b4af7400a9096afe504bf2d21bf378c5f3e594436dbba105afe84
6a6d1f046fd17e77a67224a08442170394ed8508f4bccd6a684269957167b76d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b67b2995f11a31d6c53e0b447c49c7db7e40a771a18eadeb8f8f5720fa78327
700c8bd73d93522ca53cdc35e2a71e96caf7c344bc7a8391f3af90c10b917033
76ae9cfefc587779be483adfc76d0d3406e5bcef31c2005dac224bd5e1079841
7743f39ddc516c5d0540ce147ac3ba086974ec1dda39ef4fbb87b3a7915fb021
780d7ba204df4bf6e7eeac03ffd0c7520ee2113aa39fdd521f03c4909f8ff200
798b29407614413f2456386987e82e4f090d486596674d35e7f163beb9102935
7b82224c466db6d3255c733ca3f7d4fd02ececc7779cf0831b2f4b53986b5e57
7be2fc598e2bb1478e0800c4af94de1811ce909e79b9ef67324b51843073aafb
8075abef2c79145d62d3e523e226d17743dc22249a89e616e22a5ee176f5e978
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
836cb4944060809bb3f884d997618fb770646deef2344405a9e0a9db78c921cf
8d2cd43feb045f215d374801b4fc81ed8724dc49ca9d5a3acbc71dd3ad8ffb16
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d75cec9493deeb296a86d9bc07b177b53d5ddc829b40e5601e631eab2735dd5
909dac5e5edabf55e2ed41ed1095d57f62f4fe858bff92aabefa428f66c7a7c2
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858
96ab8cc4f3a7cd925e86b72b10530fc8c427bd053c1a1c858f08d53bc346f592
986c8a6074a6717f62e027cb56a312c44b713d8d2b1d6e8572ba093b790ea3ab
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d39e3d1c883db700cde4683fe976e57e4cdf32f3829f2e1d3b65db83b6ae0b
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8e4b94a3311119c4d0e393f404bd063d03bd8e39f6b0266fc63fbbe63d088b
9cab18dfde5e759ec0150d15909fed33098e3998dbdb6c6c3f2e680eaf42a236
9ce833bc46f70606effbdcbe468c005d00d546f0b51e5fc5c6b2089ba3fed3ae
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a10283381ca468005bdfb498c8ee591c121f8b64a93eade5fdb762ca2ad8bd80
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a72972ba5538156db48b6714082da0291d6098067f3d652ca9cc5dcd4ca3485f
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a980b0b6b4b4f9cfdb443b03cc7d00e2a9ace7bbbb5c3d1bbd1064ec80339a59
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bb634caf818dca49be8d3dc845f77ddd0b9b7871f3d3184a0e9a110bb45b8e9f
bcc94568b8a61838dece8e2d53937032423a6a2114fc6cb1204237bb982754d3
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c1a57b8f005951736ca059f93603c2cd056ac28e3b1b1224ddb0c81b8eebfd7d
c27af179861d6270eaafc74f148fde6f47b849331186aa9b8d270a4b3ff638f6
c3f6f509fc0efb4969dea2aa47f4f40fbd1e4b6f0d374fb0bfdbf8c1cc3e18ea
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d0f01328cdf0537c6948fee3df7a58a6b9c090548d54ce3e351abc338531bdba
d1d3bda3abb4a198ac62f317ba910adede1affc22020165d7f2919a46f6c481f
d2c52a5a147e63e95afb2e063a0af8dc27e920bb027b2b8b1ffe1867bc8fb5b3
d4a5d9ad906e779edc85421af1d0dfda136d748a4cc3363b045cf6e097af7fcc
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da47d29db2f58ef01756e137cfc5ed46607546b02f7bd903ea5febd389d5f23c
ddf559016e28457565a4dee9108615bda3146b36aa6454b036d68f38038e13ee
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1259e384f61c72a215e1c9b25c3cbc9d42d98c7ac4cb2fb290fc34ab6cc58bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b0d87462a59946820841adae9cec0059604e2d6864b91639861a8fa6081224
ea488b4ce9e192ce45a4da3bccae3141a3b7ded30dccc39c09923c3b0dbf6105
eded262e09382cfeea00c85a3c7275601aefe6f5ed388acd844f6eaae755c424
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4bf6742a3b2dbbbbbb39be2ce47b2940ae05774099b714911e2d57f5dba857e
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6dd8c1e8f65e0bca37136a958d6149fc72c51458bd36e1a4410f978a5e629dd
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

chinas-lafa.ru Open in urlscan Pro 185.4.64.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

258 Requests

86 %HTTPS

47 %IPv6

39 Domains

49 Subdomains

28 IPs

10 Countries

2793 kBTransfer

6817 kBSize

44 Cookies

1 Outgoing links

Page URL History

Redirected requests

258 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 22 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

chinas-lafa.ru Open in urlscan Pro
185.4.64.72 Public Scan

Screenshot
Live screenshot

Full Image

258
Requests

86 %
HTTPS

47 %
IPv6

39
Domains

49
Subdomains

28
IPs

10
Countries

2793 kB
Transfer

6817 kB
Size

44
Cookies

258 HTTP transactions
22 data transactions