xn--e1alhsoq4c.xn--p1ai Open in urlscan Pro Puny
шляхтен.рф IDN
2606:4700:3030::ac43:d6f1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xn--e1alhsoq4c.xn--p1ai/
Effective URL:
https://xn--e1alhsoq4c.xn--p1ai/
Submission: On May 25 via manual (May 25th 2022, 9:09:20 am UTC) from US — Scanned from DE

Summary HTTP 210 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 49 IPs in 9 countries across 58 domains to perform 210 HTTP transactions. The main IP is 2606:4700:3030::ac43:d6f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is xn--e1alhsoq4c.xn--p1ai.
TLS certificate: Issued by E1 on May 9th 2022. Valid for: 3 months.

This is the only time xn--e1alhsoq4c.xn--p1ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700:303... 2606:4700:3030::ac43:d6f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:20:... 2606:4700:20::681a:125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	95.181.171.233 95.181.171.233	50214 (QWARTA) (QWARTA)
37	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2 36	46.4.121.26 46.4.121.26	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 3	157.90.179.219 157.90.179.219	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2 4	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
2 2	193.232.150.43 193.232.150.43	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.50 195.209.108.50	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:303... 2606:4700:3032::6815:3b42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	194.190.117.94 194.190.117.94	204600 (REPUBLER-AS) (REPUBLER-AS)
3 5	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3 3	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.103.16 37.18.103.16	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.144 185.15.175.144	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	195.201.57.28 195.201.57.28	24940 (HETZNER-AS) (HETZNER-AS)
2 2	78.46.16.13 78.46.16.13	24940 (HETZNER-AS) (HETZNER-AS)
1 1	148.251.129.43 148.251.129.43	24940 (HETZNER-AS) (HETZNER-AS)
2 6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.36 109.248.237.36	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1 2	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
1 1	46.243.142.239 46.243.142.239	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	5.200.50.170 5.200.50.170	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
4 4	217.66.147.164 217.66.147.164	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 5	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	138.201.34.238 138.201.34.238	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.108.1.48 65.108.1.48	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2 2	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
2 2	142.132.209.138 142.132.209.138	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.111.107.44 23.111.107.44	7979 (SERVERS-COM) (SERVERS-COM)
1	176.99.7.123 176.99.7.123	49352 (LOGOL-AS) (LOGOL-AS)
5	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	176.99.6.56 176.99.6.56	49352 (LOGOL-AS) (LOGOL-AS)
1	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	185.60.135.47 185.60.135.47	29182 (RU-JSCIOT) (RU-JSCIOT)
1	45.67.59.5 45.67.59.5	198610 (BEGET-AS) (BEGET-AS)
2 4	185.15.175.174 185.15.175.174	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4003:80c::2003	15169 (GOOGLE) (GOOGLE)
1	45.67.59.2 45.67.59.2	198610 (BEGET-AS) (BEGET-AS)
2	45.141.77.113 45.141.77.113	198610 (BEGET-AS) (BEGET-AS)
210	49

14 2606:4700:3030::ac43:d6f1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xn--e1alhsoq4c.xn--p1ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:125 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.socialblade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.181.171.233 (Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv233.qwarta.ru

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 46.4.121.26 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.90.179.219 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1407627.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.43 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.50 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:3b42 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.94 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.172.81.160 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.158 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.16 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.144 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.57.28 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.57.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.16.13 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-2.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.129.43 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-23.community.moscow

4d69d3da-f56a-4587-970d-5ffc9eb38b56.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.36 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.148.229 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.142.239 (Ukraine) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.50.170 (Dzerzhinskiy, Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007f39f28d621d0b870602d2f650-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.164 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-164-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.34.238 (Nagold, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.34.201.138.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.48 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.48.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.132.209.138 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.138.209.132.142.clients.your-server.de

dmp.gotechnology.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN7979 (SERVERS-COM, US)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.99.7.123 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d40665.acod.regrucolo.ru

co9.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.99.6.56 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: ops11.ad4tech.net

tg.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.60.135.47 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: sedalnikovigorvas2.example.com

vastroll.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.67.59.5 (Russian Federation)

ASN198610 (BEGET-AS, RU)

xml.mpsuadv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.174 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4003:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.67.59.2 (Russian Federation)

ASN198610 (BEGET-AS, RU)

mpsuadv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.141.77.113 (Russian Federation)

ASN198610 (BEGET-AS, RU)

s2.mpsuadv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	638 KB
36	acint.net 2 redirects www.acint.net — Cisco Umbrella Rank: 35908 acint.net — Cisco Umbrella Rank: 27750	20 KB
23	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 stats.g.doubleclick.net — Cisco Umbrella Rank: 92	150 KB
14	wp.com c0.wp.com — Cisco Umbrella Rank: 6951 stats.wp.com — Cisco Umbrella Rank: 2770 pixel.wp.com — Cisco Umbrella Rank: 2592	100 KB
14	1 redirects function sub() { [native code] }.	624 KB
9	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	2 KB
7	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 407 fonts.googleapis.com — Cisco Umbrella Rank: 46	765 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9163	4 KB
7	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3290 an.yandex.ru — Cisco Umbrella Rank: 2598	51 KB
6	mts.ru 6 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 30053 tech.rtb.mts.ru — Cisco Umbrella Rank: 30616	4 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 88155 dmg.digitaltarget.ru — Cisco Umbrella Rank: 24029	22 KB
5	bumlam.com 3 redirects sync.bumlam.com — Cisco Umbrella Rank: 3548	3 KB
5	sape.ru 1 redirects cdn-rtb.sape.ru — Cisco Umbrella Rank: 71271 ssp-rtb.sape.ru — Cisco Umbrella Rank: 37604	238 KB
4	mpsuadv.ru xml.mpsuadv.ru — Cisco Umbrella Rank: 472658 mpsuadv.ru — Cisco Umbrella Rank: 251285 s2.mpsuadv.ru — Cisco Umbrella Rank: 510203 v5.mpsuadv.ru Failed	47 KB
4	gstatic.com www.gstatic.com csi.gstatic.com	14 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	167 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
4	rktch.com 1 redirects ut.rktch.com — Cisco Umbrella Rank: 61451 co9.rktch.com — Cisco Umbrella Rank: 562762 tg.rktch.com — Cisco Umbrella Rank: 486784	4 KB
4	adriver.ru 2 redirects ad.adriver.ru — Cisco Umbrella Rank: 21572 ssp.adriver.ru — Cisco Umbrella Rank: 12427	2 KB
4	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1895	5 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 7678	1 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 32758 4d69d3da-f56a-4587-970d-5ffc9eb38b56.sync.upravel.com	2 KB
3	adsniper.ru 3 redirects sync3.adsniper.ru — Cisco Umbrella Rank: 13500	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 612	1 KB
2	gotechnology.io 2 redirects dmp.gotechnology.io — Cisco Umbrella Rank: 59501	589 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 14336	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10010	509 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12068	814 B
2	republer.com 2 redirects sync.republer.com — Cisco Umbrella Rank: 56363	953 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 11290	826 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	101 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 354	460 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1524	351 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 947	356 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1128	464 B
1	vastroll.ru vastroll.ru — Cisco Umbrella Rank: 332828	524 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	17 KB
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 123023	753 B
1	gnezdo.ru fcgi4.gnezdo.ru — Cisco Umbrella Rank: 74298	189 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 32060	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 30260	454 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 3790	208 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 20856	176 B
1	beeline.ru 1 redirects 0100007f39f28d621d0b870602d2f650-sp.ops.beeline.ru	635 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 54501	162 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 179544	411 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 77027	304 B
1	adlmerge.com adlmerge.com — Cisco Umbrella Rank: 142612	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru — Cisco Umbrella Rank: 209240	108 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 15446	69 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 25700	238 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 53094	857 B
1	mail.ru ad.mail.ru — Cisco Umbrella Rank: 10140	764 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	652 B
1	socialblade.com widget.socialblade.com
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	advarkads.com Failed s3.advarkads.com Failed
210	58

	Domain	Requested by
32	www.acint.net	2 redirects cdn-rtb.sape.ru www.acint.net
27	tpc.googlesyndication.com	pagead2.googlesyndication.com xn--e1alhsoq4c.xn--p1ai googleads.g.doubleclick.net tpc.googlesyndication.com
18	pagead2.googlesyndication.com	xn--e1alhsoq4c.xn--p1ai pagead2.googlesyndication.com srcdoc tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com xn--e1alhsoq4c.xn--p1ai googleads.g.doubleclick.net www.googletagservices.com
14	xn--e1alhsoq4c.xn--p1ai	1 redirects xn--e1alhsoq4c.xn--p1ai
12	c0.wp.com	xn--e1alhsoq4c.xn--p1ai
7	mc.yandex.com	3 redirects
6	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
5	www.google.com	3 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
5	imasdk.googleapis.com	cdn-rtb.sape.ru imasdk.googleapis.com
5	an.yandex.ru	1 redirects www.acint.net
5	sync.bumlam.com	3 redirects www.acint.net
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	sm.rtb.mts.ru	4 redirects
4	acint.net	www.acint.net
4	ads.betweendigital.com	2 redirects www.acint.net cdn-rtb.sape.ru
4	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
4	adservice.google.de	pagead2.googlesyndication.com imasdk.googleapis.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	sync3.adsniper.ru	3 redirects
3	ssp-rtb.sape.ru	1 redirects cdn-rtb.sape.ru
2	s2.mpsuadv.ru	mpsuadv.ru
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	dmp.gotechnology.io	2 redirects
2	x01.aidata.io	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	sync.1dmp.io	1 redirects www.acint.net
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	www.googletagmanager.com	www.acint.net www.googletagmanager.com
2	mc.yandex.ru	1 redirects xn--e1alhsoq4c.xn--p1ai
2	cdn-rtb.sape.ru	xn--e1alhsoq4c.xn--p1ai cdn-rtb.sape.ru
1	mpsuadv.ru	imasdk.googleapis.com
1	csi.gstatic.com	imasdk.googleapis.com
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	xml.mpsuadv.ru	cdn-rtb.sape.ru
1	vastroll.ru	cdn-rtb.sape.ru
1	stats.g.doubleclick.net	www.google-analytics.com
1	s0.2mdn.net	imasdk.googleapis.com
1	tg.rktch.com	co9.rktch.com
1	co9.rktch.com	cdn-rtb.sape.ru
1	cs.agency2.ru	1 redirects
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	0100007f39f28d621d0b870602d2f650-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	4d69d3da-f56a-4587-970d-5ffc9eb38b56.sync.upravel.com	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com
1	stats.wp.com	xn--e1alhsoq4c.xn--p1ai
1	widget.socialblade.com	xn--e1alhsoq4c.xn--p1ai
0	v5.mpsuadv.ru Failed	mpsuadv.ru
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	s3.advarkads.com Failed	www.acint.net
210	78

This site contains links to these domains. Also see Links.

Domain
project-shlyahten.c9.io
xn--h1adldfi.xn--e1alhsoq4c.xn--p1ai
www.youtube.com
xn--j1ac0b1a.xn--e1alhsoq4c.xn--p1ai
freebitco.in
t.me
archive.org
shlyahten.ru
pro-vzl.ru
ru.wordpress.org
rtb.sape.ru

Subject Issuer	Validity	Valid
*.xn--e1alhsoq4c.xn--p1ai E1	`2022-05-09` - `2022-08-07`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.socialblade.com E1	`2022-05-14` - `2022-08-12`	3 months	crt.sh
*.sape.ru R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.acint.net R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2022-05-11` - `2022-08-09`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
new-programmatic.com R3	`2022-04-20` - `2022-07-19`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
co9.rktch.com R3	`2022-04-03` - `2022-07-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tg.rktch.com R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
vastroll.ru Sectigo RSA Domain Validation Secure Server CA	`2021-05-06` - `2022-06-06`	a year	crt.sh
xml.mpsuadv.ru R3	`2022-04-11` - `2022-07-10`	3 months	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
mpsuadv.ru R3	`2022-04-11` - `2022-07-10`	3 months	crt.sh
s2.mpsuadv.ru R3	`2022-04-28` - `2022-07-27`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://xn--e1alhsoq4c.xn--p1ai/
Frame ID: ADC8CC02B41459B4DE267B03108207E1
Requests: 86 HTTP requests in this frame

Frame: https://widget.socialblade.com/widget.php?u=Shlyahten
Frame ID: E980C36764721E0BFB283EA6D46BE71F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: A213F47EA14EDD81A406D7DE5AA8A837
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14&tc=1
Frame ID: 0C5A91B032396C3ADB766738CB332647
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=250&slotname=6027571092&adk=2114169559&adf=3282234639&pi=t.ma~as.6027571092&w=306&fwrn=4&fwrnh=100&lmt=1653469753&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469753421&bpp=3&bdt=579&idt=241&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&correlator=7884474037610&frm=20&pv=2&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=924&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=DD5qtQQYAk&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=295
Frame ID: 373B955BA7460D5C82C438C7A258D333
Requests: 1 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F39F28D621D0B870602D2F650
Frame ID: 588212F376E9D447F2D292488686E2E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&adk=1812271804&adf=3025194257&lmt=1653469753&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469753601&bpp=1&bdt=759&idt=144&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=306x250&nras=1&correlator=7884474037610&frm=20&pv=1&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=155
Frame ID: F7E96690907D63F60185A45E5C7A9340
Requests: 1 HTTP requests in this frame

Frame: https://co9.rktch.com/static/rb.js
Frame ID: 762D3FE7B2A50571DC762F210762DC90
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18201476576411802981/index.html
Frame ID: 7C292BCE35AFE65ABBFC703768DD309D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CuwuAOfKNYoWdLsWA9u8PxJuImAK81Zbxac7247DmD5CStfKgMBABIJCfuB9glYKAgJgHoAHF6pm5AsgBCakC_h1BSzj2sT6oAwHIA0iqBOEBT9CjEv78YlmpzX07Hd2SYq536LHrr96oy2r9reOC9xd_hq8RljoO-narfbfPXQZ-gWHYC3gkJKqeZrFkTqTzeaR_06lNa3I4gt9u-c9XIFSDWy_81BZdyOhfueFHTDXBZBkCmEVd0hOOvxH9BjYpPrDIDyc5l8Gj3C_WQLHYzeJn925eXF-8m6ZQ2mwGZs86MWgJ_kBXFV6o8RLCLjtN8uEiLaXKDySnyolqwXh2XjfMO9zr6AiQIDE7bf71j9kZcRIssVqG-hNNUNhbUCQGoYvTIT7BCPOyYtm9dqhDuhvpwATiuOXGgASgBi6AB6OV5sYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ6aQJ0ggJCIDhgBAQARgfgAoByAsB2BMDiBQB0BUBmBYBgBcBshccChoIABIUcHViLTkyNDg4MTEwMzM4MTgwODUYAA&sigh=e2cviv3Tc3c&uach_m=[UACH]&template_id=419
Frame ID: 0DCCB77EE31EB1EF485D5F287B524877
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8F56645AC286F3555225CE1E2F7E7686
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F49AD5623B970FF8813DD041AE44734B
Requests: 2 HTTP requests in this frame

Frame: https://tg.rktch.com/v0?i=11679&p=1&vw=240&vh=400&sw=1600&sh=1200&rk=yyfshL&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&siteid=161585051
Frame ID: F120633C880ACD27853B0528178E2C0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6DCC2E9E84A9C41AB99AFCA795D57CC4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_ru.html
Frame ID: 7E792AB193D2A8D49EA0003ABBA90F98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=600&adk=3015462051&adf=743281947&pi=t.aa~a.3923573800~rp.4&w=162&fwrn=4&fwrnh=100&lmt=1653469754&rafmt=1&to=qs&pwprc=7718992974&psa=0&format=162x600&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469754310&bpp=1&bdt=1468&idt=0&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f9194f15ccbf34a-2297234e9dcd0086%3AT%3D1653469753%3ART%3D1653469753%3AS%3DALNI_Ma1EZIA-djjub2utPGa7WqKJ2YxKA&prev_fmts=306x250%2C0x0&nras=2&correlator=7884474037610&frm=20&pv=1&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=DikEznxgB5&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=17
Frame ID: 26DD70B02164D51A7FADFE72A6C97FA9
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 12D45C90AE05B8D1D8B48D0B85DCFA4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3141A217C64F94A3EF9796093C17DA46
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3ABA939946D7EED643A46BC7BA8E25B0
Requests: 8 HTTP requests in this frame

Frame: https://cdn-rtb.sape.ru/js/prebid/prebid-between-5.19.0.js
Frame ID: 1605CD50BC7A1DBEE149AC85566359CB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0AFF9ADA9A3E9A3AAD74E11294B6205B
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0C811E6FDCF25705B0F440E3814042D4
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js
Frame ID: 99CD10119BBBD50358625BF989C1A1CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D3854D7D314B3E6F92753BC06B2BD393
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 30CF4B19BB22EC7788F69751BD7207DB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js
Frame ID: 656191658E963E19EAEF89ACA5FC60DA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_ru.html
Frame ID: E08D81637ACD805C8B33E251280ED6F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DB282561A3B94BF70B5BD3B33A39453A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_ru.html
Frame ID: 80F0C75308505551303A32ADCB3B148B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B46E58C99918EB321D8F7BCFDBD2FEAE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 9E451F203B9E5178DAE00214C6BABCFB
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js
Frame ID: 9D976E6D4526F7766EA6C68B9FC3B254
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rubilnik блог - Информационная безопасность

Page URL History Show full URLs

http://xn--e1alhsoq4c.xn--p1ai/ HTTP 301
https://xn--e1alhsoq4c.xn--p1ai/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

210
Requests

81 %
HTTPS

30 %
IPv6

58
Domains

78
Subdomains

49
IPs

9
Countries

3002 kB
Transfer

7152 kB
Size

95
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://project-shlyahten.c9.io/
Title: Shlyahten Projects List

Search URL Search Domain Scan URL

URL: http://xn--h1adldfi.xn--e1alhsoq4c.xn--p1ai/
Title: Прокси

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Rubi1nik
Title: YouTube

Search URL Search Domain Scan URL

URL: http://xn--j1ac0b1a.xn--e1alhsoq4c.xn--p1ai/
Title: Steam раздача

Search URL Search Domain Scan URL

URL: https://freebitco.in/?r=549216
Title: freebitco.in

Search URL Search Domain Scan URL

URL: https://t.me/webpwn
Title: https://t.me/webpwn

Search URL Search Domain Scan URL

URL: https://archive.org/download/ADULTFRIENDFINDERLEAKEDFILES
Title: ссылка

Search URL Search Domain Scan URL

URL: http://shlyahten.ru/rss.xml

Search URL Search Domain Scan URL

URL: https://shlyahten.ru/
Title: Shlyahten.ру (Шляхтен)

Search URL Search Domain Scan URL

URL: https://shlyahten.ru/827-metasploit-for-android-termux-emulator.html
Title: Metasploit for android (Termux Emulator)

Search URL Search Domain Scan URL

URL: https://shlyahten.ru/824-10-luchshih-hakerskih-prilozhenij-na-android.html
Title: 10 лучших хакерских приложений на Android

Search URL Search Domain Scan URL

URL: https://shlyahten.ru/823-kak-udalit-neudaljaemye-prilozhenija-so-smartfona.html
Title: Как удалить «неудаляемые» приложения со смартфона

Search URL Search Domain Scan URL

URL: https://shlyahten.ru/822-besplatnyj-internet-tls-tunnel.html
Title: Бесплатный интернет TLS Tunnel

Search URL Search Domain Scan URL

URL: https://shlyahten.ru/821-kak-opredelit-nadezhnyy-antivirus-dlya-android-esli-u-vas-malo-znaniy-o-kompyuternoy-bezopasnosti.html
Title: Как определить надежный антивирус для Андроид если у вас мало знаний о компьютерной безопасности?

Search URL Search Domain Scan URL

URL: https://shlyahten.ru/819-zapuskaem-prilozheniya-dlya-windows-na-android-ustroystvah.html
Title: Запускаем приложения для Windows на Android устройствах

Search URL Search Domain Scan URL

URL: http://pro-vzl.ru/
Title: WWW.PRO-VZL.RU - ЗАКАЖИ ТУТ!

Search URL Search Domain Scan URL

URL: https://ru.wordpress.org/
Title: Сайт работает на WordPress

Search URL Search Domain Scan URL

URL: https://rtb.sape.ru/?utm_source=adsbyrtbsape&utm_medium=banner&utm_campaign=overlay
Title: Реклама от RtbSape

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xn--e1alhsoq4c.xn--p1ai/ HTTP 301
https://xn--e1alhsoq4c.xn--p1ai/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.acint.net/mc/?dp=14 HTTP 302
https://www.acint.net/mc/?dp=14&tc=1

Request Chain 49

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F39F28D621D0B870602D2F650 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F39F28D621D0B870602D2F650&crf=1

Request Chain 50

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007F39F28D6213000FB4028B4A08

Request Chain 51

https://px.adhigh.net/p/cm/sape?u=0100007F39F28D621D0B870602D2F650 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F39F28D621D0B870602D2F650&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=7nE3yyQ59t3.AikABlGA-no0Ow

Request Chain 53

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6031857405 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AyQqsTyMAdjmxcjWtFFMlEw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F39F28D621D0B870602D2F650

Request Chain 55

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=b4307617-68b2-4368-8bd6-5890e071b323 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi65LeUBlIEioaQK2IkYjQzMDc2MTctNjhiMi00MzY4LThiZDYtNTg5MGUwNzFiMzIz HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi65LeUBlIEioaQK2IkYjQzMDc2MTctNjhiMi00MzY4LThiZDYtNTg5MGUwNzFiMzIzogEQWSm0RNwKEeyEPQAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABi65LeUBmIkYjQzMDc2MTctNjhiMi00MzY4LThiZDYtNTg5MGUwNzFiMzIzogEQWSm0RNwKEeyEPQAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARi65LeUBmIkYjQzMDc2MTctNjhiMi00MzY4LThiZDYtNTg5MGUwNzFiMzIzogEQWSm0RNwKEeyEPQAlkMgkNw**

Request Chain 59

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://4d69d3da-f56a-4587-970d-5ffc9eb38b56.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP 302
https://www.acint.net/match?dp=71&euid=4d69d3da-f56a-4587-970d-5ffc9eb38b56

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfznyjWIdC4cGAtL2UA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfznyjWIdC4cGAtL2UA&google_tc= HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 61

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F39F28D621D0B870602D2F650 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F39F28D621D0B870602D2F650

Request Chain 63

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=DZMHJSQR

Request Chain 64

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F39F28D621D0B870602D2F650 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F39F28D621D0B870602D2F650&cs=1

Request Chain 65

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=jts39tVTOheL

Request Chain 66

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=9bb97225-ea70-5291-bea4-42a9dc29b090

Request Chain 67

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=d67470faaed64a90a1b44c27c2fcdd5e

Request Chain 68

https://0100007f39f28d621d0b870602d2f650-sp.ops.beeline.ru/p?ssp=sp&id=0100007F39F28D621D0B870602D2F650 HTTP 301
https://www.acint.net/match?dp=111&euid=c41792bf-7086-48cf-b1e8-b9c09bd1a213

Request Chain 69

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F39F28D621D0B870602D2F650 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1957214120 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=jfCWy7ejU4YGyZxQKDShz.&noredirect

Request Chain 70

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F39F28D621D0B870602D2F650 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F39F28D621D0B870602D2F650 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=153094f0-cd38-4a9a-947b-5e44d8915625&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FFTCU8M04SpqUe15E2JFWJQ%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D0%26sign%3D2478747470 HTTP 302
https://an.yandex.ru/setud/mts_banner/FTCU8M04SpqUe15E2JFWJQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=2478747470

Request Chain 71

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=51b8b2ac-b261-45d1-4075-cc78f2414a7c

Request Chain 72

https://s.uuidksinc.net/match/396/?remote_uid=0100007F39F28D621D0B870602D2F650 HTTP 302
https://www.acint.net/match?dp=127&euid=3KZqskh7edz67hzV9KWL

Request Chain 73

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=ntzacyhov2

Request Chain 76

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F39F28D621D0B870602D2F650 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F39F28D621D0B870602D2F650&bounce=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=aidata&id=t7Gm0LdPH2mPLI%2BwlTufQA HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=51&exu=t7Gm0LdPH2mPLI%2BwlTufQA HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=153094f0-cd38-4a9a-947b-5e44d8915625&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FFTCU8M04SpqUe15E2JFWJQ%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D0%2526exu%253Dt7Gm0LdPH2mPLI%25252BwlTufQA%26sign%3D1029155837 HTTP 302
https://an.yandex.ru/setud/mts_banner/FTCU8M04SpqUe15E2JFWJQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3Dt7Gm0LdPH2mPLI%252BwlTufQA&sign=1029155837

Request Chain 77

https://dmp.gotechnology.io/match/sape?id=0100007F39F28D621D0B870602D2F650 HTTP 302
https://dmp.gotechnology.io/match/sape?id=0100007F39F28D621D0B870602D2F650&chk=1 HTTP 302
https://an.yandex.ru/mapuid/gonetdspis/NGJkY2VjNTRmMjU3OTI5Ng

Request Chain 78

https://sync.bumlam.com/?src=sap1&uid=0100007F39F28D621D0B870602D2F650 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi65LeUBlIFrbKc-w9iIDAxMDAwMDdGMzlGMjhENjIxRDBCODcwNjAyRDJGNjUw HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQABi65LeUBmIgMDEwMDAwN0YzOUYyOEQ2MjFEMEI4NzA2MDJEMkY2NTCiARBZKbRE3AoR7IQ9ACWQyCQ3

Request Chain 79

https://an.yandex.ru/mapuid/sapeis/0100007F39F28D621D0B870602D2F650 HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007F39F28D621D0B870602D2F650?redir-setuniq=1

Request Chain 80

https://cs.agency2.ru/p?ssp=sp&uid=0100007F39F28D621D0B870602D2F650 HTTP 301
https://www.acint.net/match?dp=186&euid=85ebeebe-35d4-43b4-a6a4-f1077f3f445c

Request Chain 91

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9649.DQ3qCg_fHP_JBiCT9i-IzlA5uP6OxbSvrp8L6jI3HiCv2NzrdG-wWowqeBDXJdQa.bm50NOIUYCJ47MJvaUa7EURn6QE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9649.SCrZx7wDNk5usqig1x5w4QuWSJiNZsj6jFzjsPyoN9MpxO4iUklLS4L1p3QM9yaS2IKdER6u0bJvuIQyZVxGuQ%2C%2C.QyjlLkfL5rUXINalgAufhEW-HrQ%2C

Request Chain 110

https://mc.yandex.com/watch/71281900?wmode=7&page-url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&charset=utf-8&site-info=%7B%22site_id%22%3A21635%2C%22srtb_sid%22%3A%22628df239-6f1a-a0bb-k1qk-a9zewvchybxi%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelx9mjkmrvf62o%3Afp%3A2081%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A2%3Adp%3A0%3Als%3A906268352139%3Ahid%3A570313504%3Az%3A0%3Ai%3A20220525090913%3Aet%3A1653469754%3Ac%3A1%3Arn%3A135248557%3Arqn%3A1%3Au%3A1653469754367171267%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1653469750846%3Ads%3A0%2C81%2C1011%2C42%2C901%2C0%2C%2C59%2C0%2C2533%2C2533%2C0%2C2098%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1653469754%3At%3ARubilnik%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&charset=utf-8&site-info=%7B%22site_id%22%3A21635%2C%22srtb_sid%22%3A%22628df239-6f1a-a0bb-k1qk-a9zewvchybxi%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelx9mjkmrvf62o%3Afp%3A2081%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A2%3Adp%3A0%3Als%3A906268352139%3Ahid%3A570313504%3Az%3A0%3Ai%3A20220525090913%3Aet%3A1653469754%3Ac%3A1%3Arn%3A135248557%3Arqn%3A1%3Au%3A1653469754367171267%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1653469750846%3Ads%3A0%2C81%2C1011%2C42%2C901%2C0%2C%2C59%2C0%2C2533%2C2533%2C0%2C2098%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1653469754%3At%3ARubilnik%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Request Chain 111

https://mc.yandex.com/watch/15835363?wmode=7&page-url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelx9mjkmrvf62o%3Afp%3A2081%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A1642405017259%3Ahid%3A570313504%3Az%3A0%3Ai%3A20220525090913%3Aet%3A1653469754%3Ac%3A1%3Arn%3A359948310%3Arqn%3A1%3Au%3A1653469754367171267%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1653469750846%3Ads%3A0%2C81%2C1011%2C42%2C901%2C0%2C%2C59%2C0%2C2533%2C2533%2C0%2C2098%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1653469754%3At%3ARubilnik%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
https://mc.yandex.com/watch/15835363/1?wmode=7&page-url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelx9mjkmrvf62o%3Afp%3A2081%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A1642405017259%3Ahid%3A570313504%3Az%3A0%3Ai%3A20220525090913%3Aet%3A1653469754%3Ac%3A1%3Arn%3A359948310%3Arqn%3A1%3Au%3A1653469754367171267%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1653469750846%3Ads%3A0%2C81%2C1011%2C42%2C901%2C0%2C%2C59%2C0%2C2533%2C2533%2C0%2C2098%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1653469754%3At%3ARubilnik%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Request Chain 129

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 170

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 173

https://dmg.digitaltarget.ru/1/1093/i/i?i=194819000674322.342325978574804&a=77&e=0100007F39F28D621D0B870602D2F650&pref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&c=ss:77.up:0100007F39F28D621D0B870602D2F650.sync:up.xdua:dulsPIApF96LpbXgoI8NbSRO.xps:xps0vjuDpBwtXMgl67fCsnOfW.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=194819000674322.342325978574804&a=77&e=0100007F39F28D621D0B870602D2F650&pref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&c=ss:77.up:0100007F39F28D621D0B870602D2F650.sync:up.xdua:dulsPIApF96LpbXgoI8NbSRO.xps:xps0vjuDpBwtXMgl67fCsnOfW.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 174

https://dmg.digitaltarget.ru/1/1093/i/i?i=194819000674322.905066998046745&a=77&e=0100007F39F28D621D0B870602D2F650&pref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&c=ss:77.up:0100007F39F28D621D0B870602D2F650.sync:up.xdua:dulsPIApF96LpbXgoI8NbSRO.xps:xps0vjuDpBwtXMgl67fCsnOfW.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=194819000674322.905066998046745&a=77&e=0100007F39F28D621D0B870602D2F650&pref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&c=ss:77.up:0100007F39F28D621D0B870602D2F650.sync:up.xdua:dulsPIApF96LpbXgoI8NbSRO.xps:xps0vjuDpBwtXMgl67fCsnOfW.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Request Chain 188

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFX-ZvU47iUW8N4JLmbFolM&google_cver=1&google_push=AYg5qPIFPgapk0_a3zpZ126QDZ4Ts1PklXwfOMdp_KhmMtV82biGirn8TkZUxosAF5ssX5YCEegAvuqw_gcDduG7ypOvtxlkGPw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFX-ZvU47iUW8N4JLmbFolM&google_cver=1&google_push=AYg5qPIFPgapk0_a3zpZ126QDZ4Ts1PklXwfOMdp_KhmMtV82biGirn8TkZUxosAF5ssX5YCEegAvuqw_gcDduG7ypOvtxlkGPw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=haxFtXWYRYuFfKNWvg7KDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIFPgapk0_a3zpZ126QDZ4Ts1PklXwfOMdp_KhmMtV82biGirn8TkZUxosAF5ssX5YCEegAvuqw_gcDduG7ypOvtxlkGPw

Request Chain 189

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECuo0D41pysxiTx4-hBU5Xk&google_cver=1&google_push=AYg5qPLhW0iX1PVkg4kMVKrsAYJvPLRZCZssHPqD7P_SVPYrRnn99U-F8zCo8RU4a3Q9ULsxleRgc6zTupXsqqzkzIDxxqArSoo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMRDc4RjQtMVctNUlVMA==&google_push=AYg5qPLhW0iX1PVkg4kMVKrsAYJvPLRZCZssHPqD7P_SVPYrRnn99U-F8zCo8RU4a3Q9ULsxleRgc6zTupXsqqzkzIDxxqArSoo

Request Chain 190

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOw0rAmAUOUS5VpTCj-IBeU&google_cver=1&google_push=AYg5qPLP5dzUc4e_VL1pjauAYn6Ub5U8ehGqV8o08kK1Biewc5jfLAHJT39E1dlkXQYLJ_PmEdC_2NaegLPdt5t25onLKoAdBw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOw0rAmAUOUS5VpTCj-IBeU&google_push=AYg5qPLP5dzUc4e_VL1pjauAYn6Ub5U8ehGqV8o08kK1Biewc5jfLAHJT39E1dlkXQYLJ_PmEdC_2NaegLPdt5t25onLKoAdBw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3yO9d6k2D_Rj8zOL4hzgAABH0AAAIB&google_push=AYg5qPLP5dzUc4e_VL1pjauAYn6Ub5U8ehGqV8o08kK1Biewc5jfLAHJT39E1dlkXQYLJ_PmEdC_2NaegLPdt5t25onLKoAdBw&google_cver=1&google_gid=CAESEOw0rAmAUOUS5VpTCj-IBeU

Request Chain 193

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

210 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xn--e1alhsoq4c.xn--p1ai/
Redirect Chain

http://xn--e1alhsoq4c.xn--p1ai/
https://xn--e1alhsoq4c.xn--p1ai/

117 KB
24 KB

1092ms
1010ms

Document
text/html

2606:4700:3030::ac43:d6f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--e1alhsoq4c.xn--p1ai/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc832122e69ebf0bb053b52c5961f028a617aa6db9b8a18ae07af8769275ebe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 710d217d0ad890ae-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 09:09:12 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://шляхтен.рф/wp-json/>; rel="https://api.w.org/" <https://wp.me/3tqGs>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGyPFn6iE74N4NPkjcK66Xr%2FL%2F4Cw5yfQLhXvQ%2FMdCoBKGRn%2BgJRPRQRIRSFTNIFuwjfF%2FKMraGEt5m1wEKw%2FQBm8MRAAXeIvT2cYpqoum1AtIj%2BR7zQbUFVuQxTBhv3ELB9doEqYRxlO48g2C44WRsG8zbDGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Cookie

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 710d2178df756933-FRA
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 25 May 2022 09:09:11 GMT
Location: https://xn--e1alhsoq4c.xn--p1ai/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umips6hf9C4XEtbAEXM4TIsyf5ZXFysXvDoc9ys3xDH0yhl3m3Zw0oAgD1C65ew0mVpDZUqGkILbs087%2BadLauOW2pYlZ3JlMYX5T6LFBvqNus%2FYKjGZav4ZrwORc9StNGOg1YAQjz2smrhAnw8CHgAnEjIVQw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 41ms
41ms Script
application/javascript 2606:4700:3030::ac43:d6f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:d6f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 21 May 2022 16:00:29 GMT
server: cloudflare
etag: W/"62890c9d-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBYfSyssuvNClwOf3a7IAW%2BvBv7vUJTbvvF%2FM3TFy86mOeIdfsq1WCaXZ4lDg6ioo%2FK1iz1LTYy0aS%2FNZgrdaj4YlcZZ%2BD%2Bk61b8m2sOwHqueU9%2BpG9qnQLp5QLsWb065pJXARfxAx58zDSvmJrybR4Z0okJHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 710d218379db90ae-FRA
vary: Accept-Encoding
expires: Fri, 27 May 2022 09:09:12 GMT

GET
H2 200 email-decode.min.js Show response
xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
966 B 42ms
42ms Script
application/javascript 2606:4700:3030::ac43:d6f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:d6f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 21 May 2022 16:00:29 GMT
server: cloudflare
etag: W/"62890c9d-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqkHu8C413F3M9KEDzskKtn1kXeWyMXF%2FpSKn1zvqGlrtu4JKMdO0sxYID0m3tmMNxqkPG2kK%2BHlNRDPufa3ls9CC1ALBhjLC3M9sIas7p4GXDaeSNCwkk5aw%2FMPKRjwhwxyMIQYORAg9h6i3ECZSLx%2FeSNyZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 710d2183aa0d90ae-FRA
vary: Accept-Encoding
expires: Fri, 27 May 2022 09:09:12 GMT

GET
H2 200 twentyfourteen.css
c0.wp.com/p/jetpack/10.9.1/modules/theme-tools/compat/ 7 KB
2 KB 173ms
89ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.9.1/modules/theme-tools/compat/twentyfourteen.css

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

82fc34423461de484a0a8a8e706b78fff9331f332b93075a876c67253b997f03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
last-modified: Tue, 29 Mar 2022 19:04:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 May 2023 09:09:13 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.9.3/wp-includes/css/dist/block-library/ 81 KB
10 KB 169ms
88ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
last-modified: Wed, 30 Mar 2022 11:30:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 May 2023 09:09:13 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/ 11 KB
2 KB 170ms
89ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 May 2023 09:09:13 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/ 4 KB
1 KB 169ms
88ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 May 2023 09:09:13 GMT

GET
H2 200 style.css
xn--e1alhsoq4c.xn--p1ai/wp-content/plugins/ram108-sape/ 180 B
446 B 214ms
212ms Stylesheet
text/css 2606:4700:3030::ac43:d6f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--e1alhsoq4c.xn--p1ai/wp-content/plugins/ram108-sape/style.css?ver=5.9.3
Requested by: Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51f183a47b934ccf1c915a44d89aaaced190036e11da836ed66f127b10cd716e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 21 Jan 2017 06:30:29 GMT
server: cloudflare
etag: W/"b4-54694e70c4b40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5%2BLZEvit4ZUa4N4wrZbjM2aYwhjtbWxEE41iBkqEmndL%2FEjtitlU5KCCz%2BO5auR6vRGdE9Pr64%2FxZyIHKrPdfeUkDQf4kA5ukjRFWVI0iD6MDQ8UfCAypIxtaQv0QqdrLJUJ4WHFqU0cQC5uGzGgIElxbH1Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 710d2183ca3790ae-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 genericons.css
c0.wp.com/p/jetpack/10.9.1/_inc/genericons/genericons/ 28 KB
16 KB 169ms
88ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.9.1/_inc/genericons/genericons/genericons.css

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
last-modified: Wed, 13 Jan 2016 23:09:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 May 2023 09:09:13 GMT

GET
H2 200 style.css
xn--e1alhsoq4c.xn--p1ai/wp-content/themes/twentyfourteen/ 81 KB
15 KB 260ms
259ms Stylesheet
text/css 2606:4700:3030::ac43:d6f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--e1alhsoq4c.xn--p1ai/wp-content/themes/twentyfourteen/style.css?ver=20190507
Requested by: Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a0b91d593ee394d8f11346236a3ea69990e40928ef743a72690a54e7a464a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 16 May 2022 18:17:14 GMT
server: cloudflare
etag: W/"1424e-5df25089112b1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kS%2BcJ%2B3dToYm3dyloVOQpwNxIx5NUY%2FqpDSHfu8x%2Byd573s10TUKtgVVj%2BRtWU%2BT9JXV0H556x1HUw1aamZGeB2cWIbi1wuvf%2F3uihv2PePI%2BLtSwIk6BpTnMuimBZ6Qijzr8lGc934o%2B8trWVa8GWWaHeyp%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 710d2183ca3890ae-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 blocks.css
xn--e1alhsoq4c.xn--p1ai/wp-content/themes/twentyfourteen/css/ 8 KB
2 KB 205ms
204ms Stylesheet
text/css 2606:4700:3030::ac43:d6f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--e1alhsoq4c.xn--p1ai/wp-content/themes/twentyfourteen/css/blocks.css?ver=20190102
Requested by: Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fce7e9715dfeded3495e0d9c54966b1ff7b26a768ca2024c2cf097ee90015cd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 16 May 2022 18:17:14 GMT
server: cloudflare
etag: W/"1e0e-5df25089112b1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tFYc%2FjlwwIZuvCsYgmfRquI6DWfXJHd11T5ISGgG9UT6TFRss%2FeSLdL67gP0CaQ%2FlbEbAuuyL%2FJsmTeTWdvypvgAbm7Ev%2FML648ld%2B6ZJL76Uf%2BLwxRsWWr9nMltbGUI%2FXKQhtxR2Q3v%2ByX0HEGIWrp3WoLzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 710d2183ca3c90ae-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/10.9.1/css/ 84 KB
15 KB 168ms
88ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.9.1/css/jetpack.css

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

86c8f0ef3d5c51e837bd0c69424d11e9e8522f834e1c18d620073db93b5c79f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 17:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 May 2023 09:09:13 GMT

GET
H2 200 hipster.jpg
xn--e1alhsoq4c.xn--p1ai/wp-content/uploads/2014/06/ 518 KB
519 KB 221ms
220ms Image
image/jpeg 2606:4700:3030::ac43:d6f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--e1alhsoq4c.xn--p1ai/wp-content/uploads/2014/06/hipster.jpg
Requested by: Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1a287ed97b62a0f4fa8947e6da754f716331f106b88f620a6bc650974c3d2be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 05 Jan 2017 10:23:52 GMT
server: cloudflare
etag: "81681-545564c3b1e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85MfeTdgKqYwG2N5mgMnwjb55JIZs8w56fMz%2BdspV3qiHxGKjLKhUNlhvegxhtODu9vYSzJqCShyx5aavHYsnjMvNAG6Kqstjvtw7HsrAslpSfRrtDzEY1z%2FtdUooHYEQBi7EDdgbLIA3diaUpMuzLlb1%2BexbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 710d2183ca3d90ae-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 530049

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 502 widget.php
widget.socialblade.com/ Frame E980 0
0 425ms
331ms Document
text/html 2606:4700:20::681a:125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.socialblade.com/widget.php?u=Shlyahten

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://xn--e1alhsoq4c.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 710d21848b66913d-FRA
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 09:09:13 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 e-202221.js Show response
stats.wp.com/ 9 KB
3 KB 125ms
36ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202221.js
Requested by: Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 14 May 2023 23:13:20 GMT

GET
H2 200 jetpack-carousel.min.js Show response
c0.wp.com/p/jetpack/10.9.1/_inc/build/carousel/ 24 KB
7 KB 80ms
36ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/10.9.1/_inc/build/carousel/jetpack-carousel.min.js

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3d934946e478053820ccfc2e9902822114dc8c40e26669d9742c9fe6524ee661

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 May 2023 09:09:13 GMT

GET
H3 200 lazy-images.js Show response
xn--e1alhsoq4c.xn--p1ai/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
2 KB 216ms
215ms Script
application/javascript 2606:4700:3030::ac43:d6f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--e1alhsoq4c.xn--p1ai/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=25eafb3f2ad93939cdfaaa7782cb8b85
Requested by: Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c99ffa666406b233d0791d6f9c7b4675c37ae1e537813b213bc3968a95321355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 19 May 2022 22:59:48 GMT
server: cloudflare
etag: W/"93e-5df6554a1ec62-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK0LSk9M%2F1sjG1V8I4cc1uKYnh0SVc6Ilu1KeBzDAoovBVCqZIk%2FdjAGn6AEUB8U3BmX5bIUMVkCmdTkHbv8GcbIZI4YciaSRkXZgwrX%2B%2BBf0Uay1s8XSiSbw0SMwn27eVaIc4HZWIL2EtJ21Qiqp83NhCOTAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 710d21840ec6916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 intersection-observer.js Show response
xn--e1alhsoq4c.xn--p1ai/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
4 KB 221ms
219ms Script
application/javascript 2606:4700:3030::ac43:d6f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--e1alhsoq4c.xn--p1ai/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=f5a9d453c5a79e347f9ee90353c1abdf
Requested by: Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 19 May 2022 22:59:48 GMT
server: cloudflare
etag: W/"2317-5df6554a1ec62-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhydlZfe9x5NPN8e9puUuk%2BJXHMCk%2BNxT5WOse8CA3G8uDM0AhY4vu1cr0zW7OQlm%2Fz%2BCp7OEQGhIFyG%2FTjwXnAADTs3ZoaMvecfVhNXrhBuAStlSmnpMhd21HMUpkSeRKQhjV2xhKvEVot1GMZ9fw6abnDAmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 710d21840ecc916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 functions.js Show response
xn--e1alhsoq4c.xn--p1ai/wp-content/themes/twentyfourteen/js/ 6 KB
3 KB 648ms
646ms Script
application/javascript 2606:4700:3030::ac43:d6f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--e1alhsoq4c.xn--p1ai/wp-content/themes/twentyfourteen/js/functions.js?ver=20171218
Requested by: Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd82cac24cbdef5b83f92479a62813edddc8f515353bfa0e3e774f30f6327254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 16 May 2022 18:17:14 GMT
server: cloudflare
etag: W/"17a6-5df25089112b1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6VtrX61Sp0EOHbBvuGkrtbIzvMaz2H9tKxbqRqS7wrOE%2F%2BocOXvcpKyjeW5X71xOS1bqG8w%2FyEKDp7ai2w4WhvQumhkYHbT22DYl956JAy2RGef7jQuTNWtOei%2FsxRPXaWNcZEeEY7ozH2kOI8xrwPzUlTYoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 710d21840ecf916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.masonry.min.js Show response
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ 2 KB
684 B 80ms
37ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery.masonry.min.js

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
last-modified: Thu, 18 Aug 2016 18:55:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 May 2023 09:09:13 GMT

GET
H2 200 masonry.min.js Show response
c0.wp.com/c/5.9.3/wp-includes/js/ 24 KB
7 KB 80ms
37ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/js/masonry.min.js

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 May 2023 09:09:13 GMT

GET
H2 200 imagesloaded.min.js Show response
c0.wp.com/c/5.9.3/wp-includes/js/ 5 KB
2 KB 80ms
37ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/js/imagesloaded.min.js

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 May 2023 09:09:13 GMT

GET
H2 200 21635.js Show response
cdn-rtb.sape.ru/teasers/js/635/2/ 132 KB
54 KB 356ms
152ms Script
application/javascript 95.181.171.233
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/teasers/js/635/2/21635.js

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.171.233 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

asrv233.qwarta.ru

Software

openresty /

Resource Hash

0903da753311f06f923bed49d00a74b7904be20f5708d2338f4b00abad5a5fbd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 03:08:00 GMT
server: openresty
x-amz-request-id: 16F24AA934BC53BD
etag: W/"c5c17a5e6d2f15a7f74ad08179ddc7da"
x-cache-status: REVALIDATED
vary: Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
content-security-policy: block-all-mixed-content
x-xss-protection: 1; mode=block
expires: Wed, 25 May 2022 10:09:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
56 KB 163ms
77ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

367f94b21326a03d42a28fa94bffcdf9fc8e9f62e3f5e2a7983db264360e3dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56659
x-xss-protection: 0
server: cafe
etag: 6368467394960065138
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 09:09:13 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ 11 KB
4 KB 80ms
37ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 May 2023 09:09:13 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.9.3/wp-includes/js/jquery/ 87 KB
30 KB 80ms
38ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery.min.js

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Thu, 25 May 2023 09:09:13 GMT

GET
H3 200 rss.png
xn--e1alhsoq4c.xn--p1ai/wp-includes/images/ 608 B
1 KB 1642ms
1641ms Image
image/png 2606:4700:3030::ac43:d6f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--e1alhsoq4c.xn--p1ai/wp-includes/images/rss.png
Requested by: Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Nov 2012 14:49:10 GMT
server: cloudflare
etag: "260-4cde8d23a8580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KR41LFyfvZ6j4RjeXJUBO4uDT5XQL3yhYG7eIG4Qf72hVVR3An0%2F1gVuQ6SN5SxKCyl2aLQ2IPgKHVyuywhPiSqxHsQorUdUGF%2BSTUjy0INCw1VynDolR4GHjywFLv%2BuFwzZ%2BmKsETsPCeY4u5HpikRM1HF3ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 710d21842f1d916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 608

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://xn--e1alhsoq4c.xn--p1ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 wp-emoji-release.min.js Show response
xn--e1alhsoq4c.xn--p1ai/wp-includes/js/ 18 KB
5 KB 1228ms
1227ms Script
application/javascript 2606:4700:3030::ac43:d6f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--e1alhsoq4c.xn--p1ai/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 25 Jul 2021 11:39:35 GMT
server: cloudflare
etag: W/"4705-5c7f1174a4502-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMFdyPI2n8rPTYbYay9BazjbNCPe9mUTAT2dBSriYz4rU3pfYDBAdmWSqExGta06hzQleVNMUKbrykmhqFNAMKNDGogzILx4u%2B5vt9%2BSeRSS%2FQftd4fOEy0GxEsKIR0%2BumvAgV4OQfDr97kDk7eIUElddrBiUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 710d2186dd19916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 139 KB
50 KB 336ms
164ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6d31935fb2479231464f859e522b2356ecc5266920137fa628337fd61b52c6b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
last-modified: Wed, 18 May 2022 10:11:23 GMT
etag: "62849c1b-c62a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50730
expires: Wed, 25 May 2022 10:09:13 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
55 KB 162ms
86ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dba3cb5f11d80858886024a433a2c583ba78e025012bbbe082e2ea33fbe1858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56654
x-xss-protection: 0
server: cafe
etag: 647140431931054632
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 09:09:13 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ 316 KB
113 KB 130ms
69ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9248811033818085&plah=xn--e1alhsoq4c.xn--p1ai&bust=31067737

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

793c0a11b32feaa7a58d5ca2c26d502a2ea4eae81490b3ebf0da2f970f6e8ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115452
x-xss-protection: 0
server: cafe
etag: 17096151571903082521
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 09:09:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame A213 10 KB
5 KB 37ms
37ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--e1alhsoq4c.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 22:40:59 GMT
etag: 1428802124239944296
expires: Tue, 07 Jun 2022 22:40:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aci.js Show response
www.acint.net/ 22 KB
7 KB 132ms
46ms Script
application/x-javascript 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/635/2/21635.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 13:23:00 GMT
server: openresty
etag: "61a4d434-1d25"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7461
expires: Wed, 25 May 2022 21:09:13 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 0C5A
Redirect Chain

https://www.acint.net/mc/?dp=14
https://www.acint.net/mc/?dp=14&tc=1

4 KB
4 KB

41ms
40ms

Document
text/html

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=14&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: 4b66994b1dc036edf7971da59a059620fc9fdda89c3ecc8c07e93f9c6fe61ebf

Request headers

Referer: https://xn--e1alhsoq4c.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 25 May 2022 09:09:13 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Wed, 25 May 2022 09:09:13 GMT
location: /mc/?dp=14&tc=1
server: openresty

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
63 KB 133ms
46ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LH9RBB2QN9

Requested by

Host: www.acint.net
URL: https://www.acint.net/aci.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

702382ec81306bd47bee31aff9028ed064fa3aa31f424ba4a58061030c7de67a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63712
x-xss-protection: 0
expires: Wed, 25 May 2022 09:09:13 GMT

GET
H2 200 /
www.acint.net/hit/ 43 B
340 B 40ms
39ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=436cb30e-e523-408a-aa69-777e9f033230&dp=14&tz=%2B00%3A00&nc=30761469&u=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=&rs=1600x1200&t=Rubilnik%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C&oE=1&oP=1&dT=2022-05-25T09%3A09%3A13.573&fu=d2adbd65-0245-4ab1-b02c-527a4c05c48d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 43ms
36ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.9.1&blog=51343096&post=0&tz=3&srv=%D1%88%D0%BB%D1%8F%D1%85%D1%82%D0%B5%D0%BD.%D1%80%D1%84&host=xn--e1alhsoq4c.xn--p1ai&ref=&fcp=2081&rand=0.7345607472591298
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 09:09:13 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
587 B 196ms
94ms Script
application/javascript 157.90.179.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_628df2399_50190369&srtbid=21635&scids=161585043&sx=1600&sy=1200&ref=&u=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&allimps=1&fl=0&v=3&tz=%2B00%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/635/2/21635.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.179.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1407627.sapientru.net
Software: openresty /
Resource Hash: 31f7b29fc838e892c374640bfaaf9a8c39ecea845bf919fba6fdb60c66d8e1f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:13 GMT
Content-Encoding: gzip
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 50
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 42ms
41ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A21635%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A936%7D&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469754
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 41ms
40ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A21635%2C%22sc%22%3A0%2C%22pl%22%3A54624%2C%22ev%22%3A%22loadFree%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469754
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 41ms
40ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=21635.54624.161585043.0.0.95&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469754
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 41ms
41ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A21635%2C%22sc%22%3A0%2C%22pl%22%3A54624%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469754
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 %D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA-%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0-2022-05-16-211345-300x269.png
xn--e1alhsoq4c.xn--p1ai/wp-content/uploads/2022/05/ 44 KB
44 KB 1338ms
1338ms Image
image/png 2606:4700:3030::ac43:d6f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--e1alhsoq4c.xn--p1ai/wp-content/uploads/2022/05/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA-%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0-2022-05-16-211345-300x269.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83a8e174b4213415b0c7643fbc9cad681530b1155b92dbcabac8c9ec541e1ebf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
cf-cache-status: MISS
last-modified: Mon, 16 May 2022 18:28:17 GMT
server: cloudflare
etag: "afaa-5df253023b9a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjb2xVWIsX%2FbYU6iFbQXTJzztN5TXLJ7%2BR2DioT7AsCX0AwKFK8GOil6JjDQEm1UByHgNfaXN%2FWfr3qzvClWL3WxPZiOxczBSAnnijd6RzTiumrnXcuwuVmMzrFM6GPlXPkwPd1EhwQ9eABFFy%2FkBvqEmbPxNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 710d2188484c916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44970

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 227 B
652 B 184ms
45ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xn--e1alhsoq4c.xn--p1ai&callback=_gfp_s_&client=ca-pub-9248811033818085

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9248811033818085&plah=xn--e1alhsoq4c.xn--p1ai&bust=31067737

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

3e367d51d8128ca20a1517d35e256a2e63e459b6b108c92273844b4092a39c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 208
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 183ms
46ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xn--e1alhsoq4c.xn--p1ai

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 182ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--e1alhsoq4c.xn--p1ai

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 373B 138 KB
43 KB 338ms
338ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=250&slotname=6027571092&adk=2114169559&adf=3282234639&pi=t.ma~as.6027571092&w=306&fwrn=4&fwrnh=100&lmt=1653469753&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469753421&bpp=3&bdt=579&idt=241&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&correlator=7884474037610&frm=20&pv=2&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=924&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=DD5qtQQYAk&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=295

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afac55b6217ea4d15110fc9e235315dfa4c2398901bbd23c3c9b0523982a779f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18201476576411802981/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18201476576411802981/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWdx-qm-vcCFUWA_QcdxA0CIw&gqi=OfKNYvakLYTFbNjujYgE&layout=/sadbundle/%24csp%253Der3%24/18201476576411802981/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--e1alhsoq4c.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44456
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18201476576411802981/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18201476576411802981/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWdx-qm-vcCFUWA_QcdxA0CIw&gqi=OfKNYvakLYTFbNjujYgE&layout=/sadbundle/%24csp%253Der3%24/18201476576411802981/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 09:09:14 GMT
expires: Wed, 25 May 2022 09:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 180ms
52ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220518&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb9cce1f3afdfa8801a34b4562d96c5b4d150e55f2e5b2a6d4abb482da654006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10837
x-xss-protection: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 0C5A
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F39F28D621D0B870602D2F650
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F39F28D621D0B870602D2F650&crf=1

68 B
607 B

44ms
44ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F39F28D621D0B870602D2F650&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F39F28D621D0B870602D2F650&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 0C5A
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007F39F28D6213000FB4028B4A08

43 B
269 B

46ms
39ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007F39F28D6213000FB4028B4A08
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 25 May 2022 09:09:13 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007F39F28D6213000FB4028B4A08
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 0C5A
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F39F28D621D0B870602D2F650
https://px.adhigh.net/p/cm/sape?u=0100007F39F28D621D0B870602D2F650&bounced=1
https://acint.net/match?dp=17&euid=7nE3yyQ59t3.AikABlGA-no0Ow

43 B
269 B

47ms
47ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=7nE3yyQ59t3.AikABlGA-no0Ow
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:14 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f24-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=7nE3yyQ59t3.AikABlGA-no0Ow
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 0C5A 43 B
764 B 260ms
76ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F39F28D621D0B870602D2F650
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:13 GMT
Last-Modified: Wed, 25 May 2022 09:09:13 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Wed, 25 May 2022 15:09:13 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 0C5A
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6031857405
https://www.acint.net/rmatch?dp=45&euid=AyQqsTyMAdjmxcjWtFFMlEw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F39F28D621D0B870602D2F650

42 B
201 B

295ms
86ms

Image
image/gif

81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F39F28D621D0B870602D2F650
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:14 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Wed, 25 May 2022 09:09:14 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F39F28D621D0B870602D2F650
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 0C5A 0
857 B 177ms
60ms Image
text/plain 2606:4700:3032::6815:3b42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sngzy2UiQwGrtK6Ub20XJYBfonyCKSmh%2BzN76zC4LhjDcY7lzhVujfkBkiG9TYOn6HoiKLdU%2F54vjbym05y1mVmAQyf2gVP9Ey2loinKmkJQfuIbHo4tCipMYcwedNqmfB6WCeUhElEMZms%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 710d2189bef99b7a-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 0C5A
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=b4307617-68b2-4368-8bd6-5890e071b323
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi65LeUBlIEioaQK2IkYjQzMDc2MTctNjhiMi00MzY4LThiZDYtNTg5MGUwNzFiMzIz
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi65LeUBlIEioaQK2IkYjQzMDc2MTctNjhiMi00MzY4LThiZDYtNTg5MGUwNzFiMzIzogEQWSm0RNwKEeyEPQAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABi65LeUBmIkYjQzMDc2MTctNjhiMi00MzY4LThiZDYtNTg5MGUwNzFiMzIzogEQWSm0RNwKEeyEPQAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARi65LeUBmIkYjQzMDc2MTctNjhiMi00MzY4LThiZDYtNTg5MGUwNzFiMzIzogEQWSm0RNwKEeyEPQAlkMgkNw**

43 B
552 B

37ms
37ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARi65LeUBmIkYjQzMDc2MTctNjhiMi00MzY4LThiZDYtNTg5MGUwNzFiMzIzogEQWSm0RNwKEeyEPQAlkMgkNw**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:14 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Wed, 25 May 2022 09:09:14 GMT
Server: nginx
ETag: 5929b444-dc0a-11ec-843d-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARi65LeUBmIkYjQzMDc2MTctNjhiMi00MzY4LThiZDYtNTg5MGUwNzFiMzIzogEQWSm0RNwKEeyEPQAlkMgkNw**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 0C5A 0
238 B 165ms
41ms Image
text/plain 37.18.103.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007F39F28D621D0B870602D2F650

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.16 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:13 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 501
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 0C5A 3 KB
3 KB 277ms
76ms Script
application/javascript 185.15.175.144
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:13 GMT
Last-Modified: Wed, 25 May 2022 09:04:23 GMT
Server: nginx
ETag: "628df117-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 0C5A 0
69 B 160ms
39ms Image
text/plain 195.201.57.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F39F28D621D0B870602D2F650
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.57.28 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.57.201.195.clients.your-server.de
Software: nginx/1.17.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 09:09:13 GMT
server: nginx/1.17.0

GET
H2

200

match
www.acint.net/ Frame 0C5A
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://4d69d3da-f56a-4587-970d-5ffc9eb38b56.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
https://www.acint.net/match?dp=71&euid=4d69d3da-f56a-4587-970d-5ffc9eb38b56

43 B
269 B

39ms
38ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=4d69d3da-f56a-4587-970d-5ffc9eb38b56
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Wed, 25 May 2022 09:09:14 GMT
server: nginx
location: https://www.acint.net/match?dp=71&euid=4d69d3da-f56a-4587-970d-5ffc9eb38b56
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 0C5A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfznyjWIdC4cGAtL2UA
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfznyjWIdC4cGAtL2UA&google_tc=
https://www.acint.net/match?dp=77&euid=

43 B
269 B

41ms
40ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 0C5A
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F39F28D621D0B870602D2F650
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F39F28D621D0B870602D2F650

43 B
115 B

157ms
41ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F39F28D621D0B870602D2F650
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Wed, 25 May 2022 09:09:14 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F39F28D621D0B870602D2F650
date: Wed, 25 May 2022 08:59:35 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 0C5A 42 B
201 B 468ms
87ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F39F28D621D0B870602D2F650
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:14 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame 0C5A
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=DZMHJSQR

43 B
269 B

44ms
43ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=DZMHJSQR
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=DZMHJSQR
Date: Wed, 25 May 2022 09:09:14 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 0C5A
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F39F28D621D0B870602D2F650
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F39F28D621D0B870602D2F650&cs=1

35 B
376 B

39ms
39ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F39F28D621D0B870602D2F650&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F39F28D621D0B870602D2F650&cs=1
date: Wed, 25 May 2022 09:09:14 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 0C5A
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=jts39tVTOheL

43 B
269 B

40ms
39ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=jts39tVTOheL
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=jts39tVTOheL
Date: Wed, 25 May 2022 09:09:14 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 0C5A
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=9bb97225-ea70-5291-bea4-42a9dc29b090

43 B
269 B

50ms
49ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=9bb97225-ea70-5291-bea4-42a9dc29b090
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=9bb97225-ea70-5291-bea4-42a9dc29b090
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 0C5A
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=d67470faaed64a90a1b44c27c2fcdd5e

43 B
269 B

44ms
43ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=d67470faaed64a90a1b44c27c2fcdd5e
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=d67470faaed64a90a1b44c27c2fcdd5e
date: Wed, 25 May 2022 09:09:13 GMT
server: Kestrel
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 0C5A
Redirect Chain

https://0100007f39f28d621d0b870602d2f650-sp.ops.beeline.ru/p?ssp=sp&id=0100007F39F28D621D0B870602D2F650
https://www.acint.net/match?dp=111&euid=c41792bf-7086-48cf-b1e8-b9c09bd1a213

43 B
269 B

47ms
46ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=c41792bf-7086-48cf-b1e8-b9c09bd1a213
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Wed, 25 May 2022 09:09:14 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=c41792bf-7086-48cf-b1e8-b9c09bd1a213
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.31
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame 0C5A
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F39F28D621D0B870602D2F650
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1957214120
https://ut.rktch.com/matchspm?pi=1000006&pui=jfCWy7ejU4YGyZxQKDShz.&noredirect

88 B
88 B

71ms
71ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=jfCWy7ejU4YGyZxQKDShz.&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:14 GMT
Server: nginx/1.18.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:14 GMT
via: 1.1 google
last-modified: Wed, 25 May 2022 09:09:14 GMT
server: Weborama Collect Frontend
location: https://ut.rktch.com/matchspm?pi=1000006&pui=jfCWy7ejU4YGyZxQKDShz.&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

404

FTCU8M04SpqUe15E2JFWJQ
an.yandex.ru/setud/mts_banner/ Frame 0C5A
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F39F28D621D0B870602D2F650
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F39F28D621D0B870602D2F650
https://tech.rtb.mts.ru/?dsp_uid=153094f0-cd38-4a9a-947b-5e44d8915625&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FFTCU8M04SpqUe15E2JFWJQ%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/FTCU8M04SpqUe15E2JFWJQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=2478747470

43 B
176 B

103ms
102ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/FTCU8M04SpqUe15E2JFWJQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=2478747470

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:15 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 09:09:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 25 May 2022 09:09:15 GMT

Redirect headers

Date: Wed, 25 May 2022 09:09:14 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/FTCU8M04SpqUe15E2JFWJQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=2478747470
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame 0C5A
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=51b8b2ac-b261-45d1-4075-cc78f2414a7c

43 B
269 B

43ms
43ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=51b8b2ac-b261-45d1-4075-cc78f2414a7c
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=51b8b2ac-b261-45d1-4075-cc78f2414a7c
date: Wed, 25 May 2022 09:09:14 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 0C5A
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007F39F28D621D0B870602D2F650
https://www.acint.net/match?dp=127&euid=3KZqskh7edz67hzV9KWL

43 B
269 B

39ms
39ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=3KZqskh7edz67hzV9KWL
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=3KZqskh7edz67hzV9KWL
date: Wed, 25 May 2022 09:09:14 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 0C5A
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=ntzacyhov2

43 B
269 B

47ms
46ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=ntzacyhov2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:14 GMT
server: nginx/1.14.0
access-control-allow-origin: *
surrogate-control: no-store
vary: Origin
location: https://www.acint.net/match?dp=129&euid=ntzacyhov2
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: f35fd953-d80a-4210-a511-33f0a4c97379
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 0C5A 0
215 B 249ms
80ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F39F28D621D0B870602D2F650
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 25 May 2022 09:09:14 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007F39F28D621D0B870602D2F650
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 0C5A 0
189 B 295ms
80ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F39F28D621D0B870602D2F650
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

404

FTCU8M04SpqUe15E2JFWJQ
an.yandex.ru/setud/mts_banner/ Frame 0C5A
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F39F28D621D0B870602D2F650
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F39F28D621D0B870602D2F650&bounce=1
https://sm.rtb.mts.ru/p?ssp=aidata&id=t7Gm0LdPH2mPLI%2BwlTufQA
https://sm.rtb.mts.ru/match/second?ssp=51&exu=t7Gm0LdPH2mPLI%2BwlTufQA
https://tech.rtb.mts.ru/?dsp_uid=153094f0-cd38-4a9a-947b-5e44d8915625&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FFTCU8M04SpqUe15E2JFWJQ%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/FTCU8M04SpqUe15E2JFWJQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3Dt7Gm0LdPH2mPLI%252BwlTufQA&sign=1029155837

43 B
80 B

79ms
79ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/FTCU8M04SpqUe15E2JFWJQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3Dt7Gm0LdPH2mPLI%252BwlTufQA&sign=1029155837

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:15 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 09:09:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 25 May 2022 09:09:15 GMT

Redirect headers

Date: Wed, 25 May 2022 09:09:15 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/FTCU8M04SpqUe15E2JFWJQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3Dt7Gm0LdPH2mPLI%252BwlTufQA&sign=1029155837
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

404

NGJkY2VjNTRmMjU3OTI5Ng
an.yandex.ru/mapuid/gonetdspis/ Frame 0C5A
Redirect Chain

https://dmp.gotechnology.io/match/sape?id=0100007F39F28D621D0B870602D2F650
https://dmp.gotechnology.io/match/sape?id=0100007F39F28D621D0B870602D2F650&chk=1
https://an.yandex.ru/mapuid/gonetdspis/NGJkY2VjNTRmMjU3OTI5Ng

43 B
80 B

83ms
83ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/gonetdspis/NGJkY2VjNTRmMjU3OTI5Ng

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:15 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 09:09:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 25 May 2022 09:09:15 GMT

Redirect headers

date: Wed, 25 May 2022 09:09:14 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: http://an.yandex.ru/mapuid/gonetdspis/NGJkY2VjNTRmMjU3OTI5Ng
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 0C5A
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0100007F39F28D621D0B870602D2F650
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi65LeUBlIFrbKc-w9iIDAxMDAwMDdGMzlGMjhENjIxRDBCODcwNjAyRDJGNjUw
https://sync.bumlam.com/?src=sap1&s_data=CAIQABi65LeUBmIgMDEwMDAwN0YzOUYyOEQ2MjFEMEI4NzA2MDJEMkY2NTCiARBZKbRE3AoR7IQ9ACWQyCQ3

0
523 B

75ms
38ms

Image
text/html

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQABi65LeUBmIgMDEwMDAwN0YzOUYyOEQ2MjFEMEI4NzA2MDJEMkY2NTCiARBZKbRE3AoR7IQ9ACWQyCQ3
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:14 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Wed, 25 May 2022 09:09:14 GMT
Server: nginx
ETag: 5929b444-dc0a-11ec-843d-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQABi65LeUBmIgMDEwMDAwN0YzOUYyOEQ2MjFEMEI4NzA2MDJEMkY2NTCiARBZKbRE3AoR7IQ9ACWQyCQ3
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

0100007F39F28D621D0B870602D2F650
an.yandex.ru/mapuid/sapeis/ Frame 0C5A
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007F39F28D621D0B870602D2F650
https://an.yandex.ru/mapuid/sapeis/0100007F39F28D621D0B870602D2F650?redir-setuniq=1

43 B
108 B

80ms
80ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F39F28D621D0B870602D2F650?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:14 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 09:09:14 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 25 May 2022 09:09:14 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:14 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 09:09:14 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007F39F28D621D0B870602D2F650?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 25 May 2022 09:09:14 GMT

GET
H2

200

match
www.acint.net/ Frame 0C5A
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=0100007F39F28D621D0B870602D2F650
https://www.acint.net/match?dp=186&euid=85ebeebe-35d4-43b4-a6a4-f1077f3f445c

43 B
269 B

39ms
39ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=85ebeebe-35d4-43b4-a6a4-f1077f3f445c
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 25 May 2022 09:09:14 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=85ebeebe-35d4-43b4-a6a4-f1077f3f445c
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET frame.html
s3.advarkads.com/modules/match/ Frame 5882 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 97ms
97ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&tn=HEADER&id=masthead&cls=site-header&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F7E9 245 KB
64 KB 461ms
460ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&adk=1812271804&adf=3025194257&lmt=1653469753&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469753601&bpp=1&bdt=759&idt=144&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=306x250&nras=1&correlator=7884474037610&frm=20&pv=1&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=155

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfee03f88a1afb1cc25506610395cc5dec5bc28d18d9a45e0bd16ce477d58da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--e1alhsoq4c.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 65817
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 09:09:14 GMT
expires: Wed, 25 May 2022 09:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK rb.js Show response
co9.rktch.com/static/ Frame 762D 6 KB
2 KB 283ms
76ms Script
application/javascript 176.99.7.123
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://co9.rktch.com/static/rb.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/635/2/21635.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.7.123 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d40665.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: 37d9fdcb589bfab4d9557628567c02db962393f3306d31658425f073721b317d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 09:34:49 GMT
Server: nginx/1.14.2
ETag: W/"5f350939-1945"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 39ms
38ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=21635.54624.161585043.0.0.95&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469754
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
DATA 200
OK truncated
/ 612 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 41ms
40ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A21635%2C%22sc%22%3A0%2C%22pl%22%3A54624%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469754
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 39ms
38ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=112&id=21635.54624.161585051.0.2.83&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469754
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 124ms
47ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-85145813-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LH9RBB2QN9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1bc764f404b41ebdc1d8f5f51a9bbefa7446eca617da4d1eefab020d7b24b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39557
x-xss-protection: 0
expires: Wed, 25 May 2022 09:09:13 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 40ms
39ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=21635.522574.161651464.0.0.7&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469754
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9649.DQ3qCg_fHP_JBiCT9i-IzlA5uP6OxbSvrp8L6jI3HiCv2NzrdG-wWowqeBDXJdQa.bm50NOIUYCJ47MJvaUa7EURn6QE%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9649.SCrZx7wDNk5usqig1x5w4QuWSJiNZsj6jFzjsPyoN9MpxO4iUklLS4L1p3QM9yaS2IKdER6u0bJvuIQyZVxGuQ%2C%2C.QyjlLkfL5rUXINalgAufhEW-HrQ%2C

75 B
75 B

87ms
86ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9649.SCrZx7wDNk5usqig1x5w4QuWSJiNZsj6jFzjsPyoN9MpxO4iUklLS4L1p3QM9yaS2IKdER6u0bJvuIQyZVxGuQ%2C%2C.QyjlLkfL5rUXINalgAufhEW-HrQ%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9649.SCrZx7wDNk5usqig1x5w4QuWSJiNZsj6jFzjsPyoN9MpxO4iUklLS4L1p3QM9yaS2IKdER6u0bJvuIQyZVxGuQ%2C%2C.QyjlLkfL5rUXINalgAufhEW-HrQ%2C
date: Wed, 25 May 2022 09:09:14 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 82ms
82ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:13 GMT
last-modified: Wed, 18 May 2022 10:11:23 GMT
etag: "62849c1b-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 25 May 2022 10:09:13 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 377 KB
127 KB 143ms
46ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/635/2/21635.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128968
x-xss-protection: 0
expires: Wed, 25 May 2022 09:09:14 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 149ms
60ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 09:09:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85145813-2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3006
date: Wed, 25 May 2022 08:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 25 May 2022 10:19:08 GMT

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 0C5A 16 KB
16 KB 145ms
144ms Script
application/javascript 185.15.175.144
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=512023702832806
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3329813e0c2788f727bbb57c75a5751c683649372d99dd1a3627f2f7d95e2e58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:14 GMT
Last-Modified: Wed, 25 May 2022 09:04:24 GMT
Server: nginx
ETag: "628df118-3e06"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15878

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18201476576411802981/ Frame 7C29 114 KB
25 KB 119ms
41ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18201476576411802981/index.html

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8813bee179b63685c9a7d32f89055a4c27803004b8f23d64ff872c68ab440c41

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 175966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26044
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 08:16:28 GMT
expires: Tue, 23 May 2023 08:16:28 GMT
last-modified: Wed, 20 Apr 2022 09:23:30 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0DCC 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuwuAOfKNYoWdLsWA9u8PxJuImAK81Zbxac7247DmD5CStfKgMBABIJCfuB9glYKAgJgHoAHF6pm5AsgBCakC_h1BSzj2sT6oAwHIA0iqBOEBT9CjEv78YlmpzX07Hd2SYq536LHrr96oy2r9reOC9xd_hq8RljoO-narfbfPXQZ-gWHYC3gkJKqeZrFkTqTzeaR_06lNa3I4gt9u-c9XIFSDWy_81BZdyOhfueFHTDXBZBkCmEVd0hOOvxH9BjYpPrDIDyc5l8Gj3C_WQLHYzeJn925eXF-8m6ZQ2mwGZs86MWgJ_kBXFV6o8RLCLjtN8uEiLaXKDySnyolqwXh2XjfMO9zr6AiQIDE7bf71j9kZcRIssVqG-hNNUNhbUCQGoYvTIT7BCPOyYtm9dqhDuhvpwATiuOXGgASgBi6AB6OV5sYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ6aQJ0ggJCIDhgBAQARgfgAoByAsB2BMDiBQB0BUBmBYBgBcBshccChoIABIUcHViLTkyNDg4MTEwMzM4MTgwODUYAA&sigh=e2cviv3Tc3c&uach_m=[UACH]&template_id=419

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=250&slotname=6027571092&adk=2114169559&adf=3282234639&pi=t.ma~as.6027571092&w=306&fwrn=4&fwrnh=100&lmt=1653469753&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469753421&bpp=3&bdt=579&idt=241&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&correlator=7884474037610&frm=20&pv=2&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=924&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=DD5qtQQYAk&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=295
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 09:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 25 May 2022 09:09:14 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame 0DCC 21 KB
8 KB 116ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=250&slotname=6027571092&adk=2114169559&adf=3282234639&pi=t.ma~as.6027571092&w=306&fwrn=4&fwrnh=100&lmt=1653469753&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469753421&bpp=3&bdt=579&idt=241&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&correlator=7884474037610&frm=20&pv=2&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=924&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=DD5qtQQYAk&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=295

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 5611795670272045494
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:08:15 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 0DCC 3 KB
1 KB 152ms
75ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:07:18 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 0DCC 17 KB
7 KB 143ms
66ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:07:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DCC 136 KB
42 KB 152ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 09:09:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8F56 13 KB
5 KB 107ms
37ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--e1alhsoq4c.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 08:58:31 GMT
expires: Thu, 25 May 2023 08:58:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F49A 783 B
1 KB 130ms
47ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6a1e17d2bbfc2a99a249eb95ed4f923015852166d082901377870a1520784f21

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XHnX9KLSqc8a-r-ty4vi2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--e1alhsoq4c.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-XHnX9KLSqc8a-r-ty4vi2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 09:09:14 GMT
expires: Wed, 25 May 2022 09:09:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK v0 Show response
tg.rktch.com/ Frame F120 487 B
1 KB 279ms
89ms Document
text/html 176.99.6.56
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tg.rktch.com/v0?i=11679&p=1&vw=240&vh=400&sw=1600&sh=1200&rk=yyfshL&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&siteid=161585051

Requested by

Host: co9.rktch.com
URL: https://co9.rktch.com/static/rb.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.99.6.56 , Russian Federation, ASN49352 (LOGOL-AS, RU),

Reverse DNS

ops11.ad4tech.net

Software

nginx/1.20.2 /

Resource Hash

7efb78258c221e95bfc07829765d83dd923e618f24350397757a336f3410eb11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://xn--e1alhsoq4c.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Content-Type, Authorization, x-ad4-*
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: keep-alive
Date: Wed, 25 May 2022 09:07:44 GMT
Server: nginx/1.20.2
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 131ms
54ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=194267909&t=pageview&_s=1&dl=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&ul=en-us&de=UTF-8&dt=Rubilnik%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1412542932&gjid=2103019422&cid=2021604683.1653469754&tid=UA-85145813-2&_gid=1820898632.1653469754&_r=1&gtm=2ou5n0&z=504826610

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xn--e1alhsoq4c.xn--p1ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xn--e1alhsoq4c.xn--p1ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 114ms
39ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=194267909&t=pageview&_s=2&dl=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&ul=en-us&de=UTF-8&dt=Rubilnik%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4ChAAUABAAAAAC~&jid=&gjid=&cid=2021604683.1653469754&tid=UA-85145813-2&_gid=1820898632.1653469754&gtm=2ou5n0&z=1605569701

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 May 2022 18:49:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51564
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.acint.net/gtag/ 43 B
224 B 40ms
39ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/gtag/?v=0.4.0&uid=436cb30e-e523-408a-aa69-777e9f033230&dp=14&tz=%2B00%3A00&nc=11067213&gC=2021604683.1653469754&gS=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 112ms
41ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=194267909&t=event&_s=3&dl=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&ul=en-us&de=UTF-8&dt=Rubilnik%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=match&_u=6ChAAUABAAAAAC~&jid=&gjid=&cid=2021604683.1653469754&tid=UA-85145813-2&_gid=1820898632.1653469754&gtm=2ou5n0&cd1=2021604683.1653469754&cd2=&z=1127348502

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 May 2022 18:49:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51564
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/71281900/
Redirect Chain

https://mc.yandex.com/watch/71281900?wmode=7&page-url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&charset=utf-8&site-info=%7B%22site_id%22%3A21635%2C%22srtb_sid%22%3A%22628df239-6f1a-a0bb-k1qk-a9zewvc...
https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&charset=utf-8&site-info=%7B%22site_id%22%3A21635%2C%22srtb_sid%22%3A%22628df239-6f1a-a0bb-k1qk-a9zew...

338 B
456 B

86ms
85ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&charset=utf-8&site-info=%7B%22site_id%22%3A21635%2C%22srtb_sid%22%3A%22628df239-6f1a-a0bb-k1qk-a9zewvchybxi%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelx9mjkmrvf62o%3Afp%3A2081%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A2%3Adp%3A0%3Als%3A906268352139%3Ahid%3A570313504%3Az%3A0%3Ai%3A20220525090913%3Aet%3A1653469754%3Ac%3A1%3Arn%3A135248557%3Arqn%3A1%3Au%3A1653469754367171267%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1653469750846%3Ads%3A0%2C81%2C1011%2C42%2C901%2C0%2C%2C59%2C0%2C2533%2C2533%2C0%2C2098%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1653469754%3At%3ARubilnik%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4acc773f3d04fc263a9e4a3f52dfd386641be5fd7f3885a17fcf7fa476aef1be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 25-May-2022 09:09:14 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xn--e1alhsoq4c.xn--p1ai
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Wed, 25-May-2022 09:09:14 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Wed, 25-May-2022 09:09:14 GMT
location: /watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&charset=utf-8&site-info=%7B%22site_id%22%3A21635%2C%22srtb_sid%22%3A%22628df239-6f1a-a0bb-k1qk-a9zewvchybxi%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelx9mjkmrvf62o%3Afp%3A2081%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A2%3Adp%3A0%3Als%3A906268352139%3Ahid%3A570313504%3Az%3A0%3Ai%3A20220525090913%3Aet%3A1653469754%3Ac%3A1%3Arn%3A135248557%3Arqn%3A1%3Au%3A1653469754367171267%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1653469750846%3Ads%3A0%2C81%2C1011%2C42%2C901%2C0%2C%2C59%2C0%2C2533%2C2533%2C0%2C2098%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1653469754%3At%3ARubilnik%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://xn--e1alhsoq4c.xn--p1ai
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 25-May-2022 09:09:14 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/15835363/
Redirect Chain

https://mc.yandex.com/watch/15835363?wmode=7&page-url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelx9mjkmrvf62o%3Afp%3A2081%3Afu%3A0%3Aen%3A...
https://mc.yandex.com/watch/15835363/1?wmode=7&page-url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelx9mjkmrvf62o%3Afp%3A2081%3Afu%3A0%3Aen%...

338 B
369 B

90ms
90ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/15835363/1?wmode=7&page-url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelx9mjkmrvf62o%3Afp%3A2081%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A1642405017259%3Ahid%3A570313504%3Az%3A0%3Ai%3A20220525090913%3Aet%3A1653469754%3Ac%3A1%3Arn%3A359948310%3Arqn%3A1%3Au%3A1653469754367171267%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1653469750846%3Ads%3A0%2C81%2C1011%2C42%2C901%2C0%2C%2C59%2C0%2C2533%2C2533%2C0%2C2098%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1653469754%3At%3ARubilnik%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

af8caae2e8cb9b34050814bebab85b8d3e4594ab80ebd962983cf793ab27cfbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 25-May-2022 09:09:14 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xn--e1alhsoq4c.xn--p1ai
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Wed, 25-May-2022 09:09:14 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:14 GMT
last-modified: Wed, 25-May-2022 09:09:14 GMT
location: /watch/15835363/1?wmode=7&page-url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelx9mjkmrvf62o%3Afp%3A2081%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A802%3Acn%3A1%3Adp%3A0%3Als%3A1642405017259%3Ahid%3A570313504%3Az%3A0%3Ai%3A20220525090913%3Aet%3A1653469754%3Ac%3A1%3Arn%3A359948310%3Arqn%3A1%3Au%3A1653469754367171267%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1653469750846%3Ads%3A0%2C81%2C1011%2C42%2C901%2C0%2C%2C59%2C0%2C2533%2C2533%2C0%2C2098%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1653469754%3At%3ARubilnik%20%D0%B1%D0%BB%D0%BE%D0%B3%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://xn--e1alhsoq4c.xn--p1ai
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 25-May-2022 09:09:14 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 21 B
479 B 61ms
61ms XHR
application/xml 157.90.179.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTBreadResponse_21635&srtbid=21635&scids=161651464&sx=1600&sy=1200&ref=&u=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&allimps=1&fl=0&v=3&op=vast&tz=%2B00%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/635/2/21635.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.179.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1407627.sapientru.net
Software: openresty /
Resource Hash: 64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:14 GMT
Content-Encoding: gzip
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/xml; charset=UTF-8
Access-Control-Allow-Origin: https://xn--e1alhsoq4c.xn--p1ai
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 41
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7C29 16 KB
6 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18201476576411802981/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 25 May 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7C29 26 KB
10 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18201476576411802981/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 25 May 2022 16:13:39 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DCC 143 B
163 B 39ms
38ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=250&slotname=6027571092&adk=2114169559&adf=3282234639&pi=t.ma~as.6027571092&w=306&fwrn=4&fwrnh=100&lmt=1653469753&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469753421&bpp=3&bdt=579&idt=241&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&correlator=7884474037610&frm=20&pv=2&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=924&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=DD5qtQQYAk&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=295
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 08:45:44 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.517.2_ru.html Show response
imasdk.googleapis.com/js/core/ Frame 7E79 635 KB
206 KB 115ms
38ms Document
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_ru.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e6829d5a6fa89257a4f0d007b3680ff7acf55f0388cafe23f11369e653ea226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 409763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210461
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 15:19:51 GMT
expires: Sat, 20 May 2023 15:19:51 GMT
last-modified: Fri, 20 May 2022 15:15:44 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 161ms
46ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 May 2022 09:09:14 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 127ms
46ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xn--e1alhsoq4c.xn--p1ai

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 09:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 129ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--e1alhsoq4c.xn--p1ai

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 09:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ 148 KB
53 KB 66ms
59ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/reactive_library_fy2019.js?bust=31067737

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b7059b5f0e3587f9cb739d2852ecde1687203b73a858db77679a79224742e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53757
x-xss-protection: 0
server: cafe
etag: 17410867497998956974
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 May 2022 09:09:14 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 26DD 63 KB
26 KB 412ms
412ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=600&adk=3015462051&adf=743281947&pi=t.aa~a.3923573800~rp.4&w=162&fwrn=4&fwrnh=100&lmt=1653469754&rafmt=1&to=qs&pwprc=7718992974&psa=0&format=162x600&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469754310&bpp=1&bdt=1468&idt=0&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f9194f15ccbf34a-2297234e9dcd0086%3AT%3D1653469753%3ART%3D1653469753%3AS%3DALNI_Ma1EZIA-djjub2utPGa7WqKJ2YxKA&prev_fmts=306x250%2C0x0&nras=2&correlator=7884474037610&frm=20&pv=1&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=DikEznxgB5&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10bbbaef33dfef4f23718048289960ee752649f726c51aa4881957495d0b8450

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--e1alhsoq4c.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 26972
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 09:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0DCC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d36d8ef2f9e9af31dc74eef047ecb1f2208b190341f78998b09eb8af84c5941b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 12D4 37 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 25 May 2022 09:57:41 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
445 B 148ms
47ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-85145813-2&cid=2021604683.1653469754&jid=1412542932&gjid=2103019422&_gid=1820898632.1653469754&_u=YAhAAUAAAAAAAC~&z=725367812

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xn--e1alhsoq4c.xn--p1ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 09:09:14 GMT
content-type: text/plain
access-control-allow-origin: https://xn--e1alhsoq4c.xn--p1ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F56 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 08:42:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F49A 0
0 102ms
102ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220518&jk=3761829894286944&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/ Frame 3141 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--e1alhsoq4c.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 23:12:05 GMT
etag: 1428802124239944296
expires: Tue, 07 Jun 2022 23:12:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/ Frame 3ABA 10 KB
4 KB 38ms
37ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--e1alhsoq4c.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 23:12:05 GMT
etag: 1428802124239944296
expires: Tue, 07 Jun 2022 23:12:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DCC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

90ms
89ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 09:09:14 GMT
expires: Wed, 25 May 2022 09:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 09:09:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C29 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 08:42:40 GMT

GET
H3 200 300x250_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18201476576411802981/ Frame 7C29 32 KB
32 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18201476576411802981/300x250_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daa73e56627417a63ea7c1b5bd10d5d9926364c6d50c6be281b770b051ab606

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 175966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33007
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 09:23:30 GMT
server: sffe
date: Mon, 23 May 2022 08:16:28 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 23 May 2023 08:16:28 GMT

GET
H2 200 prebid-between-5.19.0.js Show response
cdn-rtb.sape.ru/js/prebid/ Frame 1605 182 KB
182 KB 186ms
185ms Script
text/javascript 95.181.171.233
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/js/prebid/prebid-between-5.19.0.js

Requested by

Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/635/2/21635.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.171.233 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

asrv233.qwarta.ru

Software

openresty /

Resource Hash

005dae70297e564c263b5ba0765ef45701a11dcc95c8b2f27b0859f8118cba5f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
etag: "504d41f6ad861ff04561571042afa239"
x-amz-request-id: 16BA2D12EBD92854
x-cache-status: HIT
content-length: 186176
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Oct 2021 11:35:46 GMT
server: openresty
date: Wed, 25 May 2022 09:09:14 GMT
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Wed, 25 May 2022 10:09:14 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 39ms
38ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=112&id=21635.54624.161585051.0.2.83&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469755
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 39ms
39ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=7&id=21635.54624.161585045.0.4.183&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469755
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 3141 4 KB
1 KB 132ms
46ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 08:00:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 09:09:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 09:09:14 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3141 205 B
743 B 122ms
37ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:49:41 GMT
x-content-type-options: nosniff
age: 1173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 25 May 2023 08:49:41 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3141 604 B
695 B 122ms
38ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 07:49:27 GMT
x-content-type-options: nosniff
age: 4787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 25 May 2023 07:49:27 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/elements/html/ Frame 3141 19 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 08:32:37 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3ABA 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsDqEOfKNYuz7Mfr-7_UPm8aO0AH1lYfnYuqLguqfB-DA8s66EhABIJCfuB9glYKAgJgHoAHPz6aOA8gBA6kCKqzPSPn1sT6oAwHIA8kEqgTZAU_QR4Ev_-CwJPin_SMswJ6YnuV5oj41uPIvFi21WrZLsqia8_05KTOxgWeH5G87Fc_uK9bOUXb_AIeWSteJR76WpA_Q5Yfixmlelcz1NOSVTjEmP_drmdE85SfulGD6wgp8ftSXGRFF_jo8H5d-GF-g7dIVKegrr29yLIh9SVi93R_WHVFJ17sUJ0c-8ZoAio3yuSv4ZhoUJeQY8cu3S3L5QsJy8wFhAZjLVVEGpyEULuYxk3b_PCLhdDG5hmgNdv0k0yP39RJgYguB_aPjCN4LdrC6w1igFlvABJGYwp_FAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYDgAeZsNlxqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ_qox0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTkyNDg4MTEwMzM4MTgwODUYAA&sigh=fShVUW9UPrI&uach_m=[UACH]

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 09:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame 3ABA 21 KB
8 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 5611795670272045494
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:08:15 GMT

GET
H3 200 8375793392283295164
tpc.googlesyndication.com/simgad/ Frame 3ABA 20 KB
20 KB 38ms
38ms Image
image/gif 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8375793392283295164

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9982bfa4c5e6e9d392ae61fef8a64294d8e31a637ed6bc3707033e991e7d403b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 22:15:49 GMT
x-content-type-options: nosniff
age: 557605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20554
x-xss-protection: 0
last-modified: Tue, 12 Dec 2017 08:54:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 18 May 2023 22:15:49 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 3ABA 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:07:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3ABA 136 KB
42 KB 127ms
50ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 09:09:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 3ABA 17 KB
7 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:07:12 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 3ABA 32 KB
13 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

170aba10d06d97475a89f9e6a41fd239eccdc9b66321b123a9579740ea9e2b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 05:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13007
x-xss-protection: 0
server: cafe
etag: 15107675193488962307
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 05:58:14 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 45ms
43ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=21635.522574.161651464.0.0.7&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469755
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 5
www.acint.net/pxl/ 43 B
224 B 41ms
39ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/5?dp=7&id=21635.522574.161651465.0.1.110&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469755
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 45ms
44ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=121&id=21635.522574.161651469.0.4.138&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469755
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 45ms
44ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=117&id=21635.522574.161651468.0.3.121&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469755
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0AFF 143 B
163 B 38ms
37ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 08:45:44 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK vpaid.php Show response
vastroll.ru/vast/ 21 B
524 B 288ms
79ms XHR
text/xml 185.60.135.47
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://vastroll.ru/vast/vpaid.php?pl=3717&org=1
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/635/2/21635.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.60.135.47 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: sedalnikovigorvas2.example.com
Software: nginx/1.14.1 /
Resource Hash: cc9c13341678b544fc3f130671b4c481c56cf6207767bfebc065e24036192fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 09:09:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 May 2022 09:09:14 GMT
Server: nginx/1.14.1
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV COM NAV OUR STP"
Access-Control-Allow-Origin: https://xn--e1alhsoq4c.xn--p1ai
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml; charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 2480.xml Show response
xml.mpsuadv.ru/c202/ 887 B
1 KB 460ms
79ms XHR
text/xml 45.67.59.5
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.mpsuadv.ru/c202/2480.xml?dl=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/teasers/js/635/2/21635.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.67.59.5 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 55ff01df2f51318c697c33e4bc232f483f39acab7df680ba0dc9de81ebb60ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Jun 2021 14:31:06 GMT
Server: nginx/1.14.1
ETag: W/"60bf7f2a-377"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Origin: https://xn--e1alhsoq4c.xn--p1ai
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Expires: Wed, 25 May 2022 09:09:15 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8F56 0
9 B 37ms
36ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?53Lo7Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 0C81 8 KB
892 B 126ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 08:04:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 09:09:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 09:09:14 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 0C81 2 KB
908 B 38ms
37ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:06:45 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame 0C81 21 KB
8 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 5611795670272045494
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:08:15 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 0C81 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:07:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C81 136 KB
42 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 09:09:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 0C81 17 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:07:12 GMT

GET
H3 200 937d951ae0167fdfcf48a5545b1fd715.js Show response
www.gstatic.com/mysidia/ Frame 0C81 30 KB
12 KB 119ms
38ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/937d951ae0167fdfcf48a5545b1fd715.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12375
x-xss-protection: 0
last-modified: Mon, 23 May 2022 17:08:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 08:13:47 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 26DD 7 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=600&adk=3015462051&adf=743281947&pi=t.aa~a.3923573800~rp.4&w=162&fwrn=4&fwrnh=100&lmt=1653469754&rafmt=1&to=qs&pwprc=7718992974&psa=0&format=162x600&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469754310&bpp=1&bdt=1468&idt=0&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f9194f15ccbf34a-2297234e9dcd0086%3AT%3D1653469753%3ART%3D1653469753%3AS%3DALNI_Ma1EZIA-djjub2utPGa7WqKJ2YxKA&prev_fmts=306x250%2C0x0&nras=2&correlator=7884474037610&frm=20&pv=1&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=DikEznxgB5&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a769936af844dea88b7d829670c48811b6ecc9f47575331da26fef27bcad3b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 18:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3256
x-xss-protection: 0
server: cafe
etag: 15417618671789030767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Jun 2022 18:25:46 GMT

GET
H3 200 delayed_impression_vu_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/elements/html/impression/ Frame 26DD 18 KB
8 KB 114ms
37ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/elements/html/impression/delayed_impression_vu_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

101e4fca05434c9cd3c6204b7241572a1e69ddf84432720365f0a5bba3cbe94e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 07:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5930
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7976
x-xss-protection: 0
server: cafe
etag: 3793883038825144401
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 07:30:24 GMT

GET
H3 200 4264225921395538055
tpc.googlesyndication.com/simgad/ Frame 26DD 26 KB
26 KB 39ms
38ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4264225921395538055?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qltgMRU3sfmnmYdRCii0wn0x7wJxQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448cf66028386468edd1844295898edbfe8851a90d502191cc3390f742687d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 22:21:50 GMT
x-content-type-options: nosniff
age: 38844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26243
x-xss-protection: 0
last-modified: Fri, 28 May 2021 06:58:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 May 2023 22:21:50 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame 26DD 21 KB
8 KB 71ms
44ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 5611795670272045494
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:07:08 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 26DD 3 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:05:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26DD 136 KB
42 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 09:09:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 26DD 17 KB
7 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:08:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 09:08:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 26DD 0
0 47ms
46ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_UrhmGovA4JaltLYb-DwMvX2pY11YjJY812TXA3VspsNj49sQW4oS8p54ud7v3-G81V1BWmZxdbFEmsVCOpwPV-mTCw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=600&adk=3015462051&adf=743281947&pi=t.aa~a.3923573800~rp.4&w=162&fwrn=4&fwrnh=100&lmt=1653469754&rafmt=1&to=qs&pwprc=7718992974&psa=0&format=162x600&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469754310&bpp=1&bdt=1468&idt=0&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f9194f15ccbf34a-2297234e9dcd0086%3AT%3D1653469753%3ART%3D1653469753%3AS%3DALNI_Ma1EZIA-djjub2utPGa7WqKJ2YxKA&prev_fmts=306x250%2C0x0&nras=2&correlator=7884474037610&frm=20&pv=1&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=DikEznxgB5&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 26DD 32 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

170aba10d06d97475a89f9e6a41fd239eccdc9b66321b123a9579740ea9e2b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13007
x-xss-protection: 0
server: cafe
etag: 15107675193488962307
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 08:27:22 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0AFF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

97ms
97ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 09:09:14 GMT
expires: Wed, 25 May 2022 09:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 09:09:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 99CD 35 KB
13 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 08:42:40 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 1605 5 KB
3 KB 50ms
50ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/js/prebid/prebid-between-5.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 259bc14bb05eba5828fb14f78cc1a1b3ed50c2b0d5566da756942c1e2f409c92

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://xn--e1alhsoq4c.xn--p1ai
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 0C5A
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=194819000674322.342325978574804&a=77&e=0100007F39F28D621D0B870602D2F650&pref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&c=ss:77.up:0100007F39F28D621D0B870602...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=194819000674322.342325978574804&a=77&e=0100007F39F28D621D0B870602D2F650&pref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&c=ss:77.up:0...

49 B
603 B

103ms
103ms

Image
image/gif

185.15.175.174
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=194819000674322.342325978574804&a=77&e=0100007F39F28D621D0B870602D2F650&pref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&c=ss:77.up:0100007F39F28D621D0B870602D2F650.sync:up.xdua:dulsPIApF96LpbXgoI8NbSRO.xps:xps0vjuDpBwtXMgl67fCsnOfW.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

HTTP/1.1

Server

185.15.175.174 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 23
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Wed, 25 May 2022 09:09:15 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=194819000674322.342325978574804&a=77&e=0100007F39F28D621D0B870602D2F650&pref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&c=ss:77.up:0100007F39F28D621D0B870602D2F650.sync:up.xdua:dulsPIApF96LpbXgoI8NbSRO.xps:xps0vjuDpBwtXMgl67fCsnOfW.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 0C5A
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=194819000674322.905066998046745&a=77&e=0100007F39F28D621D0B870602D2F650&pref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&c=ss:77.up:0100007F39F28D621D0B870602...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=194819000674322.905066998046745&a=77&e=0100007F39F28D621D0B870602D2F650&pref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&c=ss:77.up:0...

49 B
602 B

83ms
82ms

Image
image/gif

185.15.175.174
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=194819000674322.905066998046745&a=77&e=0100007F39F28D621D0B870602D2F650&pref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&c=ss:77.up:0100007F39F28D621D0B870602D2F650.sync:up.xdua:dulsPIApF96LpbXgoI8NbSRO.xps:xps0vjuDpBwtXMgl67fCsnOfW.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

HTTP/1.1

Server

185.15.175.174 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 4
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Wed, 25 May 2022 09:09:15 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=194819000674322.905066998046745&a=77&e=0100007F39F28D621D0B870602D2F650&pref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&c=ss:77.up:0100007F39F28D621D0B870602D2F650.sync:up.xdua:dulsPIApF96LpbXgoI8NbSRO.xps:xps0vjuDpBwtXMgl67fCsnOfW.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D385 143 B
163 B 37ms
37ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=600&adk=3015462051&adf=743281947&pi=t.aa~a.3923573800~rp.4&w=162&fwrn=4&fwrnh=100&lmt=1653469754&rafmt=1&to=qs&pwprc=7718992974&psa=0&format=162x600&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469754310&bpp=1&bdt=1468&idt=0&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f9194f15ccbf34a-2297234e9dcd0086%3AT%3D1653469753%3ART%3D1653469753%3AS%3DALNI_Ma1EZIA-djjub2utPGa7WqKJ2YxKA&prev_fmts=306x250%2C0x0&nras=2&correlator=7884474037610&frm=20&pv=1&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=DikEznxgB5&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=17
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 08:45:44 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 30CF 1 KB
752 B 38ms
38ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 13:26:12 GMT
etag: 48472445140208031
expires: Wed, 25 May 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6561 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: xn--e1alhsoq4c.xn--p1ai
URL: https://xn--e1alhsoq4c.xn--p1ai/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 08:42:40 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 45ms
40ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=7&id=21635.54624.161585045.0.4.183&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469755
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 bridge3.517.2_ru.html Show response
imasdk.googleapis.com/js/core/ Frame E08D 635 KB
206 KB 37ms
37ms Document
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_ru.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e6829d5a6fa89257a4f0d007b3680ff7acf55f0388cafe23f11369e653ea226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 409764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210461
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 15:19:51 GMT
expires: Sat, 20 May 2023 15:19:51 GMT
last-modified: Fri, 20 May 2022 15:15:44 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 47ms
46ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xn--e1alhsoq4c.xn--p1ai

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 09:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--e1alhsoq4c.xn--p1ai

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 09:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 26DD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31eccde87e298b1d699792043de42f7369dbf9133647f9e387f38cf93e4e8931

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DB28 37 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 25 May 2022 09:57:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 26DD 0
19 B 81ms
81ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CI5mcOvKNYvqmGdWKrr4P7LShgAmty9P_YsXe4qbpDbKVpamvCRABIJCfuB9glYKAgJgHoAHQpPT3A8gBAqkCNCtc7yz5sT6oAwHIA8kEqgTfAU_QData5XlAGxLGUQEdCppCno1hftbqyasM8sszYjsnEo5BLth8oFX1OjpSP4Nn6Hx_9fdnY85KXO9jNwTwoh5IXWYOnPgxz_G1U0NC-jgLRcibXy5ClCIWww4uLtQrhpsjV9-fLxnoDJjDSnHycpVK4763B86Yk3mBoGGq2vjbVGgxKZPqX_F9PiH0qVNcH4xGbdV-BpCvuvjzQ2C5eotQJluDG-aTkRCKzZO0WmhhN0xj3tIxl5sXFvSeX6nN8VDTPlRCB05AoSbArz_LkHSfUZMU_QInrGwXyiGtuLHABNSw_Z7KA5IFBAgEGAGSBQQIBRgEoAYCgAfBusi-AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELSGa9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi05MjQ4ODExMDMzODE4MDg1GAA&sigh=mdDnqyX68NE&uach_m=[UACH]&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=600&adk=3015462051&adf=743281947&pi=t.aa~a.3923573800~rp.4&w=162&fwrn=4&fwrnh=100&lmt=1653469754&rafmt=1&to=qs&pwprc=7718992974&psa=0&format=162x600&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469754310&bpp=1&bdt=1468&idt=0&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f9194f15ccbf34a-2297234e9dcd0086%3AT%3D1653469753%3ART%3D1653469753%3AS%3DALNI_Ma1EZIA-djjub2utPGa7WqKJ2YxKA&prev_fmts=306x250%2C0x0&nras=2&correlator=7884474037610&frm=20&pv=1&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=DikEznxgB5&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 09:09:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 30CF 35 B
464 B 132ms
41ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGeKTbJDkLDh7PF2E6ZXoe4&google_cver=1&google_push=AYg5qPIwUoB2ovc-7Dbfx9sXWq-NhNFHI64dSMv9uOLMITHgBol4QOtSqrRcuZF5PPq6wi-JJm38-nylrqKAr2OKPCuwffJvYGM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 30CF 43 B
356 B 134ms
46ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPrF-Xb9YVH4zXTZhjtSJmU&google_push=AYg5qPKvm08_fOBl06Y6txUHi1-PNI89QkqmrxrmNh2cShwBlXHk7V9EOvWh75iEussNy7J0JJMLZzIslIbrwc7bSLqw_WSAI4Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=600&adk=3015462051&adf=743281947&pi=t.aa~a.3923573800~rp.4&w=162&fwrn=4&fwrnh=100&lmt=1653469754&rafmt=1&to=qs&pwprc=7718992974&psa=0&format=162x600&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469754310&bpp=1&bdt=1468&idt=0&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f9194f15ccbf34a-2297234e9dcd0086%3AT%3D1653469753%3ART%3D1653469753%3AS%3DALNI_Ma1EZIA-djjub2utPGa7WqKJ2YxKA&prev_fmts=306x250%2C0x0&nras=2&correlator=7884474037610&frm=20&pv=1&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=DikEznxgB5&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:15 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 30CF 43 B
351 B 136ms
54ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENASQTca6FvxU5kKF24AKo0&google_cver=1&google_push=AYg5qPK9qDd3KQhFdbcLT9HOFL0uLsveWPgYJ_aBph5BCvM5cxoL9HcdmwbACUXgNM1lLOQ0So3CBUQWnvmVU3U0nZZStCwyng
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=600&adk=3015462051&adf=743281947&pi=t.aa~a.3923573800~rp.4&w=162&fwrn=4&fwrnh=100&lmt=1653469754&rafmt=1&to=qs&pwprc=7718992974&psa=0&format=162x600&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469754310&bpp=1&bdt=1468&idt=0&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4f9194f15ccbf34a-2297234e9dcd0086%3AT%3D1653469753%3ART%3D1653469753%3AS%3DALNI_Ma1EZIA-djjub2utPGa7WqKJ2YxKA&prev_fmts=306x250%2C0x0&nras=2&correlator=7884474037610&frm=20&pv=1&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=DikEznxgB5&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:14 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: gqbnsq0d83je2uprosfuf2k4q46gnqb2

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 30CF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=haxFtXWYRYuFfKNWvg7KDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

49ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=haxFtXWYRYuFfKNWvg7KDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIFPgapk0_a3zpZ126QDZ4Ts1PklXwfOMdp_KhmMtV82biGirn8TkZUxosAF5ssX5YCEegAvuqw_gcDduG7ypOvtxlkGPw

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=haxFtXWYRYuFfKNWvg7KDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIFPgapk0_a3zpZ126QDZ4Ts1PklXwfOMdp_KhmMtV82biGirn8TkZUxosAF5ssX5YCEegAvuqw_gcDduG7ypOvtxlkGPw
date: Wed, 25 May 2022 09:09:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 30CF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECuo0D41pysxiTx4-hBU5Xk&google_cver=1&google_push=AYg5qPLhW0iX1PVkg4kMVKrsAYJvPLRZCZssHPqD7P_SVPYrRnn99U-F8zCo8RU4a3Q9ULsxleR...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMRDc4RjQtMVctNUlVMA==&google_push=AYg5qPLhW0iX1PVkg4kMVKrsAYJvPLRZCZssHPqD7P_SVPYrRnn99U-F8zCo8RU4a3Q9ULsxleRgc6zTupXsqqzkzIDxxqArSoo

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMRDc4RjQtMVctNUlVMA==&google_push=AYg5qPLhW0iX1PVkg4kMVKrsAYJvPLRZCZssHPqD7P_SVPYrRnn99U-F8zCo8RU4a3Q9ULsxleRgc6zTupXsqqzkzIDxxqArSoo

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMRDc4RjQtMVctNUlVMA==&google_push=AYg5qPLhW0iX1PVkg4kMVKrsAYJvPLRZCZssHPqD7P_SVPYrRnn99U-F8zCo8RU4a3Q9ULsxleRgc6zTupXsqqzkzIDxxqArSoo
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 30CF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOw0rAmAUOUS5VpTCj-IBeU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOw0rAmAUOUS5VpTCj-IBeU&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3yO9d6k2D_Rj8zOL4hzgAABH0AAAIB&google_push=AYg5qPLP5dzUc4e_VL1pjauAYn6Ub5U8ehGqV8o08kK1Biewc5jfLAHJT39E1dlkXQYLJ_PmEdC_2NaegLPdt5t25o...

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3yO9d6k2D_Rj8zOL4hzgAABH0AAAIB&google_push=AYg5qPLP5dzUc4e_VL1pjauAYn6Ub5U8ehGqV8o08kK1Biewc5jfLAHJT39E1dlkXQYLJ_PmEdC_2NaegLPdt5t25onLKoAdBw&google_cver=1&google_gid=CAESEOw0rAmAUOUS5VpTCj-IBeU

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 09:09:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo3yO9d6k2D_Rj8zOL4hzgAABH0AAAIB&google_push=AYg5qPLP5dzUc4e_VL1pjauAYn6Ub5U8ehGqV8o08kK1Biewc5jfLAHJT39E1dlkXQYLJ_PmEdC_2NaegLPdt5t25onLKoAdBw&google_cver=1&google_gid=CAESEOw0rAmAUOUS5VpTCj-IBeU
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Wed, 25 May 2022 09:09:15 GMT

GET googleredir
googlecm.hit.gemius.pl/ Frame 30CF 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 30CF 0
12 B 45ms
45ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvEPAM8uPczZ6GoIMJFtbGR8kgLfj5HJk-iW694Ke-_vrVmofcFvhB3TLmLpBFw3NKyrbA0g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D385
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
19 B

91ms
91ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 09:09:15 GMT
expires: Wed, 25 May 2022 09:09:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 09:09:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 39ms
39ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=117&id=21635.522574.161651468.0.3.121&sid=628df239-6f1a-a0bb-k1qk-a9zewvchybxi&ref=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&r=1653469755
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:15 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 bridge3.517.2_ru.html Show response
imasdk.googleapis.com/js/core/ Frame 80F0 635 KB
206 KB 37ms
37ms Document
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_ru.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e6829d5a6fa89257a4f0d007b3680ff7acf55f0388cafe23f11369e653ea226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 409764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210461
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 15:19:51 GMT
expires: Sat, 20 May 2023 15:19:51 GMT
last-modified: Fri, 20 May 2022 15:15:44 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 46ms
45ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xn--e1alhsoq4c.xn--p1ai

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 09:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--e1alhsoq4c.xn--p1ai

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 09:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B46E 37 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 25 May 2022 09:57:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
89ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220518&jk=3761829894286944&bg=!WVqlWh7NAAZ4vKt9WLw7ACkAdvg8WlYTxO8tVTP-FgKRPSKCLYUOUiv9u7IK6Z8Hq4PJwWgmxSJmbgIAAADxUgAAAAJoAQeZAqkU6Oo_IBtTD1lnZ0MyqjMzgm5-2ttmJDF-5or3_ipobL6SDC_zt25MQ70GFCWYnq4SaddR0Cepb1cEfz40bbXEHPofVW_zIU3o7Nps_7lLSha5ZBidj3mfbAIPDAWHbkjbxTPr2XvLjPBeMDxMwbG5SHFqLps0C3g98wmfuoLVY2--lgZsw1DjY5zqEWAUJ8VPuF6KXj4AKPO1jvBuvwedWUPDozYCz-U6r0OoWkOuinkopssf5inRAD2e57hzOfdYgRhARtYfQBUBQPI_eUApboV84bG2p7lKnm4pJGQLU2C17H7W5B-ogVZNYroJ4AWneJ7eLwQcX9UgPQosujm86uk_C5IffO067PQBAajSuKsaYJtWH09o3EhR2flfsDqc0J7H3Sd0BIciDFf4CR7o2yB2qyIBBv4nSFglC7l0gymrUFH04BOSOOWohDZNPWW1sMk94lAehvad5YdpKSFkGNRRu0SbcAqRs2NZZFlt8_soCaXvK1YJ0M2-dzfGZVDlDF8tK4PB64zbBZd3Qpz8BI3KJrSwnmTSHPBfdnUH8Il0NH6UcQvFSrsVaiNmKlYwn_OHlkcd6qd9bSLxENiFT4LuigTWpa-jRYbawdQj0oyT64IgimJ8GzeBSOwCI7b6vE8kDftYeTo8OZK5pnzjTjnNtuxuastcbvyZL6ceXYcQe9CeKT7F3KZl7HFHZ_zyJwgIjS6hNseDWv8O0hBraHVRIxdj_yKR2WYOLswfHlNfW5sREaubGdpC-vlviKFxZ1_BNzRm77iDhmqnZxKfO3WjtU53tw2EuKH2dMEBfyje9y1jyyXtPg6kR9RUYzjz-hs5dKloeXv8UAO5gu3hzu5najvz-HYKcOCiCl438jMPsSrpe_-ZTkSEcOtf5t25EyYZIV0a9QQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 80F0 0
327 B 267ms
99ms Ping
image/gif 2a00:1450:4003:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l3ld78g5&c=7884474037610&slotId=3942237018805&fb=ima_html5-lima&sdkv=h.3.517.2&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=2.0&vmfc=1&vhc=0&ghmsh_eids=44760950%2C44761692%2C44762462
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_ru.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4003:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9E45 55 KB
19 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6d3db3a2766a28b3e1d9e18cc2e74573aee356daa3e75933c4b44373d6a5195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19794
x-xss-protection: 0
last-modified: Mon, 23 May 2022 16:51:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Wed, 25 May 2022 09:23:01 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D97 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 08:42:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0DCC 0
0 76ms
76ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CV_PgOfKNYoWdLsWA9u8PxJuImAK81Zbxac7247DmD5CStfKgMBABIJCfuB9glYKAgJgHoAHF6pm5AsgBCakC_h1BSzj2sT6oAwGqBOEBT9CjEv78YlmpzX07Hd2SYq536LHrr96oy2r9reOC9xd_hq8RljoO-narfbfPXQZ-gWHYC3gkJKqeZrFkTqTzeaR_06lNa3I4gt9u-c9XIFSDWy_81BZdyOhfueFHTDXBZBkCmEVd0hOOvxH9BjYpPrDIDyc5l8Gj3C_WQLHYzeJn925eXF-8m6ZQ2mwGZs86MWgJ_kBXFV6o8RLCLjtN8uEiLaXKDySnyolqwXh2XjfMO9zr6AiQIDE7bf71j9kZcRIssVqG-hNNUNhbUCQGoYvTIT7BCPOyYtm9dqhDuhvpwATiuOXGgASgBi6AB6OV5sYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ6aQJ0ggJCIDhgBAQARgfgAoByAsB2BMDiBQB0BUBmBYBgBcBshccChoIABIUcHViLTkyNDg4MTEwMzM4MTgwODUYAA&sigh=NqQeuoY5Yxo&vt=1&template_id=419&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9248811033818085&output=html&h=250&slotname=6027571092&adk=2114169559&adf=3282234639&pi=t.ma~as.6027571092&w=306&fwrn=4&fwrnh=100&lmt=1653469753&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fxn--e1alhsoq4c.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653469753421&bpp=3&bdt=579&idt=241&shv=r20220518&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&correlator=7884474037610&frm=20&pv=2&ga_vid=2021604683.1653469754&ga_sid=1653469754&ga_hid=194267909&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=924&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C42531557%2C31067629%2C31067737%2C31060049%2C31067718&oid=2&pvsid=3761829894286944&pem=20&tmod=712468582&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=DD5qtQQYAk&p=https%3A//xn--e1alhsoq4c.xn--p1ai&dtd=295
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 09:09:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0DCC 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstShiuieTCCTB3fLyZSBp-favc1K_9wbxAs6JwAPCHNNdRLnSRkIBK_4xatl9DZX-II6RlDd-uAIaXzcvo5u_WJegdGU4bkX3ILgE9ygVSbX53Yy7bpiP99Jxpa&sai=AMfl-YQyYaVn38t-ieOYoFFGx0iTiTk7YbHKo74GSR7WCDgEkx6l28I-QiBxIk4K0Zk3MjZSUeGDYoHwofuy&sig=Cg0ArKJSzBh5kZu6ASo1EAE&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2114169559&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1653469754072&rpt=309&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 09:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vpaid-player.js Show response
mpsuadv.ru/lib/custom/ Frame 9E45 45 KB
46 KB 430ms
167ms Script
application/javascript 45.67.59.2
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mpsuadv.ru/lib/custom/vpaid-player.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.67.59.2 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 77f4bc98347b32aedf1b93e6a87352256c3c00c648e1db588df6162aee0f3c5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 09:09:15 GMT
Last-Modified: Thu, 28 Apr 2022 12:15:07 GMT
Server: nginx/1.14.1
ETag: "626a854b-b551"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 46417
Expires: Wed, 25 May 2022 09:09:15 GMT

GET
H2 200 sbor Show response
s2.mpsuadv.ru/ Frame 9E45 35 B
344 B 3565ms
3151ms XHR
image/gif 45.141.77.113
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.mpsuadv.ru/sbor?event=pageload&pid=2480&version=1.006&rnd=111051483
Requested by: Host: mpsuadv.ru
URL: https://mpsuadv.ru/lib/custom/vpaid-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.77.113 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
If-Unmodified-Since: 1653469755923
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:19 GMT
server: nginx/1.14.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://xn--e1alhsoq4c.xn--p1ai
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,If-Unmodified-Since
content-length: 35

OPTIONS
H2 200 sbor
s2.mpsuadv.ru/ Frame 0
0 429ms
84ms Preflight
image/gif 45.141.77.113
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.mpsuadv.ru/sbor?event=pageload&pid=2480&version=1.006&rnd=111051483
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.77.113 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: if-unmodified-since
Access-Control-Request-Method: GET
Origin: https://xn--e1alhsoq4c.xn--p1ai
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,If-Unmodified-Since
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://xn--e1alhsoq4c.xn--p1ai
content-length: 35
content-type: image/gif
date: Wed, 25 May 2022 09:09:16 GMT
server: nginx/1.14.1

GET 2480
v5.mpsuadv.ru/vast/ Frame 9E45 0
0

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 40ms
39ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=436cb30e-e523-408a-aa69-777e9f033230&dp=14&tz=%2B00%3A00&nc=95674484&dT=2022-05-25T09%3A09%3A16.576
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--e1alhsoq4c.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:09:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F39F28D621D0B870602D2F650

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ3K0p92_i2-PqJZrgMcvkw&google_cver=1&google_push=AYg5qPKdCIDylLTodPPk4CxfCs0rkdYkbL-Jd6MlBeD4clHR9hWokdeyH7q3hJATu0v_ZnhCIO8PNPonXTbRblLyQ0oOVFiUA_VA

Domain: v5.mpsuadv.ru
URL: https://v5.mpsuadv.ru/vast/2480

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

95 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xn--e1alhsoq4c.xn--p1ai/	1978-01-11 21:31:40	Name: fid Value: d2adbd65-0245-4ab1-b02c-527a4c05c48d
.acint.net/	1970-01-20 03:17:50	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWKN8jkGhwsdUPbSAkjh8vN64a07v9xbebdqqvKwOmcE
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp7v2 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp14v3 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp17 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp32 Value: 1653469753
.acint.net/	1970-01-20 03:19:16	Name: cSyncDp45v3 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp53 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp54v2 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp62 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp67v2 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp68 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp71 Value: 1653469753
.acint.net/	1970-01-20 03:37:59	Name: cSyncDp77 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp84 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp85 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp95v3 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp101 Value: 1653469753
.acint.net/	1970-01-20 03:37:59	Name: cSyncDp104v2 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp107 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp110 Value: 1653469753
.acint.net/	1970-01-20 03:37:59	Name: cSyncDp111v2 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp112v2 Value: 1653469753
.acint.net/	1970-01-20 03:39:25	Name: cSyncDp125v2 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp126 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp127 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp129 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp136v2 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp138 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp144 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp146 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp148 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp149 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp151 Value: 1653469753
.acint.net/	1970-01-20 04:01:01	Name: cSyncDp186 Value: 1653469753
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWKN8jm0DwATCEqLAmwDx3VzbphrItOkbu57ejnZuT8Q
.xn--e1alhsoq4c.xn--p1ai/	1970-01-20 12:39:25	Name: __gads Value: ID=4f9194f15ccbf34a-2297234e9dcd0086:T=1653469753:RT=1653469753:S=ALNI_Ma1EZIA-djjub2utPGa7WqKJ2YxKA
.xn--e1alhsoq4c.xn--p1ai/	1970-01-20 12:03:25	Name: _ym_uid Value: 1653469754367171267
.xn--e1alhsoq4c.xn--p1ai/	1970-01-20 12:03:25	Name: _ym_d Value: 1653469754
.betweendigital.com/	1970-01-20 12:03:25	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 12:03:25	Name: tuuid Value: 9bb97225-ea70-5291-bea4-42a9dc29b090
.betweendigital.com/	1970-01-20 12:03:25	Name: ss Value: 1
.utraff.com/	1970-01-20 04:01:12	Name: preutid Value: 1
.mc.yandex.com/	1970-01-20 03:17:50	Name: sync_cookie_csrf Value: 158398762fake
.xn--e1alhsoq4c.xn--p1ai/	1970-01-20 03:19:01	Name: _ym_isad Value: 2
.mail.ru/	1970-01-20 12:04:52	Name: VID Value: 2_7CvE2GU52A00000d1EH4oA:::0-0-0-7a84af9:CAASEF10UIgo3QcVMONFShLx2sEaYMEjsr-82fLYc5-T6s5Z-SNunvpOOK3PEGpqiPmcKndxJTLNuL2AwIXIDLJWwunhIOBZQfFwEjFBE71V9aZwvbYzSgSWC62oNTMXpsfO3Oo2HOOnjQDPrtdCvnlHtX-6SQ
.upravel.com/	1970-01-20 03:17:49	Name: session_tptc Value: 1653469754021
.mc.yandex.ru/	1970-01-20 03:17:50	Name: sync_cookie_csrf Value: 2654781432fake
.betweendigital.com/	1970-01-20 12:03:25	Name: ut Value: Yo3yOgAAq-CWv4l2UEGdFDjn43-UY5mwtciaMQ==
.republer.com/	1970-01-20 12:03:25	Name: ruid Value: b4307617-68b2-4368-8bd6-5890e071b323
.upravel.com/	1970-01-23 18:53:49	Name: user_id Value: 4d69d3da-f56a-4587-970d-5ffc9eb38b56
.adriver.ru/	1970-01-20 20:49:01	Name: cid Value: AyQqsTyMAdjmxcjWtFFMlEw
.xn--e1alhsoq4c.xn--p1ai/	1970-01-20 20:49:01	Name: _ga Value: GA1.2.2021604683.1653469754
.xn--e1alhsoq4c.xn--p1ai/	1970-01-20 03:19:16	Name: _gid Value: GA1.2.1820898632.1653469754
.xn--e1alhsoq4c.xn--p1ai/	1970-01-20 03:17:49	Name: _gat_gtag_UA_85145813_2 Value: 1
.doubleclick.net/	1970-01-20 12:39:25	Name: IDE Value: AHWqTUmIzgP0IQfxrjECSf_A4mxBoVAWHs1JELudxXWsSwGNUw9ZZxcj6SMH7F0PVnc
.1dmp.io/	1970-01-20 12:03:25	Name: uid Value: 58f0ea12-dc0a-11ec-acfd-901b0e8b2a6e
.yandex.com/	1970-01-20 12:03:25	Name: ymex Value: 1685005754.yrts.1653469754#1685005754.yrtsi.1653469754
.yandex.com/	1970-01-20 12:03:25	Name: yandexuid Value: 1506708241653469754
.yandex.com/	1970-01-20 12:03:25	Name: yuidss Value: 1506708241653469754
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1670837921653469754
.yandex.com/	1970-01-23 18:53:49	Name: i Value: gu9xwHE1d30HeTOW4VtxGkFP1mMludS1Ev266uBPQ0zIe40jaCuGm+yqbRTWxowrMQpcObAr7UxUvFoHZOZ2euD/zsc=
.rutarget.ru/	1970-01-20 07:37:01	Name: userId Value: jts39tVTOheL
.adhigh.net/	1970-01-20 12:03:25	Name: gi_u Value: 7nE3yyQ59t3.AikABlGA-no0Ow
.rktch.com/	1970-01-20 04:01:01	Name: b_uid Value: 6b275356fcfdf37b0c93f123fee0655a05ac
.uuidksinc.net/	1970-01-20 12:03:25	Name: jcsuuid Value: 3KZqskh7edz67hzV9KWL
.mts.ru/	1970-01-20 11:50:28	Name: dspid Value: 153094f0-cd38-4a9a-947b-5e44d8915625
.ops.beeline.ru/	1970-01-20 11:50:28	Name: BeeAID Value: c41792bf-7086-48cf-b1e8-b9c09bd1a213
.adsniper.ru/	1970-01-27 10:29:49	Name: uuid3 Value: IiQ1OTI5YjQ0NC1kYzBhLTExZWMtODQzZC0wMDI1OTBjODI0Mzc*
.adhigh.net/	1970-01-20 12:03:25	Name: sape_sync Value: jS0
ssp.bidvol.com/	1970-02-13 23:49:13	Name: bvuid Value: ntzacyhov2
.weborama.fr/	1970-01-20 12:43:44	Name: AFFICHE_W Value: 5e5-w54vYwTl32
.bumlam.com/	1970-01-27 10:29:49	Name: suuid3 Value: IiQ1OTI5YjQ0NC1kYzBhLTExZWMtODQzZC0wMDI1OTBjODI0Mzc*
.doubleclick.net/	1970-01-20 03:17:53	Name: DSID Value: NO_DATA
.gnezdo.ru/	1970-01-25 20:05:16	Name: uid Value: XV9maWKN8jpXqU2DMzm/Ag==
.aidata.io/	1970-01-20 20:49:01	Name: __upin Value: t7Gm0LdPH2mPLI+wlTufQA
.aidata.io/	1970-01-20 20:49:01	Name: __upints Value: 1653469754
.agency2.ru/	1970-01-20 11:50:28	Name: uuid Value: 85ebeebe-35d4-43b4-a6a4-f1077f3f445c
.yandex.ru/	1970-01-23 18:53:49	Name: yuidss Value: 1225989221653469754
.yandex.ru/	1970-01-23 18:53:49	Name: yandexuid Value: 1225989221653469754
x01.aidata.io/	1970-01-20 03:22:08	Name: mts Value: 1
dmp.gotechnology.io/	1969-12-31 23:59:59	Name: chk Value: 1
.mts.ru/	1970-01-23 17:41:49	Name: mts_id Value: 6eca1a34-24da-46c5-819a-d45d647fd457
.mts.ru/	1970-01-23 17:41:49	Name: mts_id_last_sync Value: 1653469754
.gotechnology.io/	1970-01-20 16:28:23	Name: pid Value: NGJkY2VjNTRmMjU3OTI5Ng
.dmg.digitaltarget.ru/	1970-01-21 05:13:01	Name: viuserid Value: bbHjNC7fjhIRpLx7FhsE
.quantserve.com/	1970-01-20 05:27:25	Name: d Value: ECIBCQGcJoEA
.quantserve.com/	1970-01-20 12:48:04	Name: mc Value: 628df23b-2fe3c-8a369-1072f
.casalemedia.com/	1970-01-20 12:03:25	Name: CMID Value: Yo3yO9d6k2D-Rj8zOL4hzgAA
.casalemedia.com/	1970-01-20 05:27:25	Name: CMPS Value: 3264
.casalemedia.com/	1970-01-20 05:27:25	Name: CMPRO Value: 1149
.casalemedia.com/	1970-01-20 03:19:16	Name: CMST Value: Yo3yO2KN8jsA
.pubmatic.com/	1970-01-20 03:19:16	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 05:27:25	Name: KADUSERCOOKIE Value: 85AC45B5-7598-458B-857C-A356BE0ECA0E

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-error://chromewebdata/ Message: Failed to load resource: the server responded with a status of 502 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://widget.socialblade.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9649.SCrZx7wDNk5usqig1x5w4QuWSJiNZsj6jFzjsPyoN9MpxO4iUklLS4L1p3QM9yaS2IKdER6u0bJvuIQyZVxGuQ%2C%2C.QyjlLkfL5rUXINalgAufhEW-HrQ%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://an.yandex.ru/setud/mts_banner/FTCU8M04SpqUe15E2JFWJQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=2478747470 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ3K0p92_i2-PqJZrgMcvkw&google_cver=1&google_push=AYg5qPKdCIDylLTodPPk4CxfCs0rkdYkbL-Jd6MlBeD4clHR9hWokdeyH7q3hJATu0v_ZnhCIO8PNPonXTbRblLyQ0oOVFiUA_VA Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://an.yandex.ru/mapuid/gonetdspis/NGJkY2VjNTRmMjU3OTI5Ng Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://an.yandex.ru/setud/mts_banner/FTCU8M04SpqUe15E2JFWJQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3Dt7Gm0LdPH2mPLI%252BwlTufQA&sign=1029155837 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://xn--e1alhsoq4c.xn--p1ai/ Message: Access to fetch at 'https://v5.mpsuadv.ru/vast/2480' from origin 'https://xn--e1alhsoq4c.xn--p1ai' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://v5.mpsuadv.ru/vast/2480 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f39f28d621d0b870602d2f650-sp.ops.beeline.ru
4d69d3da-f56a-4587-970d-5ffc9eb38b56.sync.upravel.com
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
c0.wp.com
cdn-rtb.sape.ru
cm.g.doubleclick.net
cms.quantserve.com
co9.rktch.com
cs.agency2.ru
csi.gstatic.com
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dmp.gotechnology.io
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
imasdk.googleapis.com
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mpsuadv.ru
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.wp.com
px.adhigh.net
redirect.frontend.weborama.fr
rtb.openx.net
s.uuidksinc.net
s0.2mdn.net
s2.mpsuadv.ru
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
ssum-sec.casalemedia.com
stat.adlabs.ru
stats.g.doubleclick.net
stats.wp.com
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync.upravel.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
tg.rktch.com
tpc.googlesyndication.com
ut.rktch.com
v5.mpsuadv.ru
vastroll.ru
widget.socialblade.com
www.acint.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
xml.mpsuadv.ru
xn--e1alhsoq4c.xn--p1ai
googlecm.hit.gemius.pl
s3.advarkads.com
v5.mpsuadv.ru
109.248.237.36
136.243.148.229
138.201.34.238
142.132.209.138
142.250.185.194
142.250.186.66
148.251.129.43
157.90.179.219
176.99.6.56
176.99.7.123
185.147.80.35
185.15.175.144
185.15.175.174
185.60.135.47
188.42.196.115
192.0.76.3
192.0.77.37
193.232.150.43
194.190.117.94
195.201.57.28
195.209.108.50
198.47.127.19
213.87.44.187
217.65.2.150
217.66.147.164
23.111.107.44
23.35.236.247
2606:4700:20::681a:125
2606:4700:3030::ac43:d6f1
2606:4700:3032::6815:3b42
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1148:db00::17
2a00:1450:4001:800::2001
2a00:1450:4001:802::2002
2a00:1450:4001:809::2006
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a00:1450:4003:80c::2003
2a00:1450:400c:c1b::9d
2a02:6b8::1:119
2a02:6b8::90
31.172.81.158
31.172.81.160
31.220.27.134
34.98.67.61
35.190.24.218
35.227.252.103
37.18.103.16
37.9.245.57
45.141.77.113
45.67.59.2
45.67.59.5
46.243.142.239
46.4.121.26
5.200.50.170
65.108.1.48
69.173.144.165
78.46.16.13
81.222.128.215
89.108.119.28
89.108.97.2
93.95.102.105
95.181.171.233
95.211.66.35
005dae70297e564c263b5ba0765ef45701a11dcc95c8b2f27b0859f8118cba5f
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0903da753311f06f923bed49d00a74b7904be20f5708d2338f4b00abad5a5fbd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
0dba3cb5f11d80858886024a433a2c583ba78e025012bbbe082e2ea33fbe1858
0dc832122e69ebf0bb053b52c5961f028a617aa6db9b8a18ae07af8769275ebe
101e4fca05434c9cd3c6204b7241572a1e69ddf84432720365f0a5bba3cbe94e
10bbbaef33dfef4f23718048289960ee752649f726c51aa4881957495d0b8450
170aba10d06d97475a89f9e6a41fd239eccdc9b66321b123a9579740ea9e2b32
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1daa73e56627417a63ea7c1b5bd10d5d9926364c6d50c6be281b770b051ab606
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
259bc14bb05eba5828fb14f78cc1a1b3ed50c2b0d5566da756942c1e2f409c92
2a4616e0aa0e772c187debff36ebf5f036fc8e5dce2028965b607e750e01fff6
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b7059b5f0e3587f9cb739d2852ecde1687203b73a858db77679a79224742e0e
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
31eccde87e298b1d699792043de42f7369dbf9133647f9e387f38cf93e4e8931
31f7b29fc838e892c374640bfaaf9a8c39ecea845bf919fba6fdb60c66d8e1f0
3329813e0c2788f727bbb57c75a5751c683649372d99dd1a3627f2f7d95e2e58
367f94b21326a03d42a28fa94bffcdf9fc8e9f62e3f5e2a7983db264360e3dc0
37d9fdcb589bfab4d9557628567c02db962393f3306d31658425f073721b317d
3d934946e478053820ccfc2e9902822114dc8c40e26669d9742c9fe6524ee661
3e367d51d8128ca20a1517d35e256a2e63e459b6b108c92273844b4092a39c63
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
448cf66028386468edd1844295898edbfe8851a90d502191cc3390f742687d71
4acc773f3d04fc263a9e4a3f52dfd386641be5fd7f3885a17fcf7fa476aef1be
4b66994b1dc036edf7971da59a059620fc9fdda89c3ecc8c07e93f9c6fe61ebf
4b84c26fc972d527005b6353058ff181ca9dfbb9047bed018e6b019f965d3cdc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
51f183a47b934ccf1c915a44d89aaaced190036e11da836ed66f127b10cd716e
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ff01df2f51318c697c33e4bc232f483f39acab7df680ba0dc9de81ebb60ab4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e6829d5a6fa89257a4f0d007b3680ff7acf55f0388cafe23f11369e653ea226
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6
6a1e17d2bbfc2a99a249eb95ed4f923015852166d082901377870a1520784f21
6a769936af844dea88b7d829670c48811b6ecc9f47575331da26fef27bcad3b8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d31935fb2479231464f859e522b2356ecc5266920137fa628337fd61b52c6b9
702382ec81306bd47bee31aff9028ed064fa3aa31f424ba4a58061030c7de67a
74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9
77840b5b4d4314649f62681f94a823319ed521e8168afcb93a81fcdcf32b8d94
77f4bc98347b32aedf1b93e6a87352256c3c00c648e1db588df6162aee0f3c5f
793c0a11b32feaa7a58d5ca2c26d502a2ea4eae81490b3ebf0da2f970f6e8ac7
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7e02609153fe4e513fb1e6918611d4afe901afa195862ee2283cea31caa61483
7efb78258c221e95bfc07829765d83dd923e618f24350397757a336f3410eb11
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82fc34423461de484a0a8a8e706b78fff9331f332b93075a876c67253b997f03
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83a8e174b4213415b0c7643fbc9cad681530b1155b92dbcabac8c9ec541e1ebf
86c8f0ef3d5c51e837bd0c69424d11e9e8522f834e1c18d620073db93b5c79f7
8813bee179b63685c9a7d32f89055a4c27803004b8f23d64ff872c68ab440c41
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
9982bfa4c5e6e9d392ae61fef8a64294d8e31a637ed6bc3707033e991e7d403b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8a0b91d593ee394d8f11346236a3ea69990e40928ef743a72690a54e7a464a0
af8caae2e8cb9b34050814bebab85b8d3e4594ab80ebd962983cf793ab27cfbe
afac55b6217ea4d15110fc9e235315dfa4c2398901bbd23c3c9b0523982a779f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a287ed97b62a0f4fa8947e6da754f716331f106b88f620a6bc650974c3d2be
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb9cce1f3afdfa8801a34b4562d96c5b4d150e55f2e5b2a6d4abb482da654006
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd82cac24cbdef5b83f92479a62813edddc8f515353bfa0e3e774f30f6327254
bfee03f88a1afb1cc25506610395cc5dec5bc28d18d9a45e0bd16ce477d58da3
c1bc764f404b41ebdc1d8f5f51a9bbefa7446eca617da4d1eefab020d7b24b78
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c6d3db3a2766a28b3e1d9e18cc2e74573aee356daa3e75933c4b44373d6a5195
c99ffa666406b233d0791d6f9c7b4675c37ae1e537813b213bc3968a95321355
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
cc9c13341678b544fc3f130671b4c481c56cf6207767bfebc065e24036192fb8
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d36d8ef2f9e9af31dc74eef047ecb1f2208b190341f78998b09eb8af84c5941b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fce7e9715dfeded3495e0d9c54966b1ff7b26a768ca2024c2cf097ee90015cd6
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

xn--e1alhsoq4c.xn--p1ai Open in urlscan Pro Puny шляхтен.рф IDN 2606:4700:3030::ac43:d6f1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

210 Requests

81 %HTTPS

30 %IPv6

58 Domains

78 Subdomains

49 IPs

9 Countries

3002 kBTransfer

7152 kBSize

95 Cookies

18 Outgoing links

Page URL History

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xn--e1alhsoq4c.xn--p1ai Open in urlscan Pro Puny
шляхтен.рф IDN
2606:4700:3030::ac43:d6f1 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

81 %
HTTPS

30 %
IPv6

58
Domains

78
Subdomains

49
IPs

9
Countries

3002 kB
Transfer

7152 kB
Size

95
Cookies

210 HTTP transactions
1 data transactions