agronomu.com Open in urlscan Pro
54.38.155.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://agronomu.com/
Effective URL:
https://agronomu.com/
Submission: On June 07 via manual (June 7th 2022, 6:36:44 pm UTC) from US — Scanned from CA

Summary HTTP 164 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 38 domains to perform 164 HTTP transactions. The main IP is 54.38.155.61, located in France and belongs to OVH, FR. The main domain is agronomu.com.
TLS certificate: Issued by R3 on May 14th 2022. Valid for: 3 months.

This is the only time agronomu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 48	54.38.155.61 54.38.155.61	16276 (OVH) (OVH)
4	46.4.104.244 46.4.104.244	24940 (HETZNER-AS) (HETZNER-AS)
13	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1	51.15.157.253 51.15.157.253	12876 (Online SAS) (Online SAS)
1	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	185.177.93.20 185.177.93.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
7	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
4	212.109.217.26 212.109.217.26	29182 (RU-JSCIOT) (RU-JSCIOT)
2	85.192.12.169 85.192.12.169	12695 (DINET-AS) (DINET-AS)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
3 6	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	209.208.78.145 209.208.78.145	6364 (ATLANTIC-...) (ATLANTIC-NET-1)
1	62.76.25.27 62.76.25.27	61400 (NETRACK-AS) (NETRACK-AS)
19	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
5	109.206.175.74 109.206.175.74	50245 (SERVEREL-AS) (SERVEREL-AS)
1 2	149.5.244.0 149.5.244.0	174 (COGENT-174) (COGENT-174)
3	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::78	15169 (GOOGLE) (GOOGLE)
1	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:1::a	15169 (GOOGLE) (GOOGLE)
2 3	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1	2607:f8b0:400... 2607:f8b0:4006:807::2004	15169 (GOOGLE) (GOOGLE)
1 2	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
1 1	138.201.139.144 138.201.139.144	24940 (HETZNER-AS) (HETZNER-AS)
1 2	95.163.52.67 95.163.52.67	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
4	85.192.12.174 85.192.12.174	12695 (DINET-AS) (DINET-AS)
2	193.106.92.202 193.106.92.202	48614 (ITSOFT-AS) (ITSOFT-AS)
1 2	204.62.13.72 204.62.13.72	46636 (NATCOWEB) (NATCOWEB)
3 3	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 1	54.156.238.191 54.156.238.191	14618 (AMAZON-AES) (AMAZON-AES)
1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
164	37

48 54.38.155.61 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip61.ip-54-38-155.eu

agronomu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.104.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.104.4.46.clients.your-server.de

dayaneznayu.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80e::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.157.253 (Pradons, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-157-253.rev.poneytelecom.eu

damskiy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

hdacode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

cdn.hunterdelivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.93.20 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-93-20.ah-server.com

zcode6.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:807::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.109.217.26 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: tapeinotita7.slickjump.org

sjsmartcontent.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.192.12.169 (Russian Federation)

ASN12695 (DINET-AS, RU)

y8lsyibocd.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200e (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2002 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.208.78.145 (Bartlett, United States)

ASN6364 (ATLANTIC-NET-1, US)

duper8flash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.76.25.27 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)

facmtf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 109.206.175.74 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.175.74.serverel.net

pixel.metrics0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.5.244.0 (Valbonne, France) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:822::2001 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::78 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200e (Mullica Hill, United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:1::a (Montreal, Canada)

ASN15169 (GOOGLE, US)

r5---sn-t0a7ln7d.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.120.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

api.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::2004 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.148.229 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.139.144 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de

cm.p.altergeo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)

pdayyocpnvh.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmpprof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dprof.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.106.92.202 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
PTR: rav4ever.ru

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.62.13.72 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.238.191 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-238-191.compute-1.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	agronomu.com 1 redirects agronomu.com	4 MB
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	386 KB
19	relap.io relap.io — Cisco Umbrella Rank: 32432 Failed s.relap.io — Cisco Umbrella Rank: 61466	195 KB
6	gstatic.com www.gstatic.com csi.gstatic.com	27 KB
6	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 3528	3 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 bid.g.doubleclick.net — Cisco Umbrella Rank: 473	86 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42 imasdk.googleapis.com — Cisco Umbrella Rank: 381	127 KB
5	metrics0.com pixel.metrics0.com	12 KB
4	sjsmartcontent.org sjsmartcontent.org — Cisco Umbrella Rank: 276027	97 KB
4	dayaneznayu.bid dayaneznayu.bid	19 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 269	2 KB
3	aidata.io 2 redirects api.aidata.io — Cisco Umbrella Rank: 371387 x01.aidata.io — Cisco Umbrella Rank: 15058	353 B
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 886 r5---sn-t0a7ln7d.c.2mdn.net — Cisco Umbrella Rank: 271745	594 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	admixer.net 1 redirects inv-nets.admixer.net — Cisco Umbrella Rank: 2172	996 B
2	dmpprof.com dmpprof.com — Cisco Umbrella Rank: 20197	1017 B
2	prodmp.ru prodmp.ru — Cisco Umbrella Rank: 61580	357 B
2	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 10716	2 KB
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12087	777 B
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 21314	737 B
2	google.ca adservice.google.ca — Cisco Umbrella Rank: 14230	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	y8lsyibocd.ru y8lsyibocd.ru	85 KB
1	dprof.site dprof.site — Cisco Umbrella Rank: 194619	539 B
1	uuidksinc.net s.uuidksinc.net — Cisco Umbrella Rank: 3561	242 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 5572	322 B
1	pdayyocpnvh.ru pdayyocpnvh.ru — Cisco Umbrella Rank: 158071	48 KB
1	altergeo.ru 1 redirects cm.p.altergeo.ru — Cisco Umbrella Rank: 59170	523 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	43 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 768	694 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 419	82 KB
1	duper8flash.com duper8flash.com Failed
1	facmtf.com facmtf.com — Cisco Umbrella Rank: 735227 Failed	19 KB
1	zcode6.me zcode6.me	14 KB
1	hunterdelivery.com cdn.hunterdelivery.com — Cisco Umbrella Rank: 798000	24 KB
1	hdacode.com hdacode.com	46 B
1	damskiy.xyz damskiy.xyz	119 KB
0	agrorek.site Failed agrorek.site Failed
164	38

	Domain	Requested by
48	agronomu.com	1 redirects agronomu.com
18	relap.io	agronomu.com relap.io
14	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
13	pagead2.googlesyndication.com	agronomu.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
6	mc.yandex.ru	3 redirects agronomu.com
5	pixel.metrics0.com	damskiy.xyz pixel.metrics0.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	sjsmartcontent.org	agronomu.com sjsmartcontent.org
4	dayaneznayu.bid	agronomu.com dayaneznayu.bid
3	x.bidswitch.net	3 redirects
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	inv-nets.admixer.net	1 redirects
2	dmpprof.com	pdayyocpnvh.ru
2	prodmp.ru	pdayyocpnvh.ru
2	top-fwz1.mail.ru	1 redirects
2	sync.1dmp.io	1 redirects relap.io
2	api.aidata.io	1 redirects
2	r5---sn-t0a7ln7d.c.2mdn.net	agronomu.com
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	mc.webvisor.org	1 redirects agronomu.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.ca	pagead2.googlesyndication.com
2	www.google-analytics.com	agronomu.com www.google-analytics.com
2	y8lsyibocd.ru	agronomu.com
1	dprof.site	pdayyocpnvh.ru
1	s.uuidksinc.net
1	sonata-notifications.taptapnetworks.com	1 redirects
1	pdayyocpnvh.ru	y8lsyibocd.ru
1	cm.p.altergeo.ru	1 redirects
1	s.relap.io	relap.io
1	www.google.com	tpc.googlesyndication.com
1	x01.aidata.io	1 redirects
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.jsdelivr.net	agronomu.com
1	duper8flash.com	agronomu.com
1	facmtf.com	agronomu.com
1	zcode6.me	agronomu.com
1	cdn.hunterdelivery.com	agronomu.com
1	hdacode.com	agronomu.com
1	damskiy.xyz	agronomu.com damskiy.xyz
0	agrorek.site Failed	agronomu.com
164	46

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
zen.yandex.ru

Subject Issuer	Validity	Valid
agronomu.com R3	`2022-05-14` - `2022-08-12`	3 months	crt.sh
dayaneznayu.bid R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
damskiy.xyz R3	`2022-06-05` - `2022-09-03`	3 months	crt.sh
hdacode.com R3	`2022-04-27` - `2022-07-26`	3 months	crt.sh
hunterdelivery.com E1	`2022-05-29` - `2022-08-27`	3 months	crt.sh
zcode5.me R3	`2022-05-18` - `2022-08-16`	3 months	crt.sh
*.sjsmartcontent.org GlobalSign GCC R3 DV TLS CA 2020	`2022-05-12` - `2023-06-13`	a year	crt.sh
mwcjzvmrtv.ru R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.md-hq.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2022-07-16`	2 months	crt.sh
facmtf.com R3	`2022-05-11` - `2022-08-09`	3 months	crt.sh
relap.io GeoTrust RSA CA 2018	`2021-08-26` - `2022-09-26`	a year	crt.sh
metrics0.com R3	`2022-02-06` - `2022-05-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-05-24` - `2022-08-02`	2 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
sync.1dmp.io R3	`2022-04-21` - `2022-07-20`	3 months	crt.sh
pwrlkyotm.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
prodmp.ru R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh
dmpprof.com R3	`2022-05-22` - `2022-08-20`	3 months	crt.sh
uuidksinc.net R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://agronomu.com/
Frame ID: CBE7EF801364DF98E88CE876618291C0
Requests: 95 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20190131/zrt_lookup.html
Frame ID: 5AA9C663066E4D3184A09660690892C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205721341501125&output=html&adk=1812271804&adf=3025194257&lmt=1654626996&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fagronomu.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654626995675&bpp=239&bdt=161&idt=382&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2610918037765&frm=20&pv=2&ga_vid=396098972.1654626996&ga_sid=1654626996&ga_hid=1882310940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31065825&oid=2&pvsid=3987385358207870&pem=261&tmod=1624408955&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=403
Frame ID: 04048D9837D58D704B2A34DFB3D07FC2
Requests: 1 HTTP requests in this frame

Frame: https://pixel.metrics0.com/frame2.html
Frame ID: E68B7C2162DA370ADF7AA1FBB29AF4CC
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1891B5A335D04DAA003CBFCC99A6369B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1
Frame ID: B264C661D702128FE12EFB6B9EBD35C4
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/abg_lite_fy2019.js
Frame ID: 8D723F0395F3D6A2CD09644A333F2ACC
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js
Frame ID: 8091CBDD8894B7E9F548E36D6F6B8940
Requests: 1 HTTP requests in this frame

Frame: https://relap.io/v7/relap.js
Frame ID: 7CF60517518E15B768F6532F2F8B0754
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3E03A2BD8B135A3D6058EEFD6C976089
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 58804F0471383FB9C3EF2AEDFE83FC21
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E1FB92499A84984088EFC2B49BC83032
Requests: 2 HTTP requests in this frame

Frame: https://sync.1dmp.io/supersync?t=c4404c34-e690-11ec-acfd-901b0e8b2a6e
Frame ID: A944A36FCC66C96DA6D1161FB57D5CA6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Агроному.com | Все о сельськом хозяйстве

Page URL History Show full URLs

http://agronomu.com/ HTTP 301
https://agronomu.com/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

164
Requests

88 %
HTTPS

38 %
IPv6

38
Domains

46
Subdomains

37
IPs

7
Countries

5774 kB
Transfer

9273 kB
Size

54
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/agronomu/

Search URL Search Domain Scan URL

URL: https://twitter.com/agronomu

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCOyyC1r5Eapza6SCEA8QSxg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/agronomu/

Search URL Search Domain Scan URL

URL: https://zen.yandex.ru/id/5ba9f3c51c5a9600aa6b9f21
Title: Яндекс.Дзен

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://agronomu.com/ HTTP 301
https://agronomu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fagronomu.com%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbyucu03c%3Afp%3A1129%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A0%3Als%3A1426836562801%3Ahid%3A390122151%3Az%3A0%3Ai%3A20220607183636%3Aet%3A1654626996%3Ac%3A1%3Arn%3A382977925%3Arqn%3A1%3Au%3A1654626996669955650%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654626994828%3Ads%3A0%2C193%2C189%2C1%2C300%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Ast%3A1654626996&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fagronomu.com%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbyucu03c%3Afp%3A1129%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A0%3Als%3A1426836562801%3Ahid%3A390122151%3Az%3A0%3Ai%3A20220607183636%3Aet%3A1654626996%3Ac%3A1%3Arn%3A382977925%3Arqn%3A1%3Au%3A1654626996669955650%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654626994828%3Ads%3A0%2C193%2C189%2C1%2C300%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Ast%3A1654626996&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Request Chain 36

https://mc.yandex.ru/watch/26533899?wmode=7&page-url=https%3A%2F%2Fagronomu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbyucu03c%3Afp%3A1129%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A1435097137841%3Ahid%3A390122151%3Az%3A0%3Ai%3A20220607183636%3Aet%3A1654626996%3Ac%3A1%3Arn%3A295284963%3Arqn%3A1%3Au%3A1654626996669955650%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654626994828%3Ads%3A0%2C193%2C189%2C1%2C300%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654626996%3At%3A%D0%90%D0%B3%D1%80%D0%BE%D0%BD%D0%BE%D0%BC%D1%83.com%20%7C%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D1%81%D0%B5%D0%BB%D1%8C%D1%81%D1%8C%D0%BA%D0%BE%D0%BC%20%D1%85%D0%BE%D0%B7%D1%8F%D0%B9%D1%81%D1%82%D0%B2%D0%B5&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/26533899/1?wmode=7&page-url=https%3A%2F%2Fagronomu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbyucu03c%3Afp%3A1129%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A1435097137841%3Ahid%3A390122151%3Az%3A0%3Ai%3A20220607183636%3Aet%3A1654626996%3Ac%3A1%3Arn%3A295284963%3Arqn%3A1%3Au%3A1654626996669955650%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654626994828%3Ads%3A0%2C193%2C189%2C1%2C300%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654626996%3At%3A%D0%90%D0%B3%D1%80%D0%BE%D0%BD%D0%BE%D0%BC%D1%83.com%20%7C%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D1%81%D0%B5%D0%BB%D1%8C%D1%81%D1%8C%D0%BA%D0%BE%D0%BC%20%D1%85%D0%BE%D0%B7%D1%8F%D0%B9%D1%81%D1%82%D0%B2%D0%B5&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Request Chain 72

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9662.gFPwxkvQKs5zsF_bubbaQQuhn4c2PRj59nThmQf_0JQVUXpoJyBtmE89jUPz0zxQ.20WpAHsCE3gtSzm6AwJrsH0uyWw%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9662.wrRWLIeD-6yo6SDuVpjeQtA0CXpHJD8DGT_TKnjpL0a0CXX0qWJ9pxQ_HbI8_AOKhmTna9sk7HFDpskps42aGt_YkvQI8u6V3xGje5ObdVY%2C.KNNxJiYfLi56FqCVUDl1wuK9CG8%2C

Request Chain 113

https://gcdn.2mdn.net/videoplayback/id/7b0f100c3e75098e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686162997/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8E3193E592F59CE5D86A1EAE004EE29302F6AAF3.64C22093CEE80478F25339BF41F01EEAA655E39A/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/7b0f100c3e75098e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686162997/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3E197DEDD4B182E424DE281AACE9A0EAFE93B393.1658AB605203C69F07A1C622C5E9BEB3481ABAC3/key/cms1/cms_redirect/yes/mh/LJ/mip/2607:5300:60:7867::13/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1654626517/mv/m/mvi/5/pl/32/file/file.mp4

Request Chain 130

https://api.aidata.io/api/pid/1853046/user?callback=s4data HTTP 301
https://x01.aidata.io/api/pid/1853046/user?callback=s4data HTTP 301
https://api.aidata.io/api/pid/1853046/user?callback=s4data&__upin=undefined

Request Chain 144

https://sync.1dmp.io/supersync?pid=w&o=ns&cid=d532925e-370a-4913-9238-e8b91206247f&brid=3fdc8267-2323-4ff5-80fe-dc2813a9742e&uid=QYYKhBTf HTTP 302
https://sync.1dmp.io/supersync?t=c4404c34-e690-11ec-acfd-901b0e8b2a6e

Request Chain 145

https://cm.p.altergeo.ru/relap?aid=QYYKhBTf&nc=cCc5vgPe&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
https://relap.io/partners/altergeocs?uid=CMc4GwmUIiR92+D3Ij+M9sAQ==

Request Chain 146

https://top-fwz1.mail.ru/counter?id=3136989 HTTP 302
https://top-fwz1.mail.ru/counter2?id=3136989

Request Chain 159

https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=bb095f35-4606-4cca-96a1-93e0ada65ae9 HTTP 302
https://x.bidswitch.net/sync?ssp=admixer&user_id=839a8f96d0b64be7a76cbaa693477935&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=839a8f96d0b64be7a76cbaa693477935&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=f9690aff-22ad-48da-801e-7fdf0777ef17&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=admixer&user_id=csonata_bf394b43-3e8d-4b55-afb2-156239b1e090&bsw_param=f9690aff-22ad-48da-801e-7fdf0777ef17&expires=10 HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=f9690aff-22ad-48da-801e-7fdf0777ef17&gdpr=&consent=&gdpr_pd=

164 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
agronomu.com/
Redirect Chain

http://agronomu.com/
https://agronomu.com/

57 KB
12 KB

383ms
189ms

Document
text/html

54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://agronomu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.38.155.61 , France, ASN16276 (OVH, FR),

Reverse DNS

ip61.ip-54-38-155.eu

Software

nginx /

Resource Hash

12a7ee37dad845e2b9a9f75b3de942c79c96d3c80f215ba473024e2e2f55dd82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 11401
content-type: text/html; charset=UTF-8
date: Tue, 07 Jun 2022 18:36:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: deny

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 07 Jun 2022 18:36:35 GMT
Keep-Alive: timeout=60
Location: https://agronomu.com/
Server: nginx
Strict-Transport-Security: max-age=63072000

GET
H2 200 15ws4.min.js Show response
dayaneznayu.bid/ 66 KB
19 KB 464ms
212ms Script
text/javascript 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dayaneznayu.bid/15ws4.min.js

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

daa4793337c323d07b0560c9b04cd80d5a9885ed7564a729937a93a0fe20cf57

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
content-encoding: br
server: nginx
duration: 586865
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Tue, 07-Jun-2022 21:41:35 EEST

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
55 KB 111ms
54ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0d5323943d0878cc8ea0b9b4e303c01e91aa6410f2cdaea46d7086a7fdb6c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56220
x-xss-protection: 0
server: cafe
etag: 3990367185207646556
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Jun 2022 18:36:35 GMT

GET p4s.js
agrorek.site/D6W/ 0
0

GET
H2 200 oY.js Show response
damskiy.xyz/vendor/lib/ 315 KB
119 KB 404ms
190ms Script
application/javascript 51.15.157.253
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://damskiy.xyz/vendor/lib/oY.js
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.15.157.253 Pradons, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-157-253.rev.poneytelecom.eu
Software: nginx/1.17.3 /
Resource Hash: 605767adf0943c8bc574b8042518bc36b7780bdbba8848eac86a570af6a8ff7e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-debug-nginx: upstream_connect_time=0.000,upstream_header_time=0.004,upstream_response_time=11277941.121
date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: gzip
last-modified: Fri, 23 Jul 2021 13:26:37 GMT
server: nginx/1.17.3
etag: W/"60fac38d-4ecbe"
x-cache-status: HIT
content-type: application/javascript

GET
H2 204 kdm-basic-bg.js Show response
hdacode.com/ 0
46 B 383ms
92ms Script
text/plain 31.220.27.135
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hdacode.com/kdm-basic-bg.js
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.135 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
server: nginx/1.19.0

GET
H2 200 app.css
agronomu.com/assets/42857cfc/build/css/ 683 KB
105 KB 135ms
134ms Stylesheet
text/css 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://agronomu.com/assets/42857cfc/build/css/app.css
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 2ff387ac29e459bddac0990df980b3b79b81396a1ecaf8a4346024d6d12c3fc5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 15:01:51 GMT
server: nginx
etag: W/"623c87df-aaa07"
content-type: text/css
cache-control: max-age=259200, public, must_revalidate
expires: Fri, 10 Jun 2022 18:36:35 GMT

GET
H2 200 adblock.js Show response
agronomu.com/js/ 58 B
279 B 323ms
323ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://agronomu.com/js/adblock.js
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 1de19e37d9ee4fab330156570bfa944767f181f5253945790961f2a0a17df53d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
content-encoding: br
last-modified: Fri, 13 Mar 2020 07:38:54 GMT
server: nginx
etag: W/"5e6b388e-3a"
content-type: application/javascript
cache-control: max-age=259200, public, must_revalidate
expires: Fri, 10 Jun 2022 18:36:35 GMT

GET
H/1.1 200
OK draw_script.js Show response
cdn.hunterdelivery.com/scripts/ 24 KB
24 KB 155ms
26ms Script
application/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hunterdelivery.com/scripts/draw_script.js

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

944c726194a78d792ee95a4cea89781607bbc96274aa6b1cbe978d9e0d2a229c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 18:36:36 GMT
Connection: Keep-Alive
Last-Modified: Thu, 13 May 2021 08:51:56 GMT
x-amz-request-id: tx0000000000000356324f7-00629e872c-20fde5f5-ams3c
etag: "a5f184941b87a905fbdb3ee4dd6bf039"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1654626995.dop008.dc2.t,1654626996.cds164.dc2.shn,1654626996.dop008.dc2.t,1654626996.cds090.dc2.c
Content-Type: application/javascript
Cache-Control: max-age=15864
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 24139

GET
H2 200 new-logo.png
agronomu.com/images/agronomu/ 4 KB
5 KB 193ms
187ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/images/agronomu/new-logo.png
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: a3f7499ab61145e04d792d652b0aedba913fa375f4c8caf570f77bffe444d266

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
last-modified: Thu, 12 Mar 2020 08:15:10 GMT
server: nginx
etag: "5e69ef8e-1140"
content-type: image/png
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 4416
expires: Fri, 10 Jun 2022 18:36:35 GMT

GET
H2 200 login-popup Show response
agronomu.com/ubi/user2/ 8 KB
2 KB 195ms
190ms Script
text/html 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://agronomu.com/ubi/user2/login-popup?preload=1

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.38.155.61 , France, ASN16276 (OVH, FR),

Reverse DNS

ip61.ip-54-38-155.eu

Software

nginx /

Resource Hash

68114ac7bc20a1d7bdabab644cc9ce9e378ac3080fa37af27a9a93197f6dce45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	deny

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
content-encoding: gzip
server: nginx
x-frame-options: deny
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-length: 1866
expires: Tue, 07 Jun 2022 19:36:35 GMT

GET
H2 200 log-in.png
agronomu.com/images/agronomu/ 1 KB
1 KB 193ms
188ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/images/agronomu/log-in.png
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: fb51d4b2c515010594393b8bbb1cb619598837c2a3a4663b080433cb6f917fdc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
last-modified: Thu, 12 Mar 2020 08:15:10 GMT
server: nginx
etag: "5e69ef8e-4da"
content-type: image/png
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1242
expires: Fri, 10 Jun 2022 18:36:35 GMT

GET
H2 200 comment.png
agronomu.com/images/agronomu/ 1 KB
1 KB 193ms
188ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/images/agronomu/comment.png
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: cef4579d8f44b820bd5b78d0a30f2b5aa2e79617e918e8e4516a7dc67d3bf181

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
last-modified: Thu, 12 Mar 2020 08:15:10 GMT
server: nginx
etag: "5e69ef8e-41d"
content-type: image/png
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1053
expires: Fri, 10 Jun 2022 18:36:35 GMT

GET
H2 200 facebook.png
agronomu.com/images/agronomu/social/ 1 KB
1 KB 193ms
189ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/images/agronomu/social/facebook.png
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: e93f278eca4323156ede9ab0508914531f7216ec0cab8311d372624cfc25c369

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
last-modified: Thu, 12 Mar 2020 08:15:10 GMT
server: nginx
etag: "5e69ef8e-464"
content-type: image/png
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1124
expires: Fri, 10 Jun 2022 18:36:35 GMT

GET
H2 200 twitter.png
agronomu.com/images/agronomu/social/ 1 KB
1 KB 193ms
189ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/images/agronomu/social/twitter.png
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 89476849af1d9be47931a72c6c8bd4b354f9df08f09c87eacdcc54df58bb31f8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
last-modified: Thu, 12 Mar 2020 08:15:10 GMT
server: nginx
etag: "5e69ef8e-482"
content-type: image/png
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1154
expires: Fri, 10 Jun 2022 18:36:35 GMT

GET
H2 200 youtube.png
agronomu.com/images/agronomu/social/ 1 KB
1 KB 193ms
189ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/images/agronomu/social/youtube.png
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 4083351dd25eb586722eff713073d9fe524dc0643532a21a0a0e00875fd63ace

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
last-modified: Thu, 12 Mar 2020 08:15:10 GMT
server: nginx
etag: "5e69ef8e-40f"
content-type: image/png
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1039
expires: Fri, 10 Jun 2022 18:36:35 GMT

GET
H2 200 instagram.png
agronomu.com/images/agronomu/social/ 1 KB
1 KB 194ms
190ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/images/agronomu/social/instagram.png
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 18bff145633a9367a46c4aad41cfeee2bf57b638ce54c5f174a89c5925423386

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Thu, 12 Mar 2020 08:15:10 GMT
server: nginx
etag: "5e69ef8e-429"
content-type: image/png
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1065
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 jquery.js Show response
agronomu.com/assets/a3a23539/ 252 KB
70 KB 105ms
105ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://agronomu.com/assets/a3a23539/jquery.js
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
content-encoding: br
last-modified: Tue, 23 Jun 2020 12:52:45 GMT
server: nginx
etag: W/"5ef1fb1d-3ee0f"
content-type: application/javascript
cache-control: max-age=259200, public, must_revalidate
expires: Fri, 10 Jun 2022 18:36:35 GMT

GET
H2 200 jquery.min.js Show response
agronomu.com/assets/a3a23539/ 84 KB
29 KB 102ms
99ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://agronomu.com/assets/a3a23539/jquery.min.js
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
content-encoding: br
last-modified: Tue, 23 Jun 2020 12:52:45 GMT
server: nginx
etag: W/"5ef1fb1d-14e4a"
content-type: application/javascript
cache-control: max-age=259200, public, must_revalidate
expires: Fri, 10 Jun 2022 18:36:35 GMT

GET
H2 200 app.js Show response
agronomu.com/assets/42857cfc/build/js/ 32 KB
9 KB 192ms
187ms Script
application/javascript 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://agronomu.com/assets/42857cfc/build/js/app.js
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 3c49e897f07d784a2d307dd4c5874e7745ab50f327d4bfe8800937293a232273

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 15:01:51 GMT
server: nginx
etag: W/"623c87df-80b9"
content-type: application/javascript
cache-control: max-age=259200, public, must_revalidate
expires: Fri, 10 Jun 2022 18:36:35 GMT

POST
H2 200 set-push Show response
agronomu.com/site/ 1 B
265 B 304ms
303ms XHR
text/html 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://agronomu.com/site/set-push

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.38.155.61 , France, ASN16276 (OVH, FR),

Reverse DNS

ip61.ip-54-38-155.eu

Software

nginx /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	deny

Request headers

Referer: https://agronomu.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQbJpV5AQCJeoBhzu

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 18:36:35 GMT
server: nginx
x-frame-options: deny
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000
content-length: 1
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
zcode6.me/ 13 KB
14 KB 304ms
95ms Script
application/javascript 185.177.93.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zcode6.me/?ze=mi4dazbzge5ha3ddf4zdgnjz

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.93.20 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-93-20.ah-server.com

Software

nginx /

Resource Hash

b25422bf8e1858e982990bdac03f33541f68f82cfd4575e6baae09d667709189

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Jun 2022 18:36:34 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/ 339 KB
120 KB 55ms
52ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b18ef9aa75fdf863a66cbea2fc95e512044fc91fb46169797e677dd6549092e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122333
x-xss-protection: 0
server: cafe
etag: 12963344209128893434
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Jun 2022 18:36:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220602/r20190131/ Frame 5AA9 10 KB
5 KB 64ms
19ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220602/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agronomu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 15406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 14:19:49 GMT
etag: 1327746537699501093
expires: Tue, 21 Jun 2022 14:19:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sjplugin.js Show response
sjsmartcontent.org/static/plugin-site/js/ 132 KB
48 KB 426ms
139ms XHR
application/javascript 212.109.217.26
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://sjsmartcontent.org/static/plugin-site/js/sjplugin.js
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.109.217.26 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: tapeinotita7.slickjump.org
Software: nginx/1.20.2 /
Resource Hash: a4848269df5a864eec63b65bb7ac36cbb692f0281b4bca2d7a7780ecf45a95ba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: gzip
last-modified: Fri, 03 Jun 2022 13:35:56 GMT
server: nginx/1.20.2
etag: W/"629a0e3c-211bf"
content-type: application/x-javascript, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Wed, 07 Jun 2023 18:36:36 GMT

GET relap.js
relap.io/v7/ 0
0

GET
H2 200 script.js Show response
y8lsyibocd.ru/ 110 KB
42 KB 1608ms
972ms XHR
application/javascript 85.192.12.169
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://y8lsyibocd.ru/script.js
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6396f367761a8f2db56540e9c0bed437b0d228d988ca1727e7dc6a9d2952847e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: gzip
x-adsbid-request: ev1feu98hd7q
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
server: nginx/1.18.0

GET pky8r0h35.php
facmtf.com/klpl71291lvimp0y038qh876uqv786/ 0
0

GET 5f894da7cdcdb085a8580f8b
duper8flash.com/j/ 0
0

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 204 KB
82 KB 57ms
28ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b2eb6a75b27d743f0fd21804452c3501fb44f5c5ce4849c7dfb74859f57026b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 30632
x-jsd-version: 1.232.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19147-FRA, cache-itm18836-ITM
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"33102-hObpknibzdITH2oCsAxTLyNBtjM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ze%2Bxb6nX%2BBy%2Fcq8xzwMKZL1wVhq4KX71%2BGLFy8bXIYnFwfwyLs%2FKxI0ZoEyozcGwTJR4WMigmBsQBW2Xe9KTlT9i%2Bu7znpNLmVsMUIWfXqn%2BVg3N7IgL7ENoDmuBB2O6UzE4F2sJwhfxkDR83%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 717b7e84a9af4bd1-YUL
access-control-expose-headers: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 68ms
19ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6415
date: Tue, 07 Jun 2022 16:49:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Jun 2022 18:49:40 GMT

GET
H2 200 background.jpg
agronomu.com/images/agronomu/ 245 KB
245 KB 192ms
190ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/images/agronomu/background.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/assets/42857cfc/build/css/app.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 546706e552d836ac3b3228b52e060a5b6ad332de1ff4d524701440b5ce025480

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/assets/42857cfc/build/css/app.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Thu, 12 Mar 2020 08:15:10 GMT
server: nginx
etag: "5e69ef8e-3d23e"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 250430
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 ProximaNova-Regular.ttf
agronomu.com/font/ 128 KB
128 KB 191ms
191ms Font
application/octet-stream 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://agronomu.com/font/ProximaNova-Regular.ttf
Requested by: Host: agronomu.com
URL: https://agronomu.com/assets/42857cfc/build/css/app.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: c28997e16f0bf987fb031b9f7bf5d5fbadb58fdfee8ad36eb67cc0a6aaca3b2c

Request headers

Referer: https://agronomu.com/assets/42857cfc/build/css/app.css
Origin: https://agronomu.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Fri, 13 Mar 2020 07:38:54 GMT
server: nginx
etag: "5e6b388e-1fe4c"
content-type: application/octet-stream
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 130636
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 dacha-video.png
agronomu.com/images/agronomu/ 1 KB
2 KB 191ms
191ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/images/agronomu/dacha-video.png
Requested by: Host: agronomu.com
URL: https://agronomu.com/assets/42857cfc/build/css/app.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 617ac58eb602d4282a349d2fd8f6e265be2ae6730ee51de9dce171d0071e9812

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/assets/42857cfc/build/css/app.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Thu, 12 Mar 2020 08:15:10 GMT
server: nginx
etag: "5e69ef8e-531"
content-type: image/png
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1329
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 dacha-post.png
agronomu.com/images/agronomu/ 3 KB
3 KB 157ms
157ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/images/agronomu/dacha-post.png
Requested by: Host: agronomu.com
URL: https://agronomu.com/assets/42857cfc/build/css/app.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 121c074fb80779907ce479cfba4d18f18aef290f0e995e5040697ae0c0bc4cb0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/assets/42857cfc/build/css/app.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Thu, 12 Mar 2020 08:15:10 GMT
server: nginx
etag: "5e69ef8e-acd"
content-type: image/png
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 2765
expires: Fri, 10 Jun 2022 18:36:36 GMT

POST
H2 200 15ws4.json Show response
dayaneznayu.bid/ 59 B
261 B 299ms
99ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dayaneznayu.bid/15ws4.json

Requested by

Host: dayaneznayu.bid
URL: https://dayaneznayu.bid/15ws4.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

7336c21880c16e6ec2c3c0049dce4240c224061145b34ef449d6079c9af71066

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://agronomu.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: br
server: nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fagronomu.com%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbyucu03c%3Afp%3A1129%3Afu%3A0%3Aen%3Autf-8%3A...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fagronomu.com%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbyucu03c%3Afp%3A1129%3Afu%3A0%3Aen%3Autf-8%3...

167 B
202 B

140ms
139ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fagronomu.com%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbyucu03c%3Afp%3A1129%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A0%3Als%3A1426836562801%3Ahid%3A390122151%3Az%3A0%3Ai%3A20220607183636%3Aet%3A1654626996%3Ac%3A1%3Arn%3A382977925%3Arqn%3A1%3Au%3A1654626996669955650%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654626994828%3Ads%3A0%2C193%2C189%2C1%2C300%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Ast%3A1654626996&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

882ddfbfb7d1ef73035e53efedf536a7c7ffaeedb74eec23081fda22478ce7dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 18:36:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 07-Jun-2022 18:36:36 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://agronomu.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Tue, 07-Jun-2022 18:36:36 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Tue, 07-Jun-2022 18:36:36 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fagronomu.com%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbyucu03c%3Afp%3A1129%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A0%3Als%3A1426836562801%3Ahid%3A390122151%3Az%3A0%3Ai%3A20220607183636%3Aet%3A1654626996%3Ac%3A1%3Arn%3A382977925%3Arqn%3A1%3Au%3A1654626996669955650%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654626994828%3Ads%3A0%2C193%2C189%2C1%2C300%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Ast%3A1654626996&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://agronomu.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 07-Jun-2022 18:36:36 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/26533899/
Redirect Chain

https://mc.yandex.ru/watch/26533899?wmode=7&page-url=https%3A%2F%2Fagronomu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbyucu03c%3Afp%3A1129%3Afu%3A0%3Aen%3Autf-8%3Ala%...
https://mc.yandex.ru/watch/26533899/1?wmode=7&page-url=https%3A%2F%2Fagronomu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbyucu03c%3Afp%3A1129%3Afu%3A0%3Aen%3Autf-8%3Al...

331 B
413 B

138ms
137ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26533899/1?wmode=7&page-url=https%3A%2F%2Fagronomu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbyucu03c%3Afp%3A1129%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A1435097137841%3Ahid%3A390122151%3Az%3A0%3Ai%3A20220607183636%3Aet%3A1654626996%3Ac%3A1%3Arn%3A295284963%3Arqn%3A1%3Au%3A1654626996669955650%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654626994828%3Ads%3A0%2C193%2C189%2C1%2C300%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654626996%3At%3A%D0%90%D0%B3%D1%80%D0%BE%D0%BD%D0%BE%D0%BC%D1%83.com%20%7C%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D1%81%D0%B5%D0%BB%D1%8C%D1%81%D1%8C%D0%BA%D0%BE%D0%BC%20%D1%85%D0%BE%D0%B7%D1%8F%D0%B9%D1%81%D1%82%D0%B2%D0%B5&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

41a11eacd9558fcbc95dbf4e6fa5d2dc93ac5829734afb091a33fccc8fac9783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 18:36:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 07-Jun-2022 18:36:36 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://agronomu.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Tue, 07-Jun-2022 18:36:36 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Tue, 07-Jun-2022 18:36:36 GMT
location: /watch/26533899/1?wmode=7&page-url=https%3A%2F%2Fagronomu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia38tfbyucu03c%3Afp%3A1129%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A1435097137841%3Ahid%3A390122151%3Az%3A0%3Ai%3A20220607183636%3Aet%3A1654626996%3Ac%3A1%3Arn%3A295284963%3Arqn%3A1%3Au%3A1654626996669955650%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1654626994828%3Ads%3A0%2C193%2C189%2C1%2C300%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654626996%3At%3A%D0%90%D0%B3%D1%80%D0%BE%D0%BD%D0%BE%D0%BC%D1%83.com%20%7C%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D1%81%D0%B5%D0%BB%D1%8C%D1%81%D1%8C%D0%BA%D0%BE%D0%BC%20%D1%85%D0%BE%D0%B7%D1%8F%D0%B9%D1%81%D1%82%D0%B2%D0%B5&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://agronomu.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 07-Jun-2022 18:36:36 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 74ms
35ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1882310940&t=pageview&_s=1&dl=https%3A%2F%2Fagronomu.com%2F&ul=en-us&de=UTF-8&dt=%D0%90%D0%B3%D1%80%D0%BE%D0%BD%D0%BE%D0%BC%D1%83.com%20%7C%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D1%81%D0%B5%D0%BB%D1%8C%D1%81%D1%8C%D0%BA%D0%BE%D0%BC%20%D1%85%D0%BE%D0%B7%D1%8F%D0%B9%D1%81%D1%82%D0%B2%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=307012120&gjid=1100937287&cid=396098972.1654626996&tid=UA-2296780-5&_gid=1764525113.1654626996&_r=1&_slc=1&z=1827250270

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://agronomu.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 18:36:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://agronomu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
694 B 102ms
33ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=agronomu.com&callback=_gfp_s_&client=ca-pub-4205721341501125&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

4c691bc7f404110c2751f2308d634baab642638cec825cd8febbc2c50efbac48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 112ms
38ms Script
application/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=agronomu.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 89ms
40ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=agronomu.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0404 218 KB
57 KB 579ms
530ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4205721341501125&output=html&adk=1812271804&adf=3025194257&lmt=1654626996&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fagronomu.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654626995675&bpp=239&bdt=161&idt=382&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2610918037765&frm=20&pv=2&ga_vid=396098972.1654626996&ga_sid=1654626996&ga_hid=1882310940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065545%2C31065825&oid=2&pvsid=3987385358207870&pem=261&tmod=1624408955&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=403

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fb00f2a1e3b9d30b9ad19731342999a5cfdfb0a222faf7954081036e1e0cc88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agronomu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 58011
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 18:36:36 GMT
expires: Tue, 07 Jun 2022 18:36:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 103738.qrjlpc.67x67.jpg
agronomu.com/media/res/1/0/3/7/3/8/ 3 KB
3 KB 103ms
96ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/3/7/3/8/103738.qrjlpc.67x67.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 58b8f08c0df1e608f6d6fa1dd652bf7bb0c7e45e28ec189eb522afa6ea46f292

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Wed, 21 Apr 2021 07:44:42 GMT
server: nginx
etag: "607fd7ea-a80"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 2688
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 103737.qrg02o.67x67.jpg
agronomu.com/media/res/1/0/3/7/3/7/ 3 KB
3 KB 107ms
100ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/3/7/3/7/103737.qrg02o.67x67.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 638f379afbc20a7ef802447e4f401fb49985ff955c27942130cebb54766f517b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Mon, 19 Apr 2021 07:24:21 GMT
server: nginx
etag: "607d3025-b1f"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 2847
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 103736.qra9qc.67x67.jpg
agronomu.com/media/res/1/0/3/7/3/6/ 3 KB
3 KB 107ms
101ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/3/7/3/6/103736.qra9qc.67x67.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 661b0f02335a7d49c0c2ce9b256c54845669465dae2486303e64bd30c3f6dcde

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Fri, 16 Apr 2021 06:59:11 GMT
server: nginx
etag: "607935bf-a63"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 2659
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 103735.qr6oh0.67x67.jpg
agronomu.com/media/res/1/0/3/7/3/5/ 2 KB
3 KB 108ms
102ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/3/7/3/5/103735.qr6oh0.67x67.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 11d93737201d563bc1ecd164965f2c37372c3fe19f5d74d1ca9776900a25bbf4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Wed, 14 Apr 2021 07:24:15 GMT
server: nginx
etag: "6076989f-9e1"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 2529
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 103734.qr35cc.67x67.jpg
agronomu.com/media/res/1/0/3/7/3/4/ 2 KB
3 KB 108ms
102ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/3/7/3/4/103734.qr35cc.67x67.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: e68c33fb5f8a66f84991bf75b93ab46a4ed8668da4f987317baaac0a1e33f8fa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Mon, 12 Apr 2021 08:42:23 GMT
server: nginx
etag: "607407ef-998"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 2456
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 103733.qqxa50.67x67.jpg
agronomu.com/media/res/1/0/3/7/3/3/ 3 KB
3 KB 109ms
103ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/3/7/3/3/103733.qqxa50.67x67.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: cfdbe54928667ea197ecffff1d8c0f139b873952d1507626b9745c4224662d91

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Fri, 09 Apr 2021 06:26:19 GMT
server: nginx
etag: "606ff38b-b75"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 2933
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 103732.qqtq1c.67x67.jpg
agronomu.com/media/res/1/0/3/7/3/2/ 4 KB
4 KB 109ms
104ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/3/7/3/2/103732.qqtq1c.67x67.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: dd6f019ac3bd35b8404777a54ad878b633102b9b52496387997cdd3090584760

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Wed, 07 Apr 2021 07:53:32 GMT
server: nginx
etag: "606d64fc-e19"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 3609
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 103741.qrwlcc.920x390.jpg
agronomu.com/media/res/1/0/3/7/4/1/ 115 KB
115 KB 109ms
105ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/3/7/4/1/103741.qrwlcc.920x390.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: a345d1b8b9250ede058eb458b1a1c64e31a9d0f28b1a4530f9d449e8137a87c2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Wed, 21 Apr 2021 08:29:21 GMT
server: nginx
etag: "607fe261-1ca31"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 117297
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 103740.qrsv30.700x575.jpg
agronomu.com/media/res/1/0/3/7/4/0/ 70 KB
71 KB 110ms
106ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/3/7/4/0/103740.qrsv30.700x575.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 7d9ad8534e58b05c9c852e431e7fa6cd11727f75d01571be3ddc18f26ee181f6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Mon, 19 Apr 2021 07:33:23 GMT
server: nginx
etag: "607d3243-1194b"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 72011
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 103739.qrn9xc.700x575.jpg
agronomu.com/media/res/1/0/3/7/3/9/ 80 KB
80 KB 111ms
107ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/3/7/3/9/103739.qrn9xc.700x575.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: d8fc1ec6416aa2384a359a8b4c6c14968fafdc74f76bf8c886e226f6ccd85594

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Fri, 16 Apr 2021 07:58:50 GMT
server: nginx
etag: "607943ba-13f6b"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 81771
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
186 B 325ms
138ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Tue, 07 Jun 2022 10:28:05 GMT
etag: "629efe05-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Jun 2022 19:36:36 GMT

GET
H/1.1 404
Not Found 5f894da7cdcdb085a8580f8b
duper8flash.com/j/ 0
0 195ms
44ms Script
text/html 209.208.78.145
ATLANTIC-NET-1

General

Check archive.org

Show headers Download Go to

Full URL: https://duper8flash.com/j/5f894da7cdcdb085a8580f8b
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.208.78.145 Bartlett, United States, ASN6364 (ATLANTIC-NET-1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

POST
H2 200 15ws4.json Show response
dayaneznayu.bid/ 59 B
260 B 101ms
100ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dayaneznayu.bid/15ws4.json

Requested by

Host: dayaneznayu.bid
URL: https://dayaneznayu.bid/15ws4.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

8ef347a69d41801a73ee4edb204a0c3b91d3dc5ad850f80dce91282c37bc84ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://agronomu.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: br
server: nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 479.ogdhqo.320x320.jpg
agronomu.com/media/res/4/7/9/ 36 KB
37 KB 97ms
95ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/4/7/9/479.ogdhqo.320x320.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 5583cf84a1b43f05d2ce8d9d7e5ebda97a47569f326ff188835aedb9a1013c38

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Wed, 01 May 2019 08:23:09 GMT
server: nginx
etag: "5cc9576d-91ac"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 37292
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 739.ogdhqo.320x320.jpg
agronomu.com/media/res/7/3/9/ 21 KB
22 KB 100ms
98ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/7/3/9/739.ogdhqo.320x320.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 2ea17d1fe5208a8d3e5990743cf3e898aa5df9ff4b147a2cccc76b1d45c01a0b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Wed, 01 May 2019 08:19:49 GMT
server: nginx
etag: "5cc956a5-5553"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 21843
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 42313.ot8hno.320x320.jpg
agronomu.com/media/res/4/2/3/1/3/ 33 KB
33 KB 100ms
99ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/4/2/3/1/3/42313.ot8hno.320x320.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 3cb6b177554f32dd4262e0467912b79667faa758004f776e0508c0d5d34c9113

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Wed, 01 May 2019 07:58:01 GMT
server: nginx
etag: "5cc95189-843e"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 33854
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 1.ogdhp0.320x320.jpg
agronomu.com/media/res/1/ 25 KB
25 KB 101ms
100ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/1.ogdhp0.320x320.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: ec4d58c2fff808babcd49d48e343713376c34209037ce54a6de9f370e79450b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Wed, 01 May 2019 08:55:13 GMT
server: nginx
etag: "5cc95ef1-6235"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 25141
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 41169.osxavo.320x320.jpg
agronomu.com/media/res/4/1/1/6/9/ 17 KB
17 KB 103ms
101ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/4/1/1/6/9/41169.osxavo.320x320.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: f99a6f5cf6ad4e8a2f58386c25300682f28f004638a87693313dca10f8e797d1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Wed, 01 May 2019 08:19:15 GMT
server: nginx
etag: "5cc95683-4234"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 16948
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 524.ogdhqo.320x320.jpg
agronomu.com/media/res/5/2/4/ 28 KB
29 KB 103ms
102ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/5/2/4/524.ogdhqo.320x320.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 46d02442df71cfd4c021497f4dc1d1f798d867050eb56789d649fb6e37883005

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Wed, 01 May 2019 08:13:33 GMT
server: nginx
etag: "5cc9552d-71b4"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 29108
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 pky8r0h35.php Show response
facmtf.com/klpl71291lvimp0y038qh876uqv786/ 58 KB
19 KB 415ms
138ms Script
application/javascript 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://facmtf.com/klpl71291lvimp0y038qh876uqv786/pky8r0h35.php
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 1635bc26e991d74529fe20db6a0e4fa4e11d1a315e4c6527e78ebe405b47dc63

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: gzip
last-modified: Thu, 26 May 2022 11:09:48 GMT
server: nginx/1.14.2
etag: "628f5ffc-4aeb"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 19179

GET
H2 200 102357.q8ir2o.700x575.png
agronomu.com/media/res/1/0/2/3/5/7/ 827 KB
828 KB 97ms
95ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/2/3/5/7/102357.q8ir2o.700x575.png
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 1ce62898324b0cba820b7f85bc7ac00c1360a5613216163d36a188b5f17da117

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Thu, 09 Apr 2020 17:00:52 GMT
server: nginx
etag: "5e8f54c4-ceb02"
content-type: image/png
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 846594
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 102321.q8im2o.700x575.jpg
agronomu.com/media/res/1/0/2/3/2/1/ 144 KB
144 KB 227ms
226ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/2/3/2/1/102321.q8im2o.700x575.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 052d37d564f6796fd86c5d382dd5c2905669d7e9e829b737b53526cdaa3d7569

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Thu, 09 Apr 2020 15:30:29 GMT
server: nginx
etag: "5e8f3f95-23f8b"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 147339
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 22152.omv4t0.50x50.jpg
agronomu.com/media/res/2/2/1/5/2/ 2 KB
2 KB 229ms
228ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/2/2/1/5/2/22152.omv4t0.50x50.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 8a965d0a6c744bc0b169097c6031c050b32df171f215b7d6e92c8a1c830682a0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Tue, 27 Feb 2018 16:14:42 GMT
server: nginx
etag: "5a9583f2-756"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1878
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 49726.ouvugo.50x50.jpg
agronomu.com/media/res/4/9/7/2/6/ 2 KB
2 KB 229ms
229ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/4/9/7/2/6/49726.ouvugo.50x50.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: ef8b4f79cf2db6f82a668aad6bfec55bf0068a027d961d02ddda92cade125dc8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Sun, 18 Mar 2018 14:48:03 GMT
server: nginx
etag: "5aae7c23-810"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 2064
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 46066.ouda80.50x50.jpg
agronomu.com/media/res/4/6/0/6/6/ 2 KB
2 KB 229ms
229ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/4/6/0/6/6/46066.ouda80.50x50.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: f503aff545705ce80f1733c84a5597a161f21eb8cdf159822dbdea84b127e700

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Sat, 03 Mar 2018 00:55:09 GMT
server: nginx
etag: "5a99f26d-7dd"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 2013
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 52660.ovb0e0.50x50.jpg
agronomu.com/media/res/5/2/6/6/0/ 2 KB
2 KB 228ms
227ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/5/2/6/6/0/52660.ovb0e0.50x50.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: defddd8719fc95eca8b972c4f9b794fd92150c4142486ac6427585474a653277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Tue, 27 Feb 2018 19:06:50 GMT
server: nginx
etag: "5a95ac4a-7a3"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1955
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 48887.ous3go.50x50.jpg
agronomu.com/media/res/4/8/8/8/7/ 2 KB
2 KB 228ms
228ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/4/8/8/8/7/48887.ous3go.50x50.jpg
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 21d4a6a0dc19cbd67363aa5db25f4a0bc2b9c5b73a2fb408369e0b32a1a51629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
last-modified: Tue, 27 Feb 2018 13:21:08 GMT
server: nginx
etag: "5a955b44-7c8"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1992
expires: Fri, 10 Jun 2022 18:36:36 GMT

GET
H2 200 relap.js Show response
relap.io/v7/ 18 KB
6 KB 540ms
133ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/relap.js

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b26a65df18570a2c19ab2064a241b79de1bfe3d53480644f3d4bd54f4697c208

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: br
last-modified: Mon, 06 Jun 2022 09:52:50 GMT
server: nginx
etag: "629dce72-18e5"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 6373
expires: Tue, 07 Jun 2022 18:37:36 GMT

GET
H2 200 sjplugin.js Show response
sjsmartcontent.org/static/plugin-site/js/ 132 KB
48 KB 415ms
139ms Script
application/javascript 212.109.217.26
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://sjsmartcontent.org/static/plugin-site/js/sjplugin.js
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.109.217.26 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: tapeinotita7.slickjump.org
Software: nginx/1.20.2 /
Resource Hash: a4848269df5a864eec63b65bb7ac36cbb692f0281b4bca2d7a7780ecf45a95ba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: gzip
last-modified: Fri, 03 Jun 2022 13:35:56 GMT
server: nginx/1.20.2
etag: W/"629a0e3c-211bf"
content-type: application/x-javascript, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Wed, 07 Jun 2023 18:36:36 GMT

GET
H2 200 frame2.html Show response
pixel.metrics0.com/ Frame E68B 29 KB
11 KB 583ms
186ms Document
text/html 109.206.175.74
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.metrics0.com/frame2.html
Requested by: Host: damskiy.xyz
URL: https://damskiy.xyz/vendor/lib/oY.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.206.175.74 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.175.74.serverel.net
Software: nginx/1.15.6 /
Resource Hash: e0cb408b2952825bba33103db359fc4080a13be643ac4bdbfef9d8fd5bf7e74b

Request headers

Referer: https://agronomu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 07 Jun 2022 18:36:37 GMT
etag: W/"5de4d488-7508"
last-modified: Mon, 02 Dec 2019 09:08:24 GMT
server: nginx/1.15.6

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9662.gFPwxkvQKs5zsF_bubbaQQuhn4c2PRj59nThmQf_0JQVUXpoJyBtmE89jUPz0zxQ.20WpAHsCE3gtSzm6AwJrsH0uyWw%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9662.wrRWLIeD-6yo6SDuVpjeQtA0CXpHJD8DGT_TKnjpL0a0CXX0qWJ9pxQ_HbI8_AOKhmTna9sk7HFDpskps42aGt_YkvQI8u6V3xGje5ObdVY%2C.KNNxJiYfLi56FqCVUDl1wuK9CG...

43 B
383 B

149ms
148ms

Image
image/gif

149.5.244.0
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9662.wrRWLIeD-6yo6SDuVpjeQtA0CXpHJD8DGT_TKnjpL0a0CXX0qWJ9pxQ_HbI8_AOKhmTna9sk7HFDpskps42aGt_YkvQI8u6V3xGje5ObdVY%2C.KNNxJiYfLi56FqCVUDl1wuK9CG8%2C

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

Server

149.5.244.0 Valbonne, France, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9662.wrRWLIeD-6yo6SDuVpjeQtA0CXpHJD8DGT_TKnjpL0a0CXX0qWJ9pxQ_HbI8_AOKhmTna9sk7HFDpskps42aGt_YkvQI8u6V3xGje5ObdVY%2C.KNNxJiYfLi56FqCVUDl1wuK9CG8%2C
date: Tue, 07 Jun 2022 18:36:37 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/ 147 KB
53 KB 45ms
45ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4517a37d41dd7d3df65590c3d57091013dfad07a5545851c9b492dbf0382a972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53773
x-xss-protection: 0
server: cafe
etag: 15435244313583537671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Jun 2022 18:36:36 GMT

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 76ms
34ms Script
application/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=agronomu.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 79ms
38ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=agronomu.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/ Frame 1891 10 KB
4 KB 21ms
20ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agronomu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 15393
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 14:20:03 GMT
etag: 1327746537699501093
expires: Tue, 21 Jun 2022 14:20:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/ Frame B264 10 KB
4 KB 20ms
20ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agronomu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 15393
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 14:20:03 GMT
etag: 1327746537699501093
expires: Tue, 21 Jun 2022 14:20:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1891 4 KB
1 KB 83ms
35ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 17:18:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Jun 2022 18:36:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Jun 2022 18:36:36 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/elements/html/ Frame 1891 19 KB
8 KB 85ms
26ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1f1fd543e14c5e19e810309bcbfd30a35c551d3b6bb0acc4cf642d00c1fdb16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 21:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 13896182058400554804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Jun 2022 21:17:03 GMT

GET
H2 200 fa287546e1d5bd0678894d5c227e456c.js Show response
www.gstatic.com/mysidia/ Frame B264 10 KB
4 KB 71ms
23ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 04:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4351
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 04:57:57 GMT

GET
H2 200 ee2748d247718329c39dcafa9e436df9.js Show response
www.gstatic.com/mysidia/ Frame B264 17 KB
7 KB 71ms
25ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee2748d247718329c39dcafa9e436df9.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cac8981ca0d64e8ec93ba0db55720e1a29eef4d92d65972d13ee7771896b2b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7223
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 14:53:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B264 4 KB
694 B 76ms
36ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 18:23:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Jun 2022 18:36:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Jun 2022 18:36:36 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame B264 2 KB
984 B 88ms
37ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 18:16:11 GMT

GET
H2 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame B264 6 KB
2 KB 80ms
36ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 15:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 Aug 2022 15:01:02 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/ Frame B264 21 KB
9 KB 68ms
19ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de84e217abb7ead0e28d3175eae9f1187cc9a6ac93de7711c4ca14a118809778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8701
x-xss-protection: 0
server: cafe
etag: 7038200677561849530
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 17:36:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame B264 3 KB
1 KB 75ms
25ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 18:35:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B264 138 KB
43 KB 61ms
50ms Script
text/javascript 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Jun 2022 18:36:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame B264 17 KB
7 KB 71ms
22ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 18:13:17 GMT

GET
H2 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame B264 31 KB
13 KB 61ms
19ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 04:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 04:59:16 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/ Frame 8D72 21 KB
9 KB 64ms
21ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de84e217abb7ead0e28d3175eae9f1187cc9a6ac93de7711c4ca14a118809778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8701
x-xss-protection: 0
server: cafe
etag: 7038200677561849530
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 17:36:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8D72 8 KB
716 B 75ms
35ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 18:24:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Jun 2022 18:36:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Jun 2022 18:36:36 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame 8D72 14 KB
3 KB 76ms
20ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 17:50:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521187
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 17:50:10 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame 8D72 351 KB
121 KB 77ms
21ms Script
text/javascript 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123888
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 22:22:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame 8D72 17 KB
7 KB 60ms
19ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 18:13:17 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/3021374577647623280/ Frame B264 29 KB
29 KB 50ms
27ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3021374577647623280/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d1107c3d0896af182a28e01e11507c65e34f1244c169b2ee8e3de85643fe89e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 20:53:52 GMT
x-content-type-options: nosniff
age: 78164
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29349
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:59:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 06 Jun 2023 20:53:52 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11284402700159321181/ Frame B264 1 KB
1 KB 50ms
27ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11284402700159321181/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f25e389a85477139279211f73648d4a8d061504bf9a82d7fc0846fa584289920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 11:48:50 GMT
x-content-type-options: nosniff
age: 283666
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1256
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:58:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Jun 2023 11:48:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B264 0
0 102ms
102ms Fetch
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPSM3tJqfYuHZCfSBoPMPvvG2iAGA4bK5atCkhJaSD7qolOSwKhABIJaq_AVg_eiigfADoAGN9oCcKMgBCakCM-7gzpigqj6oAwHIA8sEqgTuAU_QjpMfzAL5ERkqMwZrJN-DLDBuk4M4jbqH84V4_WtpqAzz5LAJHJ2FU7fpSi3oeP6MaJlhm50ejn5KRCn6RvkqWCQq_GXiarqkiBm5_kCdsO0UIO58M1hEewyH--iZ2tHlc2kygPHMIcYK8nmAroifL_axWaKaih6f6wO3-3AKqeV5-TsoW6Pp49arr4OngfO2DNPajfAO4bGJVoBgqlcAjqAnVstqCA6YIhx9zr65h874Yv5Ae0A6oiNibvI9MUjViLEvJ9hir5DuuOzJszTnwT7LJR_QhdtIpOql98ws8Xlg2W_5jJRP1IZU29zABPCKj9niA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeNrtH7AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOXxP9IIBwiAYRABGB-ACgHICwHYEw2IFAPQFQGYFgGAFwGyFxwKGggAEhRwdWItNDIwNTcyMTM0MTUwMTEyNRgA&sigh=3GoyKv6GyMs&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 07 Jun 2022 18:36:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Jun 2022 18:36:37 GMT

GET
DATA 200
OK truncated
/ Frame B264 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d6c452a536fdfa013775a63d2eb46be350945c76a727d04fd26e0f42b901168

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8091 36 KB
14 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 19:24:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13889
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Jun 2023 19:24:37 GMT

GET
H2 200 relap.js Show response
relap.io/v7/ Frame 7CF6 18 KB
6 KB 139ms
139ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/relap.js

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b26a65df18570a2c19ab2064a241b79de1bfe3d53480644f3d4bd54f4697c208

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: br
last-modified: Mon, 06 Jun 2022 09:52:50 GMT
server: nginx
etag: "629dce72-18e5"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 6373
expires: Tue, 07 Jun 2022 18:37:37 GMT

POST
H2 200 event
sjsmartcontent.org/wns/ 2 B
179 B 144ms
143ms Ping
text/plain 212.109.217.26
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://sjsmartcontent.org/wns/event
Requested by: Host: sjsmartcontent.org
URL: https://sjsmartcontent.org/static/plugin-site/js/sjplugin.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.109.217.26 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: tapeinotita7.slickjump.org
Software: nginx/1.20.2 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://agronomu.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://agronomu.com
date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.2
content-type: text/plain; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B264 0
20 B 81ms
80ms Ping
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDWJhbm5lckFUaHJvbmUKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNECshAAAAAAAAJEAwBAoNEAMhAAAAmJlZY0AwBAoNEAohAAAAAM3MJUAwBAoNEA0hAAAAAAAAAAAwBAoOEB4qCDEwMDV4MTI0MAQKDhAZKggxMDA1eDEyNDAECg0QDiEAAAAAAAAAADAECg0QBCEAAAAAANBkQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAA6QDAECg0QBSEAAAA4M9NkQDAECg0QECEAAAAAAF6yQDAECg0QESEAAAAAAAjTQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAAAAANBoQDAECg0QFCEAAAAAQDDpQDAECg0QFSEAAAAAAAAoQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAACYmRltQDAECg0QMiEAAAAAMDPTPzAECg0QMyEAAAAAMDPTPzAECg0QNCEAAAAAMDPTPzAECg0QNSEAAAAAMDPTPzAECg0QNiEAAAAAMDPTPzAECg0QNyEAAAAAMDPTPzAECg0QOCEAAAAAAAD4PzAECg0QOSEAAADAmRk1QDAECg0QOiEAAABAM7M1QDAECg0QOyEAAAA4M8NoQDAECg0QPCEAAAA4M8NoQDAECg0QPSEAAAAAANBoQDAECg0QPiEAAAAAAKBrQDAECg0QPyEAAAAAAKBrQDAECg0QQCEAAAAAAKBtQDAEEhpDT0dEM3ZMOW1fZ0NGZlFBYUFnZHZyZ05FUSIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/ee2748d247718329c39dcafa9e436df9.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 18:36:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8D72 0
327 B 327ms
128ms Ping
image/gif 2a00:1450:400c:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l44i6xyg&c=7537413435654&slotId=3768706717827&qqid=COCD3vL9m_gCFfQAaAgdvrgNEQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44731965%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 18:36:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D72 0
20 B 80ms
79ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CHMvKtJqfYuDZCfSBoPMPvvG2iAHggf-Iar73yJHyD_AuEAEglqr8BWD96KKB8APIAQWpAoiC6DN0oks-qAMByAObBKoEgQJP0JDz0nCRAr5_onwUvTHAjGJ0ta5kl17WQQaZodz9z2RaksJhdgMv6pHEUMmE_RLvWxm5sYk4RNupElBovN0dXrIinOBZN5CSRzhvTf9ZJpi37YN0i3TLk2bcn9OsA0CfZY2PFIzIC0esl3qv3wNU-3NU9CbYgogqxLk3u5Laqtvy51Y1_qNq5CQIuG0KpdrqIncGWS-eoPtc_skP2en3Ci30lJB_e6vIsehc0FVv-Y0YxH5AJuuAheRR6gVJwyAUzzCcg2hF7bquKmcSVqNd2hsGZGlKtP6m2vQ7EyvtyrMGdMdkua44lMppRlKAd1ubHYYr2JvbGklqD2QMQlKYTMAE5uC5j4oE4AQDkAYBoAZ2gAf4_uXbAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB-ACgHICwHgCwGADAGwE8Hkiw_QEwDYEwqIFAPYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1654626997103&ai=CHMvKtJqfYuDZCfSBoPMPvvG2iAHggf-Iar73yJHyD_AuEAEglqr8BWD96KKB8APIAQWpAoiC6DN0oks-qAMByAObBKoEgQJP0JDz0nCRAr5_onwUvTHAjGJ0ta5kl17WQQaZodz9z2RaksJhdgMv6pHEUMmE_RLvWxm5sYk4RNupElBovN0dXrIinOBZN5CSRzhvTf9ZJpi37YN0i3TLk2bcn9OsA0CfZY2PFIzIC0esl3qv3wNU-3NU9CbYgogqxLk3u5Laqtvy51Y1_qNq5CQIuG0KpdrqIncGWS-eoPtc_skP2en3Ci30lJB_e6vIsehc0FVv-Y0YxH5AJuuAheRR6gVJwyAUzzCcg2hF7bquKmcSVqNd2hsGZGlKtP6m2vQ7EyvtyrMGdMdkua44lMppRlKAd1ubHYYr2JvbGklqD2QMQlKYTMAE5uC5j4oE4AQDkAYBoAZ2gAf4_uXbAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB-ACgHICwHgCwGADAGwE8Hkiw_QEwDYEwqIFAPYFAHQFQH4FgGAFwE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 18:36:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 8D72 27 KB
15 KB 129ms
65ms XHR
text/xml 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BdFP2d1vWzJukLYMuFDw_uaS3NTDV-dS3Q_Vp58x2S7FSCZANZ3tHnfFnqOIw7IS1tYPyeix35s6MbAXtdACp61gi_Cg&cry=1&dbm_d=AKAmf-C-E6WlZiy26_Of3yTKmmznePPpMCOmm-buKtdxjTdwxxAh7bYVkN6-PZMhRgdK9LheGm1N9MssiYFOWTgGOJOe62CU3RmhPEdBNNyW2baNi-PCv-WJiD_UvrWOMgqobTI6MUajQdFNX4lehE8-vMk7TTCqMNDCpiGsC32I7VCl9NSXYeg1w4cBQdgeVLfGK_NyDpHympCoK3x2p2ypHxhwwvnPnp_8YY3--hxbyLpKbH7uD_pH3pQaJoPXcN7jcYSTBoSN41RQjsH9AoGwvg0vg59u07CR95EP3xbXbRRY3zcEl0jhWjlyrHz_bhy9KSdtmF1Erx-hZTjnVpVjGOXLxNCfRvwlw0adbnqeEiRjM3wh7RoqygEYDZcTv9dB2eUym9fULFVemQhvRDxUHXR65sUHaOFU862KmmrDstIl6fPTayyEIA0wiCGt7vLcoB7ABv5ozG5g7icYyxkMg74LdKC4VqWrOhwRX8yhKUxams8BPdQ9ioE7AZFuK6LqSD03h3YQAQWrGoIfe0IvmFyCFHvuI-ZBTfRPglnML2ZNMNk8j8FMX61LTm7ZCKihj39KkMi76UuezOdbJOLtbz0NSvPiPGScymf8eOAxfwtyYZNdX6I2XrqCnLUHakHzCdqVUm7suNc-_h_lGOMjEs0Ev0_1zColVbOllNwhQBl63S0B7L7v7hi56a9FOJ_-PlmXld07ncsz4_wZvdBxbr2F7NaNPNKj953rBOUk7ko5nFE96HJiZzzxiLymoB-u4S7oKvQ0C1pRmy_maEv7J_-iNmjrKY1g2fPuXvEBHaqSanPm55fkUp6Ecz-dHXk0U_LAdixuA-ksHQ-S9Aj1cy-TrRoLV-pTkFN3zywFDRK4HleK_nv7WtJa5VbRI_TeEHTQ0zKJtOE5WePiB3Acs4RQl_IJNK4486YLpvNQh5Wm_-BsipAcOVXJOFz95UGN1LOJ6BpAxowND-CGWiby74ayurwSWaUUtbYJ6YyCfz8431JYdQMrQNad2UpaeZpneiaK3SwpR4kPgpWFORmXBf-x0MhapgwagN-G-vKtwzCHXqF9Gfm9SyUvPu6Uci6UX4JsvwZKDcpz9Fst53579oufNLY_ZrwOUcNOqHXPqISf3E-Yi2BAVxshPpP5voiZN4xPraIYnaPPqRVu7r9VInRpIMFaoFV-l-c6ICPukn8CyoF8onrHNbtG9k6N1jY4lt04enCALsQnEWlw6FwJ-_kuCDbkWlekwNfSZjGvGmRY8T2mFmY1H6XaM4AfnzCaptK2ridy_mMLOnubzEvYHHfxDgKHwji6iPWSbfm3YZiJUSIlTo1KIBbyPT_ugwxQckxanjouYuYZxqPVeP7UrAIyT8Zb7jcc5OVvnfP1ORIJdHlKI-F46WWbSbW-_R-s6YMESk6ynA1LXavq-JuCn27EFn1mjG9rNAVtsL-mVraG95Gu76sRMBKoTZF9eBSSmPmd-UTH4jIkcjaISVwj0cE5KnXUMu27cWoOmCVHSeC3g4MN21NBogo8p_EwcSFTdQ43K0DG_JVUViz1-aiKbsH-vOZXLTjVkNVxA1TnrrkYgEvsFoxZzpGvNKkg-fR4ZBX70-WqFlcnhOmpcajDmAAgkCyuLThuDdO_nVjITrvILNYMwo5obz7gSIMjfqrrGEOc8K4Hx_j7RPEKpSXfWxvqU81D5Rum0L6C_mQ7ESrvUfCRWXW2ki_pfHwkgJ-meBN1T9feBZo0tLh8SCB5cq6KwuiGjM1SBEHfErZLAjmN9rwUtaBljMJJ9_nNmdEUxOZPK_8APZKtJ5Yr4oIiRuHNwJJJmGcqhgqrX39stiV9PL40JxRMw_HTXZlQ4O2u_8pKG1nYiGu9cBk5Mp0qAjO1hRPgs6G1Ggez9-MofHZ0jn2U_WAe9oxlfD1PhWXPC75wUyY8PNQ5fi2GqpSCUJBOR0fnl318dTY_n0i9MXCCe3iTJALd3DD8APhELiDlfM2Zla9o5HckqktsvhqIzz5Znpn-qcDGYQNLW3TS6RJx9F1vv7-5kOjHxXdJtazmc9PUS6P432qnqJp94Sci22EDHELBpfITkojWYf6cAMzd8PjUGXAnyw9SfOP-U6m-lVBb102bA1O_ONrdJWEkHwuEKO5f5xLV7F9t6th4n4GW-K5uAQicUA16xDsn40T28wcd08M_b9uvQro6rqrqJ5N0z3HxKq162o65NUdIYiA2_UkBzvcG9lBxeR0zlTYkWzAnRS0i2xFv8JHvgvG8Sdg_G5zPL0aXaRXwCm1TdL2qSeKhIInCAFavPz6DHgUCtCSZqvxs9CakslLctMR7jVrW_JOXgE6qg6spEjRRC8Trxwpto1031hx0Vp_z4Qs_J6_cVPkJFo0I2HkKq4iQ-gju5g9zXhvqQo3BessPLgjf8Uow6Zm5NWVFtciGhlLmTgRrO_Wpvi315r74KBjSVmMjEav8pRtnH9u7JjfRXndAfwGFiHKfG0Ck2gB2Uu8POXcBImV_T9KRTV8KOt_NLjS0X-OaSN7a_vXKvS5BVhB87bqog_Xoy2YIB_8D5RVNrmbYXwBNcHqhEyvkgSlXRjDln-8jm7gA5hF78BdHcm8cfa-10WMAlkOdtCPHyl713AydkNtiqU21CWizC7iga6AVE6A4L5Uxg2EBqeDDsR88gspPoCGRCNXrc5FHTu2irvkeTIwf8mI8ZDez42AYDKiIdVBu42Zz-t4YId0Ew1bRVBGnUKbE0BrpsuQGDIWb12S7o_bP6huQUbINqGqEhUZa9fDR5U-3qw-2vthrXV_RjGp3tSlf7r21glsDArk9gtbvQaxMlThXUNNcQTBwSafJ_VTcpWMMZAahBSfifR48akzlDwExgcNNYcf4_x9AdBYkfHNgFg5tV1ANK6xtcQqf_YHaH2bcs66wL8qBNFC4qQYHTyfjHd7C4W2qONY5SyhFICs2x0lej0NjkXsnH69XcHOwiC_mPBPRuRVi0IcyEXIE9OpoxprfYBuIVC7kmqxXNywkJyPqNxeUMYYN9oHQz7tW1B4ePJycB8RftfmY01KKWWqNcXyaYdHk_K2o5Ab59zOlibgch_yTZtilgALY6T1kEfjEGSRtDJ0QU_fKFb3o-WfKsGjzbkx3a2QptZBrcMEt7-b4WrLfAwoiv2oMGPfQJj2xy5B65p8o0GSynrUX5HcH33Q6SSOaroIv6C_cPuxWxhmUVMCjhpx-hAgS7o2sfN8ikfnv2ncQ9FZbHjsS8QGaR-wttjGVi7zjC6En4FOkRv93YBhEsUl0zN1_4YI_NPh8UwDpVBBtzEuYeL4ARSiZcR4L67S_s1Mz3y2zhpu7LoXYiSxEi4frrwZ3YLb7BAvR4ojVEzCMQQr637LRFxM7H8sOL80hEGQgn3OSXgR1TxipLX4z_8l3lNZOaK7e4n2ZojVaHDdRQ0AewU5sG-7FRFb800wj1UEoYjlwdnyqSZackes6g_coyUbnVK-h-KnOd5AaIXVuT2wKJkEJ7Yh9nQqTJ_VrkWm64p7mqqCIJxl5yPs0fYPEzvPOUucrnj8zlR48pQRjXysijeCGd-wesIIKtX_ajzfm3SvnGG4XYANQ8ZUojfB0n6BISnb6JTCwhmoiMepFBFodZ_2pm3rY04R9nt4UkTtc982M8usyQrdxRUtg45r3fzjXy_c6ZXgRnnQNEfLOWoQHLVSN8fozKnPIrb2vJfYmrMTEXCoawrqV11HdsF6df18r2oqk7QYKLGQ0TIsea_8S3XHeZfamrhy4h8FkFwnG_oLTbI_iyU9IjRnb-Kc3xc7CgWqbm1ADK-IB7qzR8bsjvorIMJ0&cid=CAASBORo1oY&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

e92eb6631a08f72f7e57134170e24e234d5614a9e431aa96f4534994b9c0d484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15283
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 init
relap.io/api/v7/ Frame 0
0 147ms
146ms Preflight
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/init?token=WPyFgbM3C_YLmp-a&url=https%3A%2F%2Fagronomu.com%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://agronomu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin: https://agronomu.com
access-control-max-age: 1728000
content-length: 0
content-type: text/html;charset=UTF-8
date: Tue, 07 Jun 2022 18:36:37 GMT
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-content-type-options: nosniff
x-server: web07
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 app_index.feebbacb4919c8f81ff3.js Show response
relap.io/v7/ Frame 7CF6 19 KB
9 KB 134ms
132ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/app_index.feebbacb4919c8f81ff3.js
Requested by: Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 507cd8e1390148cea7cbec420df29d0d830540c59bbd1623a53647f979fdc242

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: br
last-modified: Mon, 06 Jun 2022 09:52:50 GMT
server: nginx
etag: "629dce72-2252"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 8786
expires: Thu, 07 Jul 2022 18:36:37 GMT

GET
H2 200 init Show response
relap.io/api/v7/ Frame 7CF6 10 KB
3 KB 404ms
398ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/init?token=WPyFgbM3C_YLmp-a&url=https%3A%2F%2Fagronomu.com%2F

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

0d071a0882aef8e7fd1ea6605bc9b201a9ab9c0d9f9857b838339f5062d9fced

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://agronomu.com
x-relap-cookie: rlprp=VFy_OA:WAI_5A
x-server: back14
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-expose-headers: X-Relap-Cookie

GET
H2 200 ext_cfgs Show response
relap.io/api/v7/ Frame 7CF6 490 B
2 KB 411ms
411ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/ext_cfgs?token=WPyFgbM3C_YLmp-a&url=https%3A%2F%2Fagronomu.com%2F

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

9362e00b68c9e9c1f3739c1e59f26d787308971813e0216ebfb5a96a32c4eff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://agronomu.com
access-control-max-age: 1728000
x-server: back03
strict-transport-security: max-age=5184000; includeSubdomains;
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
content-length: 490
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

OPTIONS
H2 200 ext_cfgs
relap.io/api/v7/ Frame 0
0 140ms
140ms Preflight
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/ext_cfgs?token=WPyFgbM3C_YLmp-a&url=https%3A%2F%2Fagronomu.com%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://agronomu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin: https://agronomu.com
access-control-max-age: 1728000
content-length: 0
content-type: text/html;charset=UTF-8
date: Tue, 07 Jun 2022 18:36:37 GMT
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-content-type-options: nosniff
x-server: back01
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 match Show response
pixel.metrics0.com/public/v1/ Frame E68B 125 B
272 B 146ms
146ms XHR
application/json 109.206.175.74
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.metrics0.com/public/v1/match?clientId=eewn11jvry3va5eewnt1jvrx048q&clientCookie=match&systemCookie=&advCookie=&accuracy=3&autoMatch=true&DMPData=true
Requested by: Host: pixel.metrics0.com
URL: https://pixel.metrics0.com/frame2.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.206.175.74 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.175.74.serverel.net
Software: nginx/1.15.6 /
Resource Hash: 794031202ec5a26fdbf98f71649ffb499239ac1d1aec74f32937b9de1d6f2487

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.metrics0.com/frame2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
server: nginx/1.15.6
content-type: application/json

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D72 41 KB
15 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 22:32:52 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/7b0f100c3e75098e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686162997/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8D72
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/7b0f100c3e75098e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686162997/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r5---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/7b0f100c3e75098e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686162997/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

53ms
11ms

Fetch
video/mp4

2607:f8b0:4020:1::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/7b0f100c3e75098e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686162997/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3E197DEDD4B182E424DE281AACE9A0EAFE93B393.1658AB605203C69F07A1C622C5E9BEB3481ABAC3/key/cms1/cms_redirect/yes/mh/LJ/mip/2607:5300:60:7867::13/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1654626517/mv/m/mvi/5/pl/32/file/file.mp4

Requested by

Host: agronomu.com
URL: https://agronomu.com/

Protocol

HTTP/1.1

Server

2607:f8b0:4020:1::a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 18:36:37 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 606991
Last-Modified: Wed, 04 May 2022 14:53:48 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 07 Jun 2022 18:36:37 GMT

Redirect headers

date: Tue, 07 Jun 2022 18:36:37 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 651
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r5---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/7b0f100c3e75098e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686162997/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3E197DEDD4B182E424DE281AACE9A0EAFE93B393.1658AB605203C69F07A1C622C5E9BEB3481ABAC3/key/cms1/cms_redirect/yes/mh/LJ/mip/2607:5300:60:7867::13/mm/42/mn/sn-t0a7ln7d/ms/onc/mt/1654626517/mv/m/mvi/5/pl/32/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3E03 23 KB
9 KB 20ms
19ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 519421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 18:19:36 GMT
expires: Thu, 01 Jun 2023 18:19:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E03 35 KB
13 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 19:24:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Jun 2023 19:24:36 GMT

POST
H2 200 15ws4.json Show response
dayaneznayu.bid/ 59 B
260 B 104ms
98ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dayaneznayu.bid/15ws4.json

Requested by

Host: dayaneznayu.bid
URL: https://dayaneznayu.bid/15ws4.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

7fbd3550c94b73834cc7cddd3291cc46179a30d6ad75044ab25d48d9f73c3b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://agronomu.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: br
server: nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 86ms
44ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220602&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

706cb0c82305919a6231c8f08410b0c5b2397427dbf60b24250c975d730459a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10658
x-xss-protection: 0

GET
H2 200 vendor.2c273c2b18408e24729a.js Show response
relap.io/v7/ Frame 7CF6 376 KB
96 KB 134ms
133ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/vendor.2c273c2b18408e24729a.js
Requested by: Host: relap.io
URL: https://relap.io/v7/app_index.feebbacb4919c8f81ff3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: fc7de1375542053864ae973f2a988f5e2b3980b049b366cd03cedbe995f805ee

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: br
last-modified: Mon, 06 Jun 2022 09:52:50 GMT
server: nginx
etag: "629dce72-17c71"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 97393
expires: Thu, 07 Jul 2022 18:36:37 GMT

GET
H2 200 common_core.3ddfe13b10e4abea1efa.js Show response
relap.io/v7/ Frame 7CF6 287 KB
60 KB 267ms
266ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/common_core.3ddfe13b10e4abea1efa.js
Requested by: Host: relap.io
URL: https://relap.io/v7/app_index.feebbacb4919c8f81ff3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 55b759cc16c2157df503a1319d735c12299fbe977ad36f019748e399fb8a7d81

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: br
last-modified: Mon, 06 Jun 2022 09:52:50 GMT
server: nginx
etag: "629dce72-efc8"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 61384
expires: Thu, 07 Jul 2022 18:36:37 GMT

GET
H2 200 app.e517ba6e25cd6c3a0f52.js Show response
relap.io/v7/ Frame 7CF6 68 KB
7 KB 267ms
267ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/app.e517ba6e25cd6c3a0f52.js
Requested by: Host: relap.io
URL: https://relap.io/v7/app_index.feebbacb4919c8f81ff3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 7c42a18efaea5fe54e627012a204680d705097313fffd5d2b5df747c0c6c80b4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: br
last-modified: Mon, 06 Jun 2022 09:52:50 GMT
server: nginx
etag: "629dce72-1c38"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 7224
expires: Thu, 07 Jul 2022 18:36:37 GMT

GET
H2 200 4.js Show response
pixel.metrics0.com/suppliers/ Frame E68B 225 B
347 B 95ms
94ms Script
application/javascript 109.206.175.74
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.metrics0.com/suppliers/4.js
Requested by: Host: pixel.metrics0.com
URL: https://pixel.metrics0.com/frame2.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.206.175.74 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.175.74.serverel.net
Software: nginx/1.15.6 /
Resource Hash: 0d3fcd7325e0bcab5b1c8e3fa9a11ca64dab833ed7b8f3a274f87352419724ef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.metrics0.com/frame2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: gzip
last-modified: Tue, 21 May 2019 07:11:16 GMT
server: nginx/1.15.6
etag: W/"5ce3a494-e1"
x-cache-status: HIT
content-type: application/javascript

GET /
damskiy.xyz/v2/n/ 0
0

GET
H2 200 102319.q8ilio.700x575.png
agronomu.com/media/res/1/0/2/3/1/9/ 980 KB
981 KB 96ms
94ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/2/3/1/9/102319.q8ilio.700x575.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 22b41408889baefcd3942f6b4f9ecdf10c55534e9b5e1650eab3774eb945ce04

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
last-modified: Thu, 09 Apr 2020 13:01:10 GMT
server: nginx
etag: "5e8f1c96-f5084"
content-type: image/png
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1003652
expires: Fri, 10 Jun 2022 18:36:37 GMT

GET
H2 200 102305.q8h3yc.700x575.png
agronomu.com/media/res/1/0/2/3/0/5/ 732 KB
733 KB 576ms
574ms Image
image/png 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/2/3/0/5/102305.q8h3yc.700x575.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: c298338a1b13f198bf17a21158b47d1802f019be53a4d301281cfb44e9f481cd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
last-modified: Thu, 09 Apr 2020 10:06:07 GMT
server: nginx
etag: "5e8ef38f-b7042"
content-type: image/png
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 749634
expires: Fri, 10 Jun 2022 18:36:37 GMT

GET
H2 200 103740.qrsv30.50x50.jpg
agronomu.com/media/res/1/0/3/7/4/0/ 2 KB
2 KB 666ms
665ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/1/0/3/7/4/0/103740.qrsv30.50x50.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 7fc46176aca19d385f05f580a8d3c89cfcc2e0e034a13c4efe67c0b827de56e2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
last-modified: Mon, 02 Aug 2021 04:24:23 GMT
server: nginx
etag: "61077377-6a9"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1705
expires: Fri, 10 Jun 2022 18:36:37 GMT

GET
H2 200 9250.oihmj0.50x50.jpg
agronomu.com/media/res/9/2/5/0/ 2 KB
2 KB 667ms
666ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/9/2/5/0/9250.oihmj0.50x50.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: d65c01ab7c6f5d91d35d627b99f59a547535f0dd5d4751ca33c98d95599d250d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
last-modified: Sun, 11 Mar 2018 15:48:17 GMT
server: nginx
etag: "5aa54fc1-7b8"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1976
expires: Fri, 10 Jun 2022 18:36:37 GMT

GET
H2 200 96318.pk1huc.50x50.jpg
agronomu.com/media/res/9/6/3/1/8/ 2 KB
2 KB 667ms
666ms Image
image/jpeg 54.38.155.61
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomu.com/media/res/9/6/3/1/8/96318.pk1huc.50x50.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.155.61 , France, ASN16276 (OVH, FR),
Reverse DNS: ip61.ip-54-38-155.eu
Software: nginx /
Resource Hash: 19bad557a1f07a40861b40810ecf3765987fa539d2ba4c9ab5f88c8f4ce8a12a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
last-modified: Wed, 30 Jun 2021 18:21:15 GMT
server: nginx
etag: "60dcb61b-826"
content-type: image/jpeg
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 2086
expires: Fri, 10 Jun 2022 18:36:37 GMT

GET
H3 206 file.mp4
r5---sn-t0a7ln7d.c.2mdn.net/videoplayback/id/7b0f100c3e75098e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686162997/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8D72 593 KB
593 KB 24ms
11ms Media
video/mp4 2607:f8b0:4020:1::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:1::a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0c1848a6660dd35da0ae8b410216ee43a1bb9d0d16d1509f80c33c0b59a87bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-606990/606991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 606991
expires: Tue, 07 Jun 2022 18:36:37 GMT
last-modified: Wed, 04 May 2022 14:53:48 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
34ms Script
text/javascript 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Jun 2022 18:36:37 GMT

GET
H2

200

user Show response
api.aidata.io/api/pid/1853046/ Frame E68B
Redirect Chain

https://api.aidata.io/api/pid/1853046/user?callback=s4data
https://x01.aidata.io/api/pid/1853046/user?callback=s4data
https://api.aidata.io/api/pid/1853046/user?callback=s4data&__upin=undefined

9 B
137 B

133ms
133ms

Script
application/json

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://api.aidata.io/api/pid/1853046/user?callback=s4data&__upin=undefined
Protocol: H2
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: 94cee0ad0550809018cfb899722cf5adba543a93801f1e7acd9b075661ec2d07

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.metrics0.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:38 GMT
server: nginx
content-length: 9
content-type: application/json

Redirect headers

location: https://api.aidata.io/api/pid/1853046/user?callback=s4data&__upin=undefined
date: Tue, 07 Jun 2022 18:36:38 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E03 0
20 B 83ms
82ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BWfs3tZqfYprdDO63owaQua6YDgAAAAA4AeAEAg&bg=!vr2lvfnNAAaJfvByqX47ACkAdvg8WmyUzeYVPw-D4Sn6sFTRMmUUkhs2ZOPXkQ_4MFdAFA1OUlWXywIAAACQUgAAAANoAQcKAD-OhjDV-Oy-N2dhwL9ylZYaso5f_ddi4u1dci64Q0-m9LDBrJ2p3pxkuRAeONWhIPtmz9uGCxoCQpAXgvHrPZGZAuKIvYBBpIj4GMKYlKZB8hQLZija0ka1YHk5FFCK8k6wsOIBgenBVeiwKu1j4Hc2ysVivh6evYUhoQSynb7_ao7zRTgd7qT7SpEqDZR4mJ57LBV3ncCKUKP_tLVHLNGFBQopaItJ0pLPEn1ixauIuInklxUCi-TYu5sstcB7XD69GcVPN3YzinbIEjbx8-WrLgTl78t7-klY3UmEepR-M593kDcaMXvK7ymP6wTW4oCZvr8KQOfsoUKhVMPwxlbf7aXdYRBKLmakG0fUY5P7Tc9YLxqlQdkHmrIlJlskBfyI_NPj39aDH5xB9sG9qnCfaq0SKfpClxg6zZaoQ_Xp37gP5IYGNX0owKeJtC9PvLdZsv1fzER3qA3XPcD_4isYWRj0aUOTA_WN73A9BmPzcSp2n8UFG12MD-kaw2xXtuMR0_8xcTvCjdOxrskEvzvZ_8YZylfdq7hzssaeVWmX104bF47bcXc28c6LaB_ZalwSIlxcfqiVI5IQ9_4t9ERg1rFWrShVXuQpFCHngPrg5nZitWxOCqYPYM82v2R1EM_9TIAa-7Z5Td02K4irxir0EXpMB1_JpiCtdU3TmJfn3_lkbDA14POVrxBYrIzZ2eP4IhxMqgLXBBMfMnC6Y3E4D-nJBwq5Il5Bx9L4R9ReJPt9qOoScYZ0O0LEoDkUDlthxQo11HR0GEYOxwNCQJa-wfLwiundzw-d_hLobtXDHpHe0GT__A-PJpV5HwfqYHd6um_hfsaEeCJjD8mNhLp_6ekhF-Nv55jJhoNgLfbYc8eoQow6YoEHYJa-oZLpJQH37CJQyQTrNzIarxUZuZKgJu497NXw-cuReLkBK_n0_6rqmBHzW43SeYBCKovXGWMvjhEO684192NJ0XDQ0ydqc_Bt-JWq6WWHbfq230lrNmwHcgAfie6wOlN2lhhs-BZqMN6aGmQ-nq7VHUsFReUi3ID-uSF67U5705QR3Y2c03EHdyU

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 18:36:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5880 13 KB
5 KB 19ms
19ms Document
text/html 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agronomu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 43879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 06:25:18 GMT
expires: Wed, 07 Jun 2023 06:25:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E1FB 783 B
1 KB 90ms
41ms Document
text/html 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2382d69721e5a078c59befb30b0f95d9699fb0409dbc7a22ba374df54c55d3dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KdozAAcgYRxLn29YFMFQHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agronomu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-KdozAAcgYRxLn29YFMFQHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 18:36:37 GMT
expires: Tue, 07 Jun 2022 18:36:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5880 36 KB
14 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 01:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 492131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Jun 2023 01:54:26 GMT

GET
H2 200 script.js Show response
y8lsyibocd.ru/ 110 KB
42 KB 524ms
262ms Script
application/javascript 85.192.12.169
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://y8lsyibocd.ru/script.js
Requested by: Host: agronomu.com
URL: https://agronomu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6396f367761a8f2db56540e9c0bed437b0d228d988ca1727e7dc6a9d2952847e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
content-encoding: gzip
x-adsbid-request: eoqgz5szmms9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
server: nginx/1.18.0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E1FB 0
0 88ms
88ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220602&jk=3987385358207870&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5880 0
9 B 19ms
19ms Image
text/plain 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oHZkOg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2001 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 metrics
relap.io/api/v7/ Frame 0
0 143ms
143ms Preflight
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/metrics

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://agronomu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin: https://agronomu.com
access-control-max-age: 1728000
content-length: 0
content-type: text/html;charset=UTF-8
date: Tue, 07 Jun 2022 18:36:38 GMT
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-content-type-options: nosniff
x-server: web03
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

POST
H2 200 / Show response
s.relap.io/api/8/envelope/ Frame 7CF6 2 B
175 B 199ms
141ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://s.relap.io/api/8/envelope/?sentry_key=de87b3f4168749e8889e7f7049c29c5d&sentry_version=7
Requested by: Host: relap.io
URL: https://relap.io/v7/vendor.2c273c2b18408e24729a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://agronomu.com
date: Tue, 07 Jun 2022 18:36:38 GMT
server: nginx
content-type: application/json
content-length: 2
vary: Origin
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after

POST
H2 200 metrics Show response
relap.io/api/v7/ Frame 7CF6 2 B
1 KB 142ms
142ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/metrics

Requested by

Host: relap.io
URL: https://relap.io/v7/vendor.2c273c2b18408e24729a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Jun 2022 18:36:38 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
content-length: 2
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma: no-cache
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://agronomu.com
cache-control: max-age=1, no-cache
x-server: web11
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID

GET
H2 200 core.062d48dafd47ac14bafd.js Show response
relap.io/v7/ Frame 7CF6 5 KB
2 KB 133ms
133ms Script
application/javascript 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/core.062d48dafd47ac14bafd.js
Requested by: Host: relap.io
URL: https://relap.io/v7/app_index.feebbacb4919c8f81ff3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: bfc504d945f07868e152703d27047de3ca4c361f9756274b0606bc0727cbe852

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:38 GMT
content-encoding: br
last-modified: Mon, 06 Jun 2022 09:52:50 GMT
server: nginx
etag: "629dce72-6da"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 1754
expires: Thu, 07 Jul 2022 18:36:38 GMT

GET
H2 200 abp.gif
relap.io/ Frame 7CF6 43 B
208 B 133ms
133ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/abp.gif?ch=1&rn=0.31770702491826674

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:38 GMT
last-modified: Wed, 21 Apr 2021 14:05:03 GMT
server: nginx
etag: "6080310f-2b"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2 200 abp.gif
relap.io/ Frame 7CF6 43 B
208 B 134ms
134ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/abp.gif?ch=2&rn=0.31770702491826674

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:38 GMT
last-modified: Wed, 21 Apr 2021 14:05:03 GMT
server: nginx
etag: "6080310f-2b"
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2

204

supersync
sync.1dmp.io/ Frame A944
Redirect Chain

https://sync.1dmp.io/supersync?pid=w&o=ns&cid=d532925e-370a-4913-9238-e8b91206247f&brid=3fdc8267-2323-4ff5-80fe-dc2813a9742e&uid=QYYKhBTf
https://sync.1dmp.io/supersync?t=c4404c34-e690-11ec-acfd-901b0e8b2a6e

0
0

99ms
99ms

Document
text/plain

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.1dmp.io/supersync?t=c4404c34-e690-11ec-acfd-901b0e8b2a6e
Requested by: Host: relap.io
URL: https://relap.io/v7/common_core.3ddfe13b10e4abea1efa.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Tue, 07 Jun 2022 18:36:38 GMT
server: nginx

Redirect headers

cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
content-length: 0
date: Tue, 07 Jun 2022 18:36:38 GMT
expires: 0
location: /supersync?t=c4404c34-e690-11ec-acfd-901b0e8b2a6e
server: nginx

GET
H2

200

altergeocs
relap.io/partners/ Frame 7CF6
Redirect Chain

https://cm.p.altergeo.ru/relap?aid=QYYKhBTf&nc=cCc5vgPe&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D
https://relap.io/partners/altergeocs?uid=CMc4GwmUIiR92+D3Ij+M9sAQ==

43 B
620 B

139ms
138ms

Image
image/gif

95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/altergeocs?uid=CMc4GwmUIiR92+D3Ij+M9sAQ==

Protocol

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 18:36:38 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: web04
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Redirect headers

Pragma: no-cache
Date: Tue, 07 Jun 2022 18:36:38 GMT
Server: nginx/1.16.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://relap.io/partners/altergeocs?uid=CMc4GwmUIiR92+D3Ij+M9sAQ==
Cache-Control: max-age=0, no-cache, no-store
Connection: close
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/ Frame 7CF6
Redirect Chain

https://top-fwz1.mail.ru/counter?id=3136989
https://top-fwz1.mail.ru/counter2?id=3136989

43 B
961 B

129ms
129ms

Image
image/gif

95.163.52.67
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=3136989

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:38 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Tue, 07 Jun 2022 18:36:38 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
location: https://top-fwz1.mail.ru/counter2?id=3136989
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 b286ae57.js Show response
pdayyocpnvh.ru/pixels/ 139 KB
48 KB 588ms
290ms Script
application/javascript 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Requested by: Host: y8lsyibocd.ru
URL: https://y8lsyibocd.ru/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 1e508a9583f7eed5aaf6ab887e2a95f01855809251830231b765a3d59e43d96c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:38 GMT
cache-control: no-store
last-modified: Fri, 25 Mar 2022 06:57:36 GMT
server: nginx/1.18.0
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220602&jk=3987385358207870&bg=!aWqlai7NAAao8wy8iPM7ACkAdvg8WjpL_0p9BwTYfY-7OzOs8VqevB1y5PHn2trM_q_4jcNXwM2nkQIAAABeUgAAAANoAQeZApvXRnJrXP7ztr-0_-TfpOvy_dZlsNlFdehw_hiZMycZnMvjrauWS81GMHyH9DrhVygWChPK7Ej-r3ccbwhO9l0CrBI51nwmxeARFtF82vbG9yI5JxPx3Nunkxt-aHMVel_sPYNQVmjFJkunct2iJWbS8RCFLk6vTEJ9k6XZQcX3XNRjQNTGEf9c-xdeL9GIE6S7wddPxfY5Wj3lVPtizmN2NVdLu767_CIHD993vwfXXskChaYaF66Kmhi_CtyRkQTQ440wU687ShCmZ4cBF6t3heB2Z1DRl1NlxZobtQOUObNtg2RzhMp05vCv09CTB_8CtpXKePwBd_qnKSnOw9b-mIBT8Ts1os3NFkm5lu4ohbSRjlmSvYNa6HAW5nq93lhfDmOG0dHeCLLPJK2IoXAP9o1zvC4So7G9p9k_qyzcvqrNVUG2cADMGVJsfgP0GIbEOgxSHJcwW-1e_jnzYs8DsUVPxi1ENH-hdxvfqlfnuOmcNrjaPFOhhbw6lKR1XQzeNXpfQsbpREMwnHETM4RRnOfoRPJiaq0QCDaqqJQPdFWMUba8mRz6s8mt5FfG4BVgESqJuggEGc-dYgYOn05Ba2JJkWgMmOOsrP4eIGAQOPTnLFISkM93048V_qgIOV8HuHPzF6ObX2OFY7w7Hnr2U7FVXZYbeTOlLUfNJ_2ogLFMYvyJJeq744gkSe5QyjEq2md3Qj0oYy407fPfHc0_t-p5w4no5mF7j_51FjgA1T8WBJ2N4qbeIqsGE4fEf_VVRhY5Ba826bcoN1r6bPfs3IbBu1H1MgGu_i0g1R9g06OXPHe0MNAonI6f5au0nt2-TNh3BGuSDOs6SyoU1ocMr2f9NYJukFH0VKCh6q5l_gEbTOCPRbLODU6H
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 sync Show response
pixel.metrics0.com/public/v1/ Frame E68B 2 B
69 B 143ms
142ms XHR
application/json 109.206.175.74
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.metrics0.com/public/v1/sync?sid=eewnl1jvogo1rzeewn31jvogo26l&systemCookie=eex6m1l44i6y4j&clientId=eewn11jvry3va5eewnt1jvrx048q&custom=
Requested by: Host: pixel.metrics0.com
URL: https://pixel.metrics0.com/frame2.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.206.175.74 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.175.74.serverel.net
Software: nginx/1.15.6 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.metrics0.com/frame2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:38 GMT
server: nginx/1.15.6
content-type: application/json

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B264 42 B
64 B 83ms
82ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5wVVIdbiddfCY92Zm_JmJMubl-MqubYX0LCRXumKaRO7PbMQKH5NG1cgd5W1sIyDQTPREGZp5_X8EZUkbpeS-XPLsUo1j_iHSgi6FM_U7MEnmFTbjHcGtEg&sai=AMfl-YT-EB0dvxnjFCfHJBM9k10DwTSd0NvI5GktDB8ljcrahdl1y4i_T8ZSm3ccBUTEtCg-aQwKdrUSWYjx&sig=Cg0ArKJSzM3ae30h5niiEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=90,804,1000,1138,1181&tos=90,714,196,138,43&v=20220606&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654626996801&rpt=233&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Mullica Hill, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 18:36:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 8D72 0
17 B 325ms
130ms Ping
image/gif 2a00:1450:400c:c00::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l44i6xyp&c=7537413435654&slotId=3768706717827&qqid=COCD3vL9m_gCFfQAaAgdvrgNEQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=607&mt=video%2Fmp4&vs=1024x576&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::78 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 18:36:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 match Show response
pixel.metrics0.com/public/v1/ Frame E68B 0
125 B 143ms
142ms XHR
text/plain 109.206.175.74
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.metrics0.com/public/v1/match?clientId=eewn11jvry3va5eewnt1jvrx048q&clientCookie=match&systemCookie=eex6m1l44i6y4j&advCookie=&accuracy=1&autoMatch=true&DMPData=true
Requested by: Host: pixel.metrics0.com
URL: https://pixel.metrics0.com/frame2.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.206.175.74 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.175.74.serverel.net
Software: nginx/1.15.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pixel.metrics0.com/frame2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:38 GMT
server: nginx/1.15.6

POST
H2 200 stat Show response
relap.io/api/v7/ Frame 7CF6 2 B
749 B 151ms
150ms Fetch
application/json 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/stat

Requested by

Host: relap.io
URL: https://relap.io/v7/vendor.2c273c2b18408e24729a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie: rlprp=VFy_OA:WAI_5A
Referer
X-Relap-UUID: 2653adee-a618-4dc0-86dd-f3629bc05a45
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Jun 2022 18:36:38 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
content-length: 2
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma: no-cache
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://agronomu.com
x-relap-cookie: rlprp=VFy_OA:WAI_5A
cache-control: max-age=1, no-cache
x-server: web05
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-expose-headers: X-Relap-Cookie

OPTIONS
H2 200 stat
relap.io/api/v7/ Frame 0
0 142ms
142ms Preflight
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/stat

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-relap-cookie,x-relap-uuid
Access-Control-Request-Method: POST
Origin: https://agronomu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin: https://agronomu.com
access-control-max-age: 1728000
content-length: 0
content-type: text/html;charset=UTF-8
date: Tue, 07 Jun 2022 18:36:38 GMT
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-content-type-options: nosniff
x-server: back12
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 pclicks.js Show response
prodmp.ru/ 0
224 B 429ms
137ms Script
text/javascript 193.106.92.202
ITSOFT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmp.ru/pclicks.js
Requested by: Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.92.202 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS: rav4ever.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:39 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 internal Show response
dmpprof.com/matching/ 141 B
665 B 416ms
135ms Fetch
application/json 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=10&href=https%3A%2F%2Fagronomu.com%2F&title=%D0%90%D0%B3%D1%80%D0%BE%D0%BD%D0%BE%D0%BC%D1%83.com%20%7C%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D1%81%D0%B5%D0%BB%D1%8C%D1%81%D1%8C%D0%BA%D0%BE%D0%BC%20%D1%85%D0%BE%D0%B7%D1%8F%D0%B9%D1%81%D1%82%D0%B2%D0%B5&dmp_print_id=a40795213798a1710979ac4341bac8e5
Requested by: Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 21bf7605643faf9544c5516cb9f15024af5e7aed9c303149b086cccd113014b6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:40 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://agronomu.com
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 141

POST
H2 200 top2 Show response
sjsmartcontent.org/wns/ 2 B
560 B 141ms
141ms XHR
text/json 212.109.217.26
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://sjsmartcontent.org/wns/top2
Requested by: Host: sjsmartcontent.org
URL: https://sjsmartcontent.org/static/plugin-site/js/sjplugin.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.109.217.26 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: tapeinotita7.slickjump.org
Software: nginx/1.20.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://agronomu.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://agronomu.com
date: Tue, 07 Jun 2022 18:36:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.2
content-type: text/json; charset=utf-8

GET
H2 200 demography Show response
prodmp.ru/pclicks/ 3 B
133 B 139ms
137ms Fetch
application/json 193.106.92.202
ITSOFT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmp.ru/pclicks/demography?domain=agronomu.com
Requested by: Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.92.202 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS: rav4ever.ru
Software: nginx /
Resource Hash: 37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://agronomu.com
date: Tue, 07 Jun 2022 18:36:40 GMT
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=bb095f35-4606-4cca-96a1-93e0ada65ae9
https://x.bidswitch.net/sync?ssp=admixer&user_id=839a8f96d0b64be7a76cbaa693477935&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=839a8f96d0b64be7a76cbaa693477935&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=f9690aff-22ad-48da-801e-7fdf0777ef17&gdpr=&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=admixer&user_id=csonata_bf394b43-3e8d-4b55-afb2-156239b1e090&bsw_param=f9690aff-22ad-48da-801e-7fdf0777ef17&expires=10
https://inv-nets.admixer.net/bs/cm.aspx?id=f9690aff-22ad-48da-801e-7fdf0777ef17&gdpr=&consent=&gdpr_pd=

43 B
463 B

20ms
19ms

Image
image/gif

204.62.13.72
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=f9690aff-22ad-48da-801e-7fdf0777ef17&gdpr=&consent=&gdpr_pd=

Protocol

HTTP/1.1

Server

204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 18:36:40 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Location: //inv-nets.admixer.net/bs/cm.aspx?id=f9690aff-22ad-48da-801e-7fdf0777ef17&gdpr=&consent=&gdpr_pd=
Date: Tue, 07 Jun 2022 18:36:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
s.uuidksinc.net/match/601/ 74 B
242 B 306ms
97ms Image
image/png 31.220.27.155
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/601/?remote_uid=bb095f35-4606-4cca-96a1-93e0ada65ae9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:40 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

POST
H2 200 enr Show response
dmpprof.com/ 2 B
352 B 139ms
139ms Fetch
text/plain 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/enr?href=https%3A%2F%2Fagronomu.com%2F&title=%D0%90%D0%B3%D1%80%D0%BE%D0%BD%D0%BE%D0%BC%D1%83.com%20%7C%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D1%81%D0%B5%D0%BB%D1%8C%D1%81%D1%8C%D0%BA%D0%BE%D0%BC%20%D1%85%D0%BE%D0%B7%D1%8F%D0%B9%D1%81%D1%82%D0%B2%D0%B5
Requested by: Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://agronomu.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Jun 2022 18:36:40 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://agronomu.com
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length: 2

GET
H2 200 mapping Show response
dprof.site/matching/ 17 B
539 B 146ms
133ms Fetch
application/json 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dprof.site/matching/mapping?uid=bb095f35-4606-4cca-96a1-93e0ada65ae9
Requested by: Host: pdayyocpnvh.ru
URL: https://pdayyocpnvh.ru/pixels/b286ae57.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://agronomu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 18:36:40 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://agronomu.com
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 17

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: agrorek.site
URL: https://agrorek.site/D6W/p4s.js

Domain: relap.io
URL: https://relap.io/v7/relap.js

Domain: facmtf.com
URL: https://facmtf.com/klpl71291lvimp0y038qh876uqv786/pky8r0h35.php

Domain: duper8flash.com
URL: https://duper8flash.com/j/5f894da7cdcdb085a8580f8b

Domain: damskiy.xyz
URL: https://damskiy.xyz/v2/n/?uid=2n5w1972715z2r203yhq6y2a2b2m6w6j2w3y&vid=eex6m1l44i6y4j&sid=&wid=cc18ae7b-6310-448a-8572-aa3b1fad6da0&inw=y

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sjsmartcontent.org/wns/top2	1970-01-20 04:21:45	Name: wnid Value: 8754819c8865957cb1446f3abe0c42d3
.sjsmartcontent.org/wns/tpx	1970-01-20 04:21:45	Name: wnid Value: 8754819c8865957cb1446f3abe0c42d3
.sjsmartcontent.org/xpx	1970-01-20 04:21:45	Name: wnid Value: 8754819c8865957cb1446f3abe0c42d3
.admixer.net/bs	1970-01-20 05:46:43	Name: am-uid Value: 839a8f96d0b64be7a76cbaa693477935
agronomu.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: gc19tfu6ahetf5aa0s74clcv6v
agronomu.com/	1970-01-20 12:22:42	Name: L Value: ru
agronomu.com/	1970-01-21 14:45:16	Name: split_push_3 Value: zp
.agronomu.com/	1970-01-20 12:22:42	Name: _ym_uid Value: 1654626996669955650
.agronomu.com/	1970-01-20 12:22:42	Name: _ym_d Value: 1654626996
.agronomu.com/	1970-01-20 21:08:18	Name: _ga Value: GA1.2.396098972.1654626996
.agronomu.com/	1970-01-20 03:38:33	Name: _gid Value: GA1.2.1764525113.1654626996
.agronomu.com/	1970-01-20 03:37:07	Name: _gat Value: 1
.agronomu.com/	1970-01-20 12:58:42	Name: __gads Value: ID=0cbc057074f6cb69-22eda231d6d2004e:T=1654626996:RT=1654626996:S=ALNI_MYlyPTgi6WSYTm3fEmEqtVA_IhK0g
.agronomu.com/	1970-01-20 12:58:42	Name: __gpi Value: UID=000005f6cdcd769d:T=1654626996:RT=1654626996:S=ALNI_Maor6rOPpMkptAFY64cYfvjFxmbog
.zcode6.me/	1970-01-20 04:20:18	Name: uuid Value: b46d0512-de27-4ae6-9516-1f319a96c4c2
.yandex.ru/	1970-01-20 12:22:42	Name: ymex Value: 1969986996.yrts.1654626996#1969986996.yrtsi.1654626996
.yandex.ru/	1970-01-23 19:13:06	Name: yandexuid Value: 3597675101654626996
.yandex.ru/	1970-01-23 19:13:06	Name: yuidss Value: 3597675101654626996
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2535392231654626996
.yandex.ru/	1970-01-23 19:13:06	Name: i Value: yt42w08El9b1BP963p6ROuBw7lowUzUQQ2PwrmH4WGvZnnTSZO60qyvpgcQBbjdxRHPefmtj4VJL4h9bOSa2E//ZeHI=
.agronomu.com/	1970-01-20 03:38:18	Name: _ym_isad Value: 2
.agronomu.com/	1969-12-31 23:59:59	Name: surfer_uuid Value: 47a4af7c-f43b-479e-942d-f6f92215c2b1
.agronomu.com/	1969-12-31 23:59:59	Name: la_page_depth Value: %7B%22last%22%3A%22https%3A%2F%2Fagronomu.com%2F%22%2C%22depth%22%3A1%7D
.agronomu.com/	1969-12-31 23:59:59	Name: page_load_uuid Value: b1cd9bff-8d4e-4026-a68d-491c7f7abbd3
.mc.webvisor.org/	1970-01-20 03:37:07	Name: sync_cookie_csrf Value: 830947065fake
.doubleclick.net/	1970-01-20 21:08:18	Name: IDE Value: AHWqTUnRoM8hRYfEtWlGeaMWIphc-SagtwnsONOJzSlZs4FzVXZaif1plmnO_YvLuto
.mc.yandex.ru/	1970-01-20 03:37:07	Name: sync_cookie_csrf Value: 100056635fake
.webvisor.org/	1970-01-27 10:49:06	Name: yandexuid Value: 3597675101654626996
.webvisor.org/	1970-01-27 10:49:06	Name: yuidss Value: 3597675101654626996
.mc.webvisor.org/	1970-01-20 03:38:33	Name: sync_cookie_ok Value: synced
pixel.metrics0.com/	1970-01-23 19:13:06	Name: dmps_uid Value: eex6m1l44i6y4j
agronomu.com/	1970-01-20 12:22:42	Name: __adswellvid Value: eex6m1l44i6y4j
.relap.io/	1970-01-23 19:13:06	Name: fsts Value: 1654626997
.relap.io/	1970-01-20 03:57:16	Name: rlprp Value: VFy_OA--a4df3008daba926dbd8afa7e63794557d4a0dc7fa38c571bf05a0fc12bf67bc0
.relap.io/	1969-12-31 23:59:59	Name: 3rdpce Value: 1
.relap.io/	1970-01-23 19:13:06	Name: unique Value: QYYKhBTf
.relap.io/	1969-12-31 23:59:59	Name: suid Value: 9bd8f7d0fd873e8028f43a7b19ef958d4879c714--99440a4498cffa605a9a16085802ed793f3d674c1c32c7e1e3bf5344b905ec16
.1dmp.io/	1970-01-20 12:22:42	Name: uid Value: c4404c33-e690-11ec-acfd-901b0e8b2a6e
.1dmp.io/	1970-01-20 03:37:07	Name: c4404c34-e690-11ec-acfd-901b0e8b2a6e Value: cGlkPXcmbz1ucyZjaWQ9ZDUzMjkyNWUtMzcwYS00OTEzLTkyMzgtZThiOTEyMDYyNDdmJmJyaWQ9M2ZkYzgyNjctMjMyMy00ZmY1LTgwZmUtZGMyODEzYTk3NDJlJnVpZD1RWVlLaEJUZg==
.relap.io/	1970-01-23 19:13:06	Name: lsts Value: 1654626998
.relap.io/	1970-01-20 03:38:33	Name: hllc Value: 2
.relap.io/	1970-01-20 12:22:42	Name: rlpagcs_2 Value: 1654626998:CMc4GwmUIiR92+D3Ij+M9sAQ==
.mail.ru/	1970-01-20 12:24:09	Name: VID Value: 0Xs32S0wMQ2A00000e1GL42A:::0-0-0-7b9f376:CAASEJcqRy-h3CN9h69-ZOxyllcaYPT7c85k_gsn1GTBYahqIzY7QeL5c8BG0qYwRkCr_A3YY_AfnKJkBFSVNgDS8kR2La_OI1LMD8QvFFzAj_hb5AijIC8iiJPUeDZaBPICACMyA4ObNf9q_aDrjqupYYTFFA
prodmp.ru/	1970-01-20 05:46:42	Name: rai Value: 0393ad13ce5da6cbbd325f752a3a0f88
dmpprof.com/	1970-01-20 13:37:07	Name: uid Value: bb095f35-4606-4cca-96a1-93e0ada65ae9
.admixer.net/	1970-01-20 05:46:43	Name: am-uid Value: 839a8f96d0b64be7a76cbaa693477935
.sjsmartcontent.org/	1970-01-20 04:21:45	Name: wnid Value: 8754819c8865957cb1446f3abe0c42d3
.bidswitch.net/	1970-01-20 12:22:43	Name: tuuid Value: f9690aff-22ad-48da-801e-7fdf0777ef17
.bidswitch.net/	1970-01-20 12:22:43	Name: c Value: 1654627000
.bidswitch.net/	1970-01-20 12:22:43	Name: tuuid_lu Value: 1654627000
dmpprof.com/	1970-01-20 03:57:16	Name: enrich_data_v2_5 Value: 1654627000
dprof.site/	1970-01-20 13:37:07	Name: uid Value: bb095f35-4606-4cca-96a1-93e0ada65ae9
.uuidksinc.net/	1970-01-20 12:22:43	Name: jcsuuid Value: qHXiaQRLlqVvswQP8ubD
.taptapnetworks.com/	1970-01-20 12:22:43	Name: SONATA_ID Value: csonata_bf394b43-3e8d-4b55-afb2-156239b1e090

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://agrorek.site/D6W/p4s.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://agronomu.com/ Message: Access to XMLHttpRequest at 'https://duper8flash.com/j/5f894da7cdcdb085a8580f8b' from origin 'https://agronomu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://duper8flash.com/j/5f894da7cdcdb085a8580f8b Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://duper8flash.com/j/5f894da7cdcdb085a8580f8b Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://agronomu.com/ Message: Access to XMLHttpRequest at 'https://facmtf.com/klpl71291lvimp0y038qh876uqv786/pky8r0h35.php' from origin 'https://agronomu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://facmtf.com/klpl71291lvimp0y038qh876uqv786/pky8r0h35.php Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://agronomu.com/ Message: Access to XMLHttpRequest at 'https://relap.io/v7/relap.js' from origin 'https://agronomu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://relap.io/v7/relap.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://agronomu.com/ Message: Access to XMLHttpRequest at 'https://damskiy.xyz/v2/n/?uid=2n5w1972715z2r203yhq6y2a2b2m6w6j2w3y&vid=eex6m1l44i6y4j&sid=&wid=cc18ae7b-6310-448a-8572-aa3b1fad6da0&inw=y' from origin 'https://agronomu.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://damskiy.xyz/v2/n/?uid=2n5w1972715z2r203yhq6y2a2b2m6w6j2w3y&vid=eex6m1l44i6y4j&sid=&wid=cc18ae7b-6310-448a-8572-aa3b1fad6da0&inw=y Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-4205721341501125&fa=1&ifi=3&uci=a!3&btvi=1&xpc=F5zp0MXJbu&p=https%3A//agronomu.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
agronomu.com
agrorek.site
api.aidata.io
bid.g.doubleclick.net
cdn.hunterdelivery.com
cdn.jsdelivr.net
cm.p.altergeo.ru
csi.gstatic.com
damskiy.xyz
dayaneznayu.bid
dmpprof.com
dprof.site
duper8flash.com
facmtf.com
fonts.googleapis.com
gcdn.2mdn.net
googleads.g.doubleclick.net
hdacode.com
imasdk.googleapis.com
inv-nets.admixer.net
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pdayyocpnvh.ru
pixel.metrics0.com
prodmp.ru
r5---sn-t0a7ln7d.c.2mdn.net
relap.io
s.relap.io
s.uuidksinc.net
sjsmartcontent.org
sonata-notifications.taptapnetworks.com
sync.1dmp.io
top-fwz1.mail.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x01.aidata.io
y8lsyibocd.ru
zcode6.me
agrorek.site
damskiy.xyz
duper8flash.com
facmtf.com
relap.io
109.206.175.74
136.243.148.229
138.201.139.144
142.251.40.98
149.5.244.0
172.253.63.154
185.177.93.20
193.106.92.202
204.62.13.72
205.185.216.42
209.208.78.145
212.109.217.26
2606:4700::6810:5614
2607:f8b0:4006:807::2002
2607:f8b0:4006:807::2004
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80e::200a
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81e::200e
2607:f8b0:4006:822::2001
2607:f8b0:4006:823::200e
2607:f8b0:4020:1::a
2a00:1450:400c:c00::78
2a02:6b8::1:119
31.220.27.135
31.220.27.155
35.211.178.172
46.4.104.244
51.15.157.253
54.156.238.191
54.38.155.61
62.76.25.27
85.192.12.169
85.192.12.174
89.108.120.68
95.163.37.253
95.163.52.67
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
052d37d564f6796fd86c5d382dd5c2905669d7e9e829b737b53526cdaa3d7569
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a
0c1848a6660dd35da0ae8b410216ee43a1bb9d0d16d1509f80c33c0b59a87bf1
0d071a0882aef8e7fd1ea6605bc9b201a9ab9c0d9f9857b838339f5062d9fced
0d1107c3d0896af182a28e01e11507c65e34f1244c169b2ee8e3de85643fe89e
0d3fcd7325e0bcab5b1c8e3fa9a11ca64dab833ed7b8f3a274f87352419724ef
0fb00f2a1e3b9d30b9ad19731342999a5cfdfb0a222faf7954081036e1e0cc88
11d93737201d563bc1ecd164965f2c37372c3fe19f5d74d1ca9776900a25bbf4
121c074fb80779907ce479cfba4d18f18aef290f0e995e5040697ae0c0bc4cb0
12a7ee37dad845e2b9a9f75b3de942c79c96d3c80f215ba473024e2e2f55dd82
1635bc26e991d74529fe20db6a0e4fa4e11d1a315e4c6527e78ebe405b47dc63
18bff145633a9367a46c4aad41cfeee2bf57b638ce54c5f174a89c5925423386
19bad557a1f07a40861b40810ecf3765987fa539d2ba4c9ab5f88c8f4ce8a12a
1ce62898324b0cba820b7f85bc7ac00c1360a5613216163d36a188b5f17da117
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1de19e37d9ee4fab330156570bfa944767f181f5253945790961f2a0a17df53d
1e508a9583f7eed5aaf6ab887e2a95f01855809251830231b765a3d59e43d96c
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21bf7605643faf9544c5516cb9f15024af5e7aed9c303149b086cccd113014b6
21d4a6a0dc19cbd67363aa5db25f4a0bc2b9c5b73a2fb408369e0b32a1a51629
22b41408889baefcd3942f6b4f9ecdf10c55534e9b5e1650eab3774eb945ce04
2382d69721e5a078c59befb30b0f95d9699fb0409dbc7a22ba374df54c55d3dc
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2ea17d1fe5208a8d3e5990743cf3e898aa5df9ff4b147a2cccc76b1d45c01a0b
2ff387ac29e459bddac0990df980b3b79b81396a1ecaf8a4346024d6d12c3fc5
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3b2eb6a75b27d743f0fd21804452c3501fb44f5c5ce4849c7dfb74859f57026b
3c49e897f07d784a2d307dd4c5874e7745ab50f327d4bfe8800937293a232273
3cb6b177554f32dd4262e0467912b79667faa758004f776e0508c0d5d34c9113
4083351dd25eb586722eff713073d9fe524dc0643532a21a0a0e00875fd63ace
41a11eacd9558fcbc95dbf4e6fa5d2dc93ac5829734afb091a33fccc8fac9783
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4517a37d41dd7d3df65590c3d57091013dfad07a5545851c9b492dbf0382a972
46d02442df71cfd4c021497f4dc1d1f798d867050eb56789d649fb6e37883005
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4c691bc7f404110c2751f2308d634baab642638cec825cd8febbc2c50efbac48
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e
507cd8e1390148cea7cbec420df29d0d830540c59bbd1623a53647f979fdc242
546706e552d836ac3b3228b52e060a5b6ad332de1ff4d524701440b5ce025480
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5583cf84a1b43f05d2ce8d9d7e5ebda97a47569f326ff188835aedb9a1013c38
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b759cc16c2157df503a1319d735c12299fbe977ad36f019748e399fb8a7d81
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58b8f08c0df1e608f6d6fa1dd652bf7bb0c7e45e28ec189eb522afa6ea46f292
605767adf0943c8bc574b8042518bc36b7780bdbba8848eac86a570af6a8ff7e
617ac58eb602d4282a349d2fd8f6e265be2ae6730ee51de9dce171d0071e9812
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638f379afbc20a7ef802447e4f401fb49985ff955c27942130cebb54766f517b
6396f367761a8f2db56540e9c0bed437b0d228d988ca1727e7dc6a9d2952847e
661b0f02335a7d49c0c2ce9b256c54845669465dae2486303e64bd30c3f6dcde
68114ac7bc20a1d7bdabab644cc9ce9e378ac3080fa37af27a9a93197f6dce45
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
706cb0c82305919a6231c8f08410b0c5b2397427dbf60b24250c975d730459a4
7336c21880c16e6ec2c3c0049dce4240c224061145b34ef449d6079c9af71066
794031202ec5a26fdbf98f71649ffb499239ac1d1aec74f32937b9de1d6f2487
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c42a18efaea5fe54e627012a204680d705097313fffd5d2b5df747c0c6c80b4
7d9ad8534e58b05c9c852e431e7fa6cd11727f75d01571be3ddc18f26ee181f6
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7
7fbd3550c94b73834cc7cddd3291cc46179a30d6ad75044ab25d48d9f73c3b5b
7fc46176aca19d385f05f580a8d3c89cfcc2e0e034a13c4efe67c0b827de56e2
882ddfbfb7d1ef73035e53efedf536a7c7ffaeedb74eec23081fda22478ce7dc
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
89476849af1d9be47931a72c6c8bd4b354f9df08f09c87eacdcc54df58bb31f8
8a965d0a6c744bc0b169097c6031c050b32df171f215b7d6e92c8a1c830682a0
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ef347a69d41801a73ee4edb204a0c3b91d3dc5ad850f80dce91282c37bc84ad
9362e00b68c9e9c1f3739c1e59f26d787308971813e0216ebfb5a96a32c4eff4
944c726194a78d792ee95a4cea89781607bbc96274aa6b1cbe978d9e0d2a229c
94cee0ad0550809018cfb899722cf5adba543a93801f1e7acd9b075661ec2d07
9d6c452a536fdfa013775a63d2eb46be350945c76a727d04fd26e0f42b901168
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a345d1b8b9250ede058eb458b1a1c64e31a9d0f28b1a4530f9d449e8137a87c2
a3f7499ab61145e04d792d652b0aedba913fa375f4c8caf570f77bffe444d266
a4848269df5a864eec63b65bb7ac36cbb692f0281b4bca2d7a7780ecf45a95ba
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18ef9aa75fdf863a66cbea2fc95e512044fc91fb46169797e677dd6549092e1
b1f1fd543e14c5e19e810309bcbfd30a35c551d3b6bb0acc4cf642d00c1fdb16
b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a
b25422bf8e1858e982990bdac03f33541f68f82cfd4575e6baae09d667709189
b26a65df18570a2c19ab2064a241b79de1bfe3d53480644f3d4bd54f4697c208
bfc504d945f07868e152703d27047de3ca4c361f9756274b0606bc0727cbe852
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c28997e16f0bf987fb031b9f7bf5d5fbadb58fdfee8ad36eb67cc0a6aaca3b2c
c298338a1b13f198bf17a21158b47d1802f019be53a4d301281cfb44e9f481cd
cac8981ca0d64e8ec93ba0db55720e1a29eef4d92d65972d13ee7771896b2b39
cef4579d8f44b820bd5b78d0a30f2b5aa2e79617e918e8e4516a7dc67d3bf181
cfdbe54928667ea197ecffff1d8c0f139b873952d1507626b9745c4224662d91
d65c01ab7c6f5d91d35d627b99f59a547535f0dd5d4751ca33c98d95599d250d
d8fc1ec6416aa2384a359a8b4c6c14968fafdc74f76bf8c886e226f6ccd85594
daa4793337c323d07b0560c9b04cd80d5a9885ed7564a729937a93a0fe20cf57
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd6f019ac3bd35b8404777a54ad878b633102b9b52496387997cdd3090584760
de84e217abb7ead0e28d3175eae9f1187cc9a6ac93de7711c4ca14a118809778
defddd8719fc95eca8b972c4f9b794fd92150c4142486ac6427585474a653277
e0cb408b2952825bba33103db359fc4080a13be643ac4bdbfef9d8fd5bf7e74b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68c33fb5f8a66f84991bf75b93ab46a4ed8668da4f987317baaac0a1e33f8fa
e92eb6631a08f72f7e57134170e24e234d5614a9e431aa96f4534994b9c0d484
e93f278eca4323156ede9ab0508914531f7216ec0cab8311d372624cfc25c369
ec4d58c2fff808babcd49d48e343713376c34209037ce54a6de9f370e79450b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8b4f79cf2db6f82a668aad6bfec55bf0068a027d961d02ddda92cade125dc8
f0d5323943d0878cc8ea0b9b4e303c01e91aa6410f2cdaea46d7086a7fdb6c20
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f25e389a85477139279211f73648d4a8d061504bf9a82d7fc0846fa584289920
f503aff545705ce80f1733c84a5597a161f21eb8cdf159822dbdea84b127e700
f99a6f5cf6ad4e8a2f58386c25300682f28f004638a87693313dca10f8e797d1
fb51d4b2c515010594393b8bbb1cb619598837c2a3a4663b080433cb6f917fdc
fc7de1375542053864ae973f2a988f5e2b3980b049b366cd03cedbe995f805ee
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f

agronomu.com Open in urlscan Pro 54.38.155.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

164 Requests

88 %HTTPS

38 %IPv6

38 Domains

46 Subdomains

37 IPs

7 Countries

5774 kBTransfer

9273 kBSize

54 Cookies

5 Outgoing links

Page URL History

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

agronomu.com Open in urlscan Pro
54.38.155.61 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

88 %
HTTPS

38 %
IPv6

38
Domains

46
Subdomains

37
IPs

7
Countries

5774 kB
Transfer

9273 kB
Size

54
Cookies

164 HTTP transactions
0 data transactions