winintro.ru Open in urlscan Pro
188.40.254.211  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

• https://www.acint.net/mc/?dp=10 HTTP 302
• https://www.acint.net/mc/?dp=10&tc=1

Request Chain 18

• https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FBD154C610406AA920245AA1F HTTP 302
• https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FBD154C610406AA920245AA1F&crf=1

Request Chain 19

• https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
• https://acint.net/match?dp=14&euid=0100007FBD154C614400E87302253414

Request Chain 20

• https://px.adhigh.net/p/cm/sape?u=0100007FBD154C610406AA920245AA1F HTTP 302
• https://px.adhigh.net/p/cm/sape?u=0100007FBD154C610406AA920245AA1F&bounced=1 HTTP 302
• https://acint.net/match?dp=17&euid=uLzgaY1yrABv.AikABlF8ETTryA

Request Chain 22

• https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
• https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6264276620 HTTP 302
• https://www.acint.net/rmatch?dp=45&euid=AV2EH5UgF5Ihv84CQbS47EQ&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
• https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FBD154C610406AA920245AA1F

Request Chain 24

• https://sync.republer.com/match?dsp=sape HTTP 307
• https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
• https://sync.bumlam.com/?src=rp1&uid=7bced024-ff99-4d55-938e-d92376a01b80 HTTP 302
• https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi9q7CKBlIEioaQK2IkN2JjZWQwMjQtZmY5OS00ZDU1LTkzOGUtZDkyMzc2YTAxYjgw HTTP 302
• https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi9q7CKBlIEioaQK2IkN2JjZWQwMjQtZmY5OS00ZDU1LTkzOGUtZDkyMzc2YTAxYjgwogEQNtBokBwyEeyG4AAlkMBkfA** HTTP 302
• https://sync.bumlam.com/?src=rp1&s_data=CAIQABi9q7CKBmIkN2JjZWQwMjQtZmY5OS00ZDU1LTkzOGUtZDkyMzc2YTAxYjgwogEQNtBokBwyEeyG4AAlkMBkfA** HTTP 302
• https://sync.bumlam.com/?src=rp1&s_data=CAIQARi9q7CKBmIkN2JjZWQwMjQtZmY5OS00ZDU1LTkzOGUtZDkyMzc2YTAxYjgwogEQNtBokBwyEeyG4AAlkMBkfA**

Request Chain 28

• https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf70VTGEEBqqSAkWqHw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf70VTGEEBqqSAkWqHw&google_tc= HTTP 302
• https://www.acint.net/match?dp=77&euid=

Request Chain 29

• https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FBD154C610406AA920245AA1F HTTP 302
• https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FBD154C610406AA920245AA1F

Request Chain 32

• https://adx.com.ru/sape-sync?uid=0100007FBD154C610406AA920245AA1F HTTP 302
• https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FBD154C610406AA920245AA1F HTTP 302
• https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=614c15bda897d8ae628fac3c&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D614c15bda897d8ae628fac3c%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D614c15bda897d8ae628fac3c%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
• https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=614c15bda897d8ae628fac3c&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D614c15bda897d8ae628fac3c%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D614c15bda897d8ae628fac3c%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D&cs=1 HTTP 302
• https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D614c15bda897d8ae628fac3c%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D614c15bda897d8ae628fac3c%252526dest%25253D%26webouid%3D{WEBO_CID} HTTP 302
• https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D614c15bda897d8ae628fac3c%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D614c15bda897d8ae628fac3c%252526dest%25253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=1206084164 HTTP 302
• https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D614c15bda897d8ae628fac3c%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D614c15bda897d8ae628fac3c%2526dest%253D&webouid=zAnIXd08/y.34d/WSQrNne HTTP 302
• https://prodmp.ru/yabbi.gif?uid=614c15bda897d8ae628fac3c&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D614c15bda897d8ae628fac3c%26dest%3D HTTP 302
• https://x01.aidata.io/0.gif?pid=9712851&id=614c15bda897d8ae628fac3c&dest=

Request Chain 33

• https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FBD154C610406AA920245AA1F HTTP 302
• https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FBD154C610406AA920245AA1F&cs=1

Request Chain 34

• https://sape-sync.rutarget.ru/sync HTTP 302
• https://www.acint.net/match?dp=104&euid=j6QLU8D33SBy

Request Chain 35

• https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
• https://acint.net/match?dp=107&euid=172f850c-4c00-510a-b03b-f110d177e4ad

Request Chain 36

• https://0100007fbd154c610406aa920245aa1f-sp.ops.beeline.ru/p?ssp=sp&id=0100007FBD154C610406AA920245AA1F HTTP 301
• https://www.acint.net/match?dp=111&euid=940f0ba1-f6e2-4b03-8800-4a74aee3cb67

Request Chain 37

• https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FBD154C610406AA920245AA1F HTTP 302
• https://sm.rtb.mts.ru/p?ssp=natimatica&id=94b257ade5f4a74f5cd510ae97c8346619db HTTP 301
• https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dbbe5788c-e1ed-418a-be98-f7765575c229&ssp=natimatica&exu=94b257ade5f4a74f5cd510ae97c8346619db HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=bbe5788c-e1ed-418a-be98-f7765575c229&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2Fu-V4jOHtQYq-mPd2VXXCKQ%3Flocation%3Dhttps%253A%252F%252Fut.rktch.com%252Fmatchsbm%253Fbi%253D29%2526bui%253Dbbe5788c-e1ed-418a-be98-f7765575c229%26sign%3D2493272496 HTTP 302
• https://an.yandex.ru/setud/mts_banner/u-V4jOHtQYq-mPd2VXXCKQ?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dbbe5788c-e1ed-418a-be98-f7765575c229&sign=2493272496 HTTP 302
• https://ut.rktch.com/matchsbm?bi=29&bui=bbe5788c-e1ed-418a-be98-f7765575c229

Request Chain 38

• https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FBD154C610406AA920245AA1F HTTP 301
• https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3Dbbe5788c-e1ed-418a-be98-f7765575c229&ssp=sape&exu=0100007FBD154C610406AA920245AA1F HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=bbe5788c-e1ed-418a-be98-f7765575c229&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2Fu-V4jOHtQYq-mPd2VXXCKQ%3Flocation%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D125%2526euid%253Dbbe5788c-e1ed-418a-be98-f7765575c229%26sign%3D2006731059 HTTP 302
• https://an.yandex.ru/setud/mts_banner/u-V4jOHtQYq-mPd2VXXCKQ?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3Dbbe5788c-e1ed-418a-be98-f7765575c229&sign=2006731059 HTTP 302
• https://www.acint.net/match?dp=125&euid=bbe5788c-e1ed-418a-be98-f7765575c229

Request Chain 39

• https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
• https://www.acint.net/match?dp=126&euid=27461558-c33e-44c7-4fab-2d9b24acdc5f

Request Chain 40

• https://s.uuidksinc.net/match/396/0100007FBD154C610406AA920245AA1F HTTP 302
• https://www.acint.net/match?dp=127&euid=6RrzwIvOGK4Cp2AgMmeH

Request Chain 43

• https://x01.aidata.io/0.gif?pid=9401454&id=0100007FBD154C610406AA920245AA1F HTTP 302
• https://x01.aidata.io/0.gif?pid=9401454&id=0100007FBD154C610406AA920245AA1F&bounce=1 HTTP 302
• https://sm.rtb.mts.ru/p?ssp=aidata&id=yTGOyZFBSPqOfN2EJISNpA HTTP 301
• https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528&ssp=aidata&exu=yTGOyZFBSPqOfN2EJISNpA HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=bbe5788c-e1ed-418a-be98-f7765575c229&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528 HTTP 302
• https://x01.aidata.io/0.gif?pid=9503528

Request Chain 45

• https://an.yandex.ru/mapuid/sapeis/0100007FBD154C610406AA920245AA1F HTTP 302
• https://an.yandex.ru/mapuid/sapeis/0100007FBD154C610406AA920245AA1F?redir-setuniq=1

Request Chain 62

• https://dmg.digitaltarget.ru/1/1093/i/i?i=970912824012899.138707925484088&a=77&e=0100007FBD154C610406AA920245AA1F&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FBD154C610406AA920245AA1F.sync:up.xdua:dus5awmgv7VrWQRlcxNu9rF4.xps:xps0dJc_sl6l_ZGDYHW94bOLu.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=970912824012899.138707925484088&a=77&e=0100007FBD154C610406AA920245AA1F&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FBD154C610406AA920245AA1F.sync:up.xdua:dus5awmgv7VrWQRlcxNu9rF4.xps:xps0dJc_sl6l_ZGDYHW94bOLu.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 63

• https://dmg.digitaltarget.ru/1/1093/i/i?i=970912824012899.218373440984996&a=77&e=0100007FBD154C610406AA920245AA1F&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FBD154C610406AA920245AA1F.sync:up.xdua:dus5awmgv7VrWQRlcxNu9rF4.xps:xps0dJc_sl6l_ZGDYHW94bOLu.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=970912824012899.218373440984996&a=77&e=0100007FBD154C610406AA920245AA1F&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FBD154C610406AA920245AA1F.sync:up.xdua:dus5awmgv7VrWQRlcxNu9rF4.xps:xps0dJc_sl6l_ZGDYHW94bOLu.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Request Chain 76

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm Show response winintro.ru/ts_license.en/html/	10 KB 3 KB	90ms 19ms	Document text/html	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 6372b5a0a1c2def91bbcbd1d43fe70ee326e954959859a2cd4e770071a863112 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority winintro.ru :scheme https :path /ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Thu, 23 Sep 2021 05:50:53 GMT content-type text/html vary Accept-Encoding x-xss-protection 1; mode=block x-content-type-options nosniff x-nginx-cache-status MISS x-server-powered-by Engintron content-encoding gzip
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	140 KB 49 KB	121ms 61ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: winintro.ru URL: https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash cc113c31495442d7ad8585a81b920b2c65e8d115e1ef498ac771b473aa4a0763 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49215 x-xss-protection 0 server cafe etag 4333501158722994266 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 23 Sep 2021 05:50:53 GMT
GET H2	200	classic.css winintro.ru/ts_license.en/local/	7 KB 2 KB	27ms 26ms	Stylesheet text/css	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://winintro.ru/ts_license.en/local/classic.css Requested by Host: winintro.ru URL: https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 47238430d0e20fbcd00d8eea8ddbedf4086cf6896a4abd965a9974fe58c17fda Request headers :path /ts_license.en/local/classic.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority winintro.ru referer https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip last-modified Mon, 10 Dec 2018 17:00:57 GMT server nginx vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Sat, 23 Oct 2021 05:50:53 GMT
GET H2	200	script.js Show response winintro.ru/ts_license.en/local/	3 KB 1 KB	27ms 26ms	Script application/javascript	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://winintro.ru/ts_license.en/local/script.js Requested by Host: winintro.ru URL: https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 081c33c0da3ab6007f41ae4283c44749c3372bc4232b16dcba4fc9aad4cae0ba Request headers :path /ts_license.en/local/script.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority winintro.ru referer https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip last-modified Mon, 10 Dec 2018 17:00:58 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Sat, 23 Oct 2021 05:50:53 GMT
GET H2	200	helpindex.css winintro.ru/files/	344 B 323 B	12ms 11ms	Stylesheet text/css	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://winintro.ru/files/helpindex.css Requested by Host: winintro.ru URL: https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash e731c18f5159e2612625f471352650417c4557851c7518a28a76a5bc6896f1b6 Request headers :path /files/helpindex.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority winintro.ru referer https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip last-modified Mon, 11 Jul 2016 10:36:53 GMT server nginx vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Sat, 23 Oct 2021 05:50:53 GMT
GET H2	200	supply.js Show response winintro.ru/files/	1 KB 789 B	26ms 25ms	Script application/javascript	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://winintro.ru/files/supply.js Requested by Host: winintro.ru URL: https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 1760913995b66a76e5facdf0a4411def6cb9b0af39647dc3f9f868b0309600dc Request headers :path /files/supply.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority winintro.ru referer https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip last-modified Mon, 11 Jul 2016 10:36:54 GMT server nginx vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Sat, 23 Oct 2021 05:50:53 GMT
GET H2	200	ext-all.css winintro.ru/files/	128 KB 21 KB	25ms 25ms	Stylesheet text/css	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://winintro.ru/files/ext-all.css Requested by Host: winintro.ru URL: https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 72b66ab91dc450174e84481b9be276bd2edaa80b5ffb9628e48d503ebe43a190 Request headers :path /files/ext-all.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority winintro.ru referer https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip last-modified Mon, 11 Jul 2016 10:36:53 GMT server nginx vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Sat, 23 Oct 2021 05:50:53 GMT
GET H2	200	important.gif winintro.ru/ts_license.en/local/	577 B 765 B	15ms 15ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/ts_license.en/local/important.gif Requested by Host: winintro.ru URL: https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash c256d732536d946b6c9c82f66e5493c5b75f73b98d8b2c0aec59b6153db8d37e Request headers :path /ts_license.en/local/important.gif pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority winintro.ru referer https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 10 Dec 2018 17:00:57 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 577 expires Mon, 22 Nov 2021 05:50:53 GMT
GET H2	200	aci.js Show response www.acint.net/	21 KB 7 KB	49ms 11ms	Script application/x-javascript	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.acint.net/aci.js Requested by Host: winintro.ru URL: https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash 8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip last-modified Sat, 02 Jan 2021 18:29:12 GMT server openresty etag "5ff0bb78-1baf" content-type application/x-javascript cache-control max-age=43200 content-length 7087 expires Thu, 23 Sep 2021 17:50:53 GMT
GET H2	200	bg.gif winintro.ru/files/images/default/toolbar/	904 B 1 KB	11ms 11ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/images/default/toolbar/bg.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/ext-all.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 36780f98ed7f7e302c2f31fd7efeb7cc75212ac281935245950e125545350e6a Request headers :path /files/images/default/toolbar/bg.gif pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority winintro.ru referer https://winintro.ru/files/ext-all.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/ext-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 11 Jul 2016 10:37:13 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 904 expires Mon, 22 Nov 2021 05:50:53 GMT
GET H2	200	btn.gif winintro.ru/files/images/default/button/	4 KB 4 KB	11ms 11ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/images/default/button/btn.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/ext-all.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 9aacc2855086ee500f5540bcee08d1c840388740f526c46cf001215406a4ea73 Request headers :path /files/images/default/button/btn.gif pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority winintro.ru referer https://winintro.ru/files/ext-all.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/ext-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 11 Jul 2016 10:36:57 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 4298 expires Mon, 22 Nov 2021 05:50:53 GMT
GET H2	200	home.png winintro.ru/files/images/	1 KB 1 KB	11ms 11ms	Image image/png	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/images/home.png Requested by Host: winintro.ru URL: https://winintro.ru/files/ext-all.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash c355ffcc9212b68d0ed1c0f9b0bd71f04e3c0e63380f7d8d4a2a1b25c187e33d Request headers :path /files/images/home.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority winintro.ru referer https://winintro.ru/files/ext-all.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/ext-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 11 Jul 2016 10:36:54 GMT server nginx content-type image/png cache-control max-age=5184000 accept-ranges bytes content-length 1110 expires Mon, 22 Nov 2021 05:50:53 GMT
GET H2	200	grid-blue-split.gif winintro.ru/files/images/default/grid/	817 B 996 B	11ms 11ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/images/default/grid/grid-blue-split.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/ext-all.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 2bd24bc7b4e2dce53d91e3bc73d5f4221fe0b503a3112fa4c669e925d43bd492 Request headers :path /files/images/default/grid/grid-blue-split.gif pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority winintro.ru referer https://winintro.ru/files/ext-all.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/ext-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 11 Jul 2016 10:37:01 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 817 expires Mon, 22 Nov 2021 05:50:53 GMT
GET H2	200	toc-panel.gif winintro.ru/files/images/	954 B 1 KB	11ms 11ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/images/toc-panel.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/ext-all.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash a2443661ae0052510d51ee22c86e1c3f30710321ba290e1646dec8385a30b662 Request headers :path /files/images/toc-panel.gif pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority winintro.ru referer https://winintro.ru/files/ext-all.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/ext-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 11 Jul 2016 10:36:55 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 954 expires Mon, 22 Nov 2021 05:50:53 GMT
GET H2	200	print.gif winintro.ru/files/images/	1 KB 1 KB	11ms 11ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/images/print.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/ext-all.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash a66544185c20f7430404c1d80a098c56d4ae601bc599dda2bc174b1ce63102ee Request headers :path /files/images/print.gif pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority winintro.ru referer https://winintro.ru/files/ext-all.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/ext-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 11 Jul 2016 10:36:55 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 1032 expires Mon, 22 Nov 2021 05:50:53 GMT
GET H2	200	back.gif winintro.ru/files/	316 B 495 B	11ms 10ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/back.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/helpindex.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash b1b06c998a944f9ceb56a2365ac540689e452426705b64713079e025e239dd2c Request headers :path /files/back.gif pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority winintro.ru referer https://winintro.ru/files/helpindex.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/helpindex.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 11 Jul 2016 10:36:53 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 316 expires Mon, 22 Nov 2021 05:50:53 GMT
GET H2	200	next.gif winintro.ru/files/	314 B 493 B	11ms 11ms	Image image/gif	188.40.254.211 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://winintro.ru/files/next.gif Requested by Host: winintro.ru URL: https://winintro.ru/files/helpindex.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cpanel10.coopertino.ru Software nginx / Resource Hash 05d61be961acfeaa4a89652e171975c47ca4495c062514cd4d872445c16c1db5 Request headers :path /files/next.gif pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority winintro.ru referer https://winintro.ru/files/helpindex.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/files/helpindex.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma public date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 11 Jul 2016 10:36:53 GMT server nginx content-type image/gif cache-control max-age=5184000 accept-ranges bytes content-length 314 expires Mon, 22 Nov 2021 05:50:53 GMT
GET H2	200	/ Show response www.acint.net/mc/ Frame B976 Redirect Chain https://www.acint.net/mc/?dp=10 https://www.acint.net/mc/?dp=10&tc=1	3 KB 4 KB	11ms 11ms	Document text/html	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.acint.net/mc/?dp=10&tc=1 Requested by Host: www.acint.net URL: https://www.acint.net/aci.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash a5567a902c713f254b4eb07e97627eb0e330c72b8b6e54d68b767e978c59dc96 Request headers :method GET :authority www.acint.net :scheme https :path /mc/?dp=10&tc=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://winintro.ru/ accept-encoding gzip, deflate, br cookie test_cookie=CheckForPermission; aid=fwAAAWFMFb2SqgYEH6pFAkWXLt0jFujikfk9J8IWXsQ0f1DQ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers server openresty date Thu, 23 Sep 2021 05:50:53 GMT content-type text/html set-cookie cSyncDp7v2=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1632376253; expires=Fri, 24-Sep-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp53=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1632376253; expires=Thu, 07-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1632376253; expires=Thu, 07-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1632376253; expires=Thu, 07-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp149=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp151=1632376253; expires=Sat, 23-Oct-21 05:50:53 GMT; path=/; Secure; SameSite=None; domain=.acint.net p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" content-encoding gzip Redirect headers server openresty date Thu, 23 Sep 2021 05:50:53 GMT content-type text/html content-length 154 set-cookie test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 23-Sep-21 06:00:53 GMT aid=fwAAAWFMFb2SqgYEH6pFAkWXLt0jFujikfk9J8IWXsQ0f1DQ; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None location /mc/?dp=10&tc=1
GET H2	200	/ www.acint.net/hit/	43 B 340 B	11ms 11ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/hit/?v=0.3.0&uid=8389347a-aa98-474e-b97d-e06c362b7bb4&dp=10&tz=%2B00%3A00&nc=90781420&u=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&r=&rs=1600x1200&t=Microsoft%20Clearinghouse&oE=1&oP=1&dT=2021-09-23T05%3A50%3A53.172&fu=16ccd6ce-166d-4ca2-ac01-813835887006 Requested by Host: winintro.ru URL: https://winintro.ru/ts_license.en/html/83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	match ads.betweendigital.com/ Frame B976 Redirect Chain https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FBD154C610406AA920245AA1F https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FBD154C610406AA920245AA1F&crf=1	68 B 607 B	66ms 65ms	Image image/png	88.212.252.2 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FBD154C610406AA920245AA1F&crf=1 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png Redirect headers location /match?bidder_id=73&external_user_id=0100007FBD154C610406AA920245AA1F&crf=1 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H2	200	match acint.net/ Frame B976 Redirect Chain https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D https://acint.net/match?dp=14&euid=0100007FBD154C614400E87302253414	43 B 270 B	48ms 11ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://acint.net/match?dp=14&euid=0100007FBD154C614400E87302253414 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers Date Thu, 23 Sep 2021 05:50:53 GMT Server openresty P3P CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" Location https://acint.net/match?dp=14&euid=0100007FBD154C614400E87302253414 Cache-Control private, no-cache, no-store, must-revalidate, max-age=0 Connection keep-alive Content-Type text/html Content-Length 142 Expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	match acint.net/ Frame B976 Redirect Chain https://px.adhigh.net/p/cm/sape?u=0100007FBD154C610406AA920245AA1F https://px.adhigh.net/p/cm/sape?u=0100007FBD154C610406AA920245AA1F&bounced=1 https://acint.net/match?dp=17&euid=uLzgaY1yrABv.AikABlF8ETTryA	43 B 269 B	11ms 11ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://acint.net/match?dp=17&euid=uLzgaY1yrABv.AikABlF8ETTryA Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers pragma no-cache date Thu, 23 Sep 2021 05:50:53 GMT server nginx access-control-allow-origin * x-backend-id f4-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://acint.net/match?dp=17&euid=uLzgaY1yrABv.AikABlF8ETTryA cache-control no-cache, no-store access-control-allow-credentials true content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	cm.gif ad.mail.ru/ Frame B976	43 B 544 B	164ms 52ms	Image image/gif	94.100.180.197 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://ad.mail.ru/cm.gif?p=48&id=0100007FBD154C610406AA920245AA1F Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 94.100.180.197 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS r.mail.ru Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT last-modified Thu, 23 Sep 2021 05:50:53 GMT server nginx cross-origin-opener-policy same-origin cross-origin-embedder-policy require-corp content-type image/gif cache-control max-age=21600 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 43 expires Thu, 23 Sep 2021 11:50:53 GMT
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame B976 Redirect Chain https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6264276620 https://www.acint.net/rmatch?dp=45&euid=AV2EH5UgF5Ihv84CQbS47EQ&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FBD154C610406AA920245AA1F	42 B 201 B	184ms 65ms	Image image/gif	81.222.128.215 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FBD154C610406AA920245AA1F Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad15.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Thu, 23 Sep 2021 05:50:53 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif Redirect headers date Thu, 23 Sep 2021 05:50:53 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" location https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FBD154C610406AA920245AA1F cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type text/html content-length 154 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	204	sync a.utraff.com/ Frame B976	0 809 B	105ms 54ms	Image text/plain	172.67.73.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.utraff.com/sync?ssp=sape Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.73.117 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin access-control-allow-methods GET, POST, OPTIONS content-type text/plain report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjG2FXuuXa%2FUbUh1VFN20hCi0aVY5FzOX3zRMUyEZVRSKgaBS1pR21KoFasiURjPDbuUf%2BXdvYvE%2BYwW3D%2BOEKcgciyctNlW32kGFqHLyp1%2FAFgUPtMcnJ8%2B18OJow%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials true cf-ray 69317f7f0e3839e1-CDG access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
GET H/1.1	200 OK	/ sync.bumlam.com/ Frame B976 Redirect Chain https://sync.republer.com/match?dsp=sape https://sync.republer.com/match?dsp=sape&qset=1 https://sync.bumlam.com/?src=rp1&uid=7bced024-ff99-4d55-938e-d92376a01b80 https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi9q7CKBlIEioaQK2IkN2JjZWQwMjQtZmY5OS00ZDU1LTkzOGUtZDkyMzc2YTAxYjgw https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi9q7CKBlIEioaQK2IkN2JjZWQwMjQtZmY5OS00ZDU1LTkzOGUtZDkyMzc2YTAxYjgwogEQNtBokBwyEeyG4AAlkMBkfA** https://sync.bumlam.com/?src=rp1&s_data=CAIQABi9q7CKBmIkN2JjZWQwMjQtZmY5OS00ZDU1LTkzOGUtZDkyMzc2YTAxYjgwogEQNtBokBwyEeyG4AAlkMBkfA** https://sync.bumlam.com/?src=rp1&s_data=CAIQARi9q7CKBmIkN2JjZWQwMjQtZmY5OS00ZDU1LTkzOGUtZDkyMzc2YTAxYjgwogEQNtBokBwyEeyG4AAlkMBkfA**	43 B 552 B	6ms 6ms	Image image/gif	31.172.81.158 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bumlam.com/?src=rp1&s_data=CAIQARi9q7CKBmIkN2JjZWQwMjQtZmY5OS00ZDU1LTkzOGUtZDkyMzc2YTAxYjgwogEQNtBokBwyEeyG4AAlkMBkfA** Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Thu, 23 Sep 2021 05:50:53 GMT Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Server nginx Connection keep-alive Content-Type image/gif Content-Length 43 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Redirect headers Date Thu, 23 Sep 2021 05:50:53 GMT Server nginx ETag 36d06890-1c32-11ec-86e0-002590c0647c P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Location //sync.bumlam.com/?src=rp1&s_data=CAIQARi9q7CKBmIkN2JjZWQwMjQtZmY5OS00ZDU1LTkzOGUtZDkyMzc2YTAxYjgwogEQNtBokBwyEeyG4AAlkMBkfA** Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Connection keep-alive Content-Length 0
GET H2	204	match dm.hybrid.ai/ Frame B976	0 238 B	125ms 39ms	Image text/plain	37.18.16.23 HYBRID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dm.hybrid.ai/match?id=106&vid=0100007FBD154C610406AA920245AA1F Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Thu, 23 Sep 2021 05:50:53 GMT server Hybrid Web Server p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" access-control-allow-origin * cache-control no-cache, no-store x-mode 111 x-xss-protection 1; mode=block expires -1
GET H/1.1	200 OK	adcm.js Show response tag.digitaltarget.ru/ Frame B976	3 KB 3 KB	165ms 46ms	Script application/javascript	185.15.175.159 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Full URL https://tag.digitaltarget.ru/adcm.js Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Thu, 23 Sep 2021 05:50:53 GMT Last-Modified Mon, 06 Sep 2021 15:25:36 GMT Server nginx ETag "613632f0-c11" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 3089
GET H2	204	sape sync.dmp.otm-r.com/match/ Frame B976	0 70 B	63ms 10ms	Image text/plain	159.69.59.100 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.dmp.otm-r.com/match/sape?id=0100007FBD154C610406AA920245AA1F Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.69.59.100 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.100.59.69.159.clients.your-server.de Software nginx/1.17.10 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers access-control-allow-origin * date Thu, 23 Sep 2021 05:50:53 GMT server nginx/1.17.10
GET H2	200	match www.acint.net/ Frame B976 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf70VTGEEBqqSAkWqHw https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf70VTGEEBqqSAkWqHw&google_tc= https://www.acint.net/match?dp=77&euid=	43 B 269 B	11ms 10ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=77&euid= Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers pragma no-cache date Thu, 23 Sep 2021 05:50:53 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://www.acint.net/match?dp=77&euid= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 240 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ adlmerge.com/merge_gpsid/ Frame B976 Redirect Chain https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FBD154C610406AA920245AA1F https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FBD154C610406AA920245AA1F	43 B 117 B	73ms 19ms	Image image/gif	95.211.66.35 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FBD154C610406AA920245AA1F Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS hosted-by.leaseweb.com Software nginx/1.16.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers iseu noneu server nginx/1.16.0 date Thu, 23 Sep 2021 05:50:53 GMT content-type image/gif Redirect headers location //adlmerge.com/merge_gpsid/?sid=50&id=0100007FBD154C610406AA920245AA1F date Thu, 23 Sep 2021 05:46:36 GMT server nginx content-length 0
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame B976	42 B 201 B	274ms 65ms	Image image/gif	81.222.128.215 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FBD154C610406AA920245AA1F Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad15.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Thu, 23 Sep 2021 05:50:53 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET H2	200	sprcs relap.io/partners/ Frame B976	43 B 985 B	191ms 46ms	Image image/gif	95.163.37.253 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://relap.io/partners/sprcs?uid=0100007FBD154C610406AA920245AA1F Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS relap.io Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Thu, 23 Sep 2021 05:50:53 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=5184000; includeSubdomains; content-type image/gif cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-server back24 content-length 43 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H2	204	0.gif x01.aidata.io/ Frame B976 Redirect Chain https://adx.com.ru/sape-sync?uid=0100007FBD154C610406AA920245AA1F https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FBD154C610406AA920245AA1F https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=614c15bda897d8ae628fac3c&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru... https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=614c15bda897d8ae628fac3c&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru... https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D614c15bda897d8ae628fac3c%2526r%253Dhttps%25253A... https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D614c15bda897d8ae628fac3c%2526r%253Dhttps%25253A... https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D614c15bda897d8ae628fac3c%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D614c15bda8... https://prodmp.ru/yabbi.gif?uid=614c15bda897d8ae628fac3c&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D614c15bda897d8ae628fac3c%26dest%3D https://x01.aidata.io/0.gif?pid=9712851&id=614c15bda897d8ae628fac3c&dest=	0 434 B	60ms 60ms	Image text/plain	89.108.119.43 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://x01.aidata.io/0.gif?pid=9712851&id=614c15bda897d8ae628fac3c&dest= Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d51370.reg.regrucolo.ru Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Thu, 23 Sep 2021 05:50:53 GMT last-modified Thu, 23 Sep 2021 05:50:52 GMT server nginx access-control-allow-methods GET, POST p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 expires Thu, 23 Sep 2021 05:50:52 GMT Redirect headers location https://x01.aidata.io/0.gif?pid=9712851&id=614c15bda897d8ae628fac3c&dest= date Thu, 23 Sep 2021 05:50:53 GMT access-control-allow-credentials true server nginx content-type image/gif content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	pixel.gif sync.1dmp.io/ Frame B976 Redirect Chain https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FBD154C610406AA920245AA1F https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FBD154C610406AA920245AA1F&cs=1	35 B 376 B	32ms 31ms	Image image/gif	95.216.101.186 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FBD154C610406AA920245AA1F&cs=1 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.216.101.186 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.186.101.216.95.clients.your-server.de Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT cache-control private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate server nginx content-type image/gif content-length 35 expires 0 Redirect headers location /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FBD154C610406AA920245AA1F&cs=1 date Thu, 23 Sep 2021 05:50:53 GMT cache-control private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate server nginx content-length 0 expires 0
GET H2	200	match www.acint.net/ Frame B976 Redirect Chain https://sape-sync.rutarget.ru/sync https://www.acint.net/match?dp=104&euid=j6QLU8D33SBy	43 B 269 B	11ms 11ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=104&euid=j6QLU8D33SBy Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers Location https://www.acint.net/match?dp=104&euid=j6QLU8D33SBy Date Thu, 23 Sep 2021 05:50:53 GMT Server nginx Connection keep-alive Content-Length 0 P3P CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
GET H2	200	match acint.net/ Frame B976 Redirect Chain https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D https://acint.net/match?dp=107&euid=172f850c-4c00-510a-b03b-f110d177e4ad	43 B 269 B	12ms 11ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://acint.net/match?dp=107&euid=172f850c-4c00-510a-b03b-f110d177e4ad Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers location https://acint.net/match?dp=107&euid=172f850c-4c00-510a-b03b-f110d177e4ad cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H2	200	match www.acint.net/ Frame B976 Redirect Chain https://0100007fbd154c610406aa920245aa1f-sp.ops.beeline.ru/p?ssp=sp&id=0100007FBD154C610406AA920245AA1F https://www.acint.net/match?dp=111&euid=940f0ba1-f6e2-4b03-8800-4a74aee3cb67	43 B 269 B	11ms 11ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=111&euid=940f0ba1-f6e2-4b03-8800-4a74aee3cb67 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers date Thu, 23 Sep 2021 05:50:53 GMT x-route http://upstream_cookiesync server nginx location https://www.acint.net/match?dp=111&euid=940f0ba1-f6e2-4b03-8800-4a74aee3cb67 access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE access-control-allow-origin * cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true, true x-host 192.168.152.31 access-control-allow-headers authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	matchsbm ut.rktch.com/ Frame B976 Redirect Chain https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FBD154C610406AA920245AA1F https://sm.rtb.mts.ru/p?ssp=natimatica&id=94b257ade5f4a74f5cd510ae97c8346619db https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dbbe5788c-e1ed-418a-be98-f7765575c229&ssp=natimatica&exu=94b257ade5f4a74f5cd510ae97c8346619db https://tech.rtb.mts.ru/?dsp_uid=bbe5788c-e1ed-418a-be98-f7765575c229&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2Fu-V4jOHtQYq-mPd2VXXCKQ%3Flocation%3Dhttps%253A%252F%252Fut.rktch.c... https://an.yandex.ru/setud/mts_banner/u-V4jOHtQYq-mPd2VXXCKQ?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dbbe5788c-e1ed-418a-be98-f7765575c229&sign=2493272496 https://ut.rktch.com/matchsbm?bi=29&bui=bbe5788c-e1ed-418a-be98-f7765575c229	88 B 88 B	60ms 59ms	Image image/png	89.108.97.2 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://ut.rktch.com/matchsbm?bi=29&bui=bbe5788c-e1ed-418a-be98-f7765575c229 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d50603.reg.regrucolo.ru Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Thu, 23 Sep 2021 05:50:53 GMT Server nginx/1.18.0 Access-Control-Allow-Methods GET, POST, PATCH, PUT, DELETE, OPTIONS Content-Type image/png Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Content-Type, Accept, Authorization Content-Length 88 Redirect headers pragma no-cache date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip last-modified Thu, 23 Sep 2021 05:50:53 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://ut.rktch.com/matchsbm?bi=29&bui=bbe5788c-e1ed-418a-be98-f7765575c229 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Sep 2021 05:50:53 GMT
GET H2	200	match www.acint.net/ Frame B976 Redirect Chain https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FBD154C610406AA920245AA1F https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3Dbbe5788c-e1ed-418a-be98-f7765575c229&ssp=sape&exu=0100007FBD154C610406AA920245AA1F https://tech.rtb.mts.ru/?dsp_uid=bbe5788c-e1ed-418a-be98-f7765575c229&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2Fu-V4jOHtQYq-mPd2VXXCKQ%3Flocation%3Dhttps%253A%252F%252Fwww.acint.... https://an.yandex.ru/setud/mts_banner/u-V4jOHtQYq-mPd2VXXCKQ?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3Dbbe5788c-e1ed-418a-be98-f7765575c229&sign=2006731059 https://www.acint.net/match?dp=125&euid=bbe5788c-e1ed-418a-be98-f7765575c229	43 B 269 B	12ms 11ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=125&euid=bbe5788c-e1ed-418a-be98-f7765575c229 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers pragma no-cache date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip last-modified Thu, 23 Sep 2021 05:50:53 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://www.acint.net/match?dp=125&euid=bbe5788c-e1ed-418a-be98-f7765575c229 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Sep 2021 05:50:53 GMT
GET H2	200	match www.acint.net/ Frame B976 Redirect Chain https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D https://www.acint.net/match?dp=126&euid=27461558-c33e-44c7-4fab-2d9b24acdc5f	43 B 269 B	11ms 10ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=126&euid=27461558-c33e-44c7-4fab-2d9b24acdc5f Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers location https://www.acint.net/match?dp=126&euid=27461558-c33e-44c7-4fab-2d9b24acdc5f date Thu, 23 Sep 2021 05:50:53 GMT server nginx content-length 115 serverid TODO content-type text/html; charset=utf-8
GET H2	200	match www.acint.net/ Frame B976 Redirect Chain https://s.uuidksinc.net/match/396/0100007FBD154C610406AA920245AA1F https://www.acint.net/match?dp=127&euid=6RrzwIvOGK4Cp2AgMmeH	43 B 269 B	12ms 11ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=127&euid=6RrzwIvOGK4Cp2AgMmeH Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers date Thu, 23 Sep 2021 05:50:53 GMT server nginx/1.19.0 access-control-allow-origin * access-control-allow-methods GET, POST, OPTIONS content-type application/json; charset=utf-8 location https://www.acint.net/match?dp=127&euid=6RrzwIvOGK4Cp2AgMmeH access-control-allow-headers Content-Type content-length 0
GET H/1.1	204 No Content	userbind match.new-programmatic.com/ Frame B976	0 215 B	157ms 50ms	Image text/plain	217.65.2.150 CITYTELECOM-AS Fi...
General Check archive.org Show headers Download Go to Show image Full URL https://match.new-programmatic.com/userbind?src=sape&id=0100007FBD154C610406AA920245AA1F Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 23 Sep 2021 05:53:12 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 Connection keep-alive Content-Length 0 Vary Origin
GET H2	204	0100007FBD154C610406AA920245AA1F fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame B976	0 189 B	160ms 48ms	Image text/plain	93.95.102.105 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007FBD154C610406AA920245AA1F Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
GET H2	204	0.gif x01.aidata.io/ Frame B976 Redirect Chain https://x01.aidata.io/0.gif?pid=9401454&id=0100007FBD154C610406AA920245AA1F https://x01.aidata.io/0.gif?pid=9401454&id=0100007FBD154C610406AA920245AA1F&bounce=1 https://sm.rtb.mts.ru/p?ssp=aidata&id=yTGOyZFBSPqOfN2EJISNpA https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528&ssp=aidata&exu=yTGOyZFBSPqOfN2EJISNpA https://tech.rtb.mts.ru/?dsp_uid=bbe5788c-e1ed-418a-be98-f7765575c229&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528 https://x01.aidata.io/0.gif?pid=9503528	0 434 B	59ms 59ms	Image text/plain	89.108.119.43 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://x01.aidata.io/0.gif?pid=9503528 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d51370.reg.regrucolo.ru Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Thu, 23 Sep 2021 05:50:54 GMT last-modified Thu, 23 Sep 2021 05:50:53 GMT server nginx access-control-allow-methods GET, POST p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 expires Thu, 23 Sep 2021 05:50:53 GMT Redirect headers Date Thu, 23 Sep 2021 05:50:53 GMT Server nginx/1.13.12 Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=utf-8 Location https://x01.aidata.io/0.gif?pid=9503528 Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
GET H/1.1	200 OK	/ sync.bumlam.com/ Frame B976	0 523 B	7ms 6ms	Image text/html	31.172.81.158 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bumlam.com/?src=sap1&uid=0100007FBD154C610406AA920245AA1F Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Thu, 23 Sep 2021 05:50:53 GMT Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Server nginx Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	0100007FBD154C610406AA920245AA1F an.yandex.ru/mapuid/sapeis/ Frame B976 Redirect Chain https://an.yandex.ru/mapuid/sapeis/0100007FBD154C610406AA920245AA1F https://an.yandex.ru/mapuid/sapeis/0100007FBD154C610406AA920245AA1F?redir-setuniq=1	43 B 108 B	43ms 43ms	Image image/gif	77.88.21.90 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/sapeis/0100007FBD154C610406AA920245AA1F?redir-setuniq=1 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 77.88.21.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS bs.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip last-modified Thu, 23 Sep 2021 05:50:53 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Sep 2021 05:50:53 GMT Redirect headers pragma no-cache date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip last-modified Thu, 23 Sep 2021 05:50:53 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://an.yandex.ru/mapuid/sapeis/0100007FBD154C610406AA920245AA1F?redir-setuniq=1 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 23 Sep 2021 05:50:53 GMT
GET H2	200	frame.html Show response s3.advarkads.com/modules/match/ Frame C7BF	187 B 404 B	174ms 127ms	Document text/html	172.67.13.171 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FBD154C610406AA920245AA1F Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.13.171 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106 Request headers :method GET :authority s3.advarkads.com :scheme https :path /modules/match/frame.html?id=8113-1-1&uid=0100007FBD154C610406AA920245AA1F pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.acint.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ Response headers date Thu, 23 Sep 2021 05:50:53 GMT content-type text/html cache-control max-age=60 last-modified Sat, 25 Apr 2020 07:44:34 GMT vary Accept-Encoding access-control-allow-origin * cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 69317f7efd132169-DUS content-encoding gzip
GET H2	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/	253 KB 94 KB	50ms 49ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 85b26daaff7a38cb4bee7a5d8a99c84b4d6556a9df6db213a912d0d8bbd56389 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 95714 x-xss-protection 0 server cafe etag 8581628240566664613 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 23 Sep 2021 05:50:53 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210921/r20190131/ Frame FBEF	10 KB 5 KB	23ms 23ms	Document text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210921/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210921/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://winintro.ru/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 22 Sep 2021 20:10:15 GMT expires Wed, 06 Oct 2021 20:10:15 GMT content-type text/html; charset=UTF-8 etag 14847953055219580247 x-content-type-options nosniff content-encoding gzip server cafe content-length 4613 x-xss-protection 0 age 34838 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	201 B 655 B	87ms 32ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=winintro.ru&callback=_gfp_s_&client=ca-pub-2339592383170032 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash fe279713d3fcdb29b52b9856622aea2970c0425bb2600c441c64dd83adf1a4a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 190 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 853 B	95ms 33ms	Script application/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=winintro.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 570 B	104ms 42ms	Script application/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=winintro.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 1301	119 KB 33 KB	291ms 290ms	Document text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&adk=1812271804&adf=3025194257&lmt=1632376253&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253256&bpp=2&bdt=197&idt=94&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2318508471028&frm=20&pv=2&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=108 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 55cd30a856a7f83957be3298708f91ea584cf653ad827461d7710f258c59c675 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2339592383170032&output=html&adk=1812271804&adf=3025194257&lmt=1632376253&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253256&bpp=2&bdt=197&idt=94&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2318508471028&frm=20&pv=2&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=108 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://winintro.ru/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 23 Sep 2021 05:50:53 GMT server cafe content-length 33560 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Thu, 23-Sep-2021 06:05:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 23 Sep 2021 05:50:53 GMT cache-control private
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	72 KB 28 KB	119ms 59ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software sffe / Resource Hash 3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27652 x-xss-protection 0 server sffe etag "1632310961004595" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="active-view-scs-read-write-acl" expires Thu, 23 Sep 2021 05:50:53 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 46F2	78 KB 26 KB	827ms 827ms	Document text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1632376253&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253258&bpp=1&bdt=198&idt=110&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2318508471028&frm=20&pv=1&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TceI3LaEdI&p=https%3A//winintro.ru&dtd=113 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash d9f574ba25744dd5fc4937833db1ae85e10b08a2e769ab2a3a83f41e2e1cee8b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1632376253&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253258&bpp=1&bdt=198&idt=110&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2318508471028&frm=20&pv=1&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TceI3LaEdI&p=https%3A//winintro.ru&dtd=113 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://winintro.ru/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 23 Sep 2021 05:50:54 GMT server cafe content-length 26768 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Thu, 23-Sep-2021 06:05:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 23 Sep 2021 05:50:54 GMT cache-control private
GET H/1.1	200 OK	processor.js Show response tag.digitaltarget.ru/ Frame B976	15 KB 16 KB	91ms 91ms	Script application/javascript	185.15.175.159 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Full URL https://tag.digitaltarget.ru/processor.js?i=928792288366544 Requested by Host: tag.digitaltarget.ru URL: https://tag.digitaltarget.ru/adcm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash f6d22181c5ff8b3dc6c2e0fb2a1770ecefe1609d1ae146b53c0c2f8a7cad047b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Thu, 23 Sep 2021 05:50:53 GMT Last-Modified Mon, 06 Sep 2021 15:25:36 GMT Server nginx ETag "613632f0-3db9" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 15801
GET H2	200	frame.js Show response s3.advarkads.com/modules/match/ Frame C7BF	22 KB 7 KB	15ms 15ms	Script application/javascript	172.67.13.171 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s3.advarkads.com/modules/match/frame.js Requested by Host: s3.advarkads.com URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FBD154C610406AA920245AA1F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.13.171 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6eed6d933bee6920aa9808dfd6131f60cd83a2c91746228945ed895cf92f7ce Request headers Accept-Language de-DE,de;q=0.9 Referer https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FBD154C610406AA920245AA1F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 22 Sep 2021 08:43:58 GMT server cloudflare age 36 etag "09bc5fb8dafd71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=60 accept-ranges bytes cf-ray 69317f7fde802169-DUS content-length 7378
GET H/1.1	200 OK	match api.advarkads.com/api/statistic/ Frame C7BF	43 B 389 B	212ms 75ms	Image image/gif	188.42.29.80 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007FBD154C610406AA920245AA1F Requested by Host: s3.advarkads.com URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FBD154C610406AA920245AA1F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.29.80 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.18.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://s3.advarkads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Thu, 23 Sep 2021 05:50:53 GMT Server nginx/1.18.0 X-Powered-By ASP.NET Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 43 Expires -1
GET H3	200	reactive_library_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/	145 KB 52 KB	43ms 42ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/reactive_library_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash d7fbf24214744a45511b52543f3cb92ae8177ca8ccf2d5b666a69399e372ba62 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53056 x-xss-protection 0 server cafe etag 12447668586569652423 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Thu, 23 Sep 2021 05:50:53 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	63ms 33ms	Script application/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=winintro.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	71ms 29ms	Script application/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=winintro.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/ Frame E036	10 KB 5 KB	23ms 23ms	Document text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://winintro.ru/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUlee4c5T6rKncsBqLFYPWnPcXYaMlxxnc2Yw8D87-CIy-hNVaQ3SAa3Fxw5WM4; test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 22 Sep 2021 20:09:46 GMT expires Wed, 06 Oct 2021 20:09:46 GMT content-type text/html; charset=UTF-8 etag 14847953055219580247 x-content-type-options nosniff content-encoding gzip server cafe content-length 4613 x-xss-protection 0 age 34867 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	i dmg.digitaltarget.ru/awg/custom/1093/i/ Frame B976 Redirect Chain https://dmg.digitaltarget.ru/1/1093/i/i?i=970912824012899.138707925484088&a=77&e=0100007FBD154C610406AA920245AA1F&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FBD154C610406AA920245AA1F.sync:... https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=970912824012899.138707925484088&a=77&e=0100007FBD154C610406AA920245AA1F&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FBD154...	49 B 603 B	176ms 176ms	Image image/gif	185.15.175.130 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Show image Full URL https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=970912824012899.138707925484088&a=77&e=0100007FBD154C610406AA920245AA1F&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FBD154C610406AA920245AA1F.sync:up.xdua:dus5awmgv7VrWQRlcxNu9rF4.xps:xps0dJc_sl6l_ZGDYHW94bOLu.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Thu, 23 Sep 2021 05:50:54 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies master-only Request-Time 98 Connection keep-alive Vary Accept-Encoding Content-Length 64 X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Credentials true Redirect headers Date Thu, 23 Sep 2021 05:50:53 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Location https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=970912824012899.138707925484088&a=77&e=0100007FBD154C610406AA920245AA1F&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FBD154C610406AA920245AA1F.sync:up.xdua:dus5awmgv7VrWQRlcxNu9rF4.xps:xps0dJc_sl6l_ZGDYHW94bOLu.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient X-XSS-Protection 1; mode=block X-Permitted-Cross-Domain-Policies master-only Access-Control-Allow-Credentials true Access-Control-Max-Age 86400 Connection keep-alive Request-Time 0 Content-Length 0 X-Content-Type-Options nosniff
GET H/1.1	200 OK	i dmg.digitaltarget.ru/awg/custom/1093/i/ Frame B976 Redirect Chain https://dmg.digitaltarget.ru/1/1093/i/i?i=970912824012899.218373440984996&a=77&e=0100007FBD154C610406AA920245AA1F&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FBD154C610406AA920245AA1F.sync:... https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=970912824012899.218373440984996&a=77&e=0100007FBD154C610406AA920245AA1F&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FBD154...	49 B 604 B	286ms 286ms	Image image/gif	185.15.175.130 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Show image Full URL https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=970912824012899.218373440984996&a=77&e=0100007FBD154C610406AA920245AA1F&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FBD154C610406AA920245AA1F.sync:up.xdua:dus5awmgv7VrWQRlcxNu9rF4.xps:xps0dJc_sl6l_ZGDYHW94bOLu.dn:acint__net.adcm:hit.tg:adcmjs_noorient Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Thu, 23 Sep 2021 05:50:54 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies master-only Request-Time 133 Connection keep-alive Vary Accept-Encoding Content-Length 64 X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Credentials true Redirect headers Date Thu, 23 Sep 2021 05:50:53 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Location https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=970912824012899.218373440984996&a=77&e=0100007FBD154C610406AA920245AA1F&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FBD154C610406AA920245AA1F.sync:up.xdua:dus5awmgv7VrWQRlcxNu9rF4.xps:xps0dJc_sl6l_ZGDYHW94bOLu.dn:acint__net.adcm:hit.tg:adcmjs_noorient X-XSS-Protection 1; mode=block X-Permitted-Cross-Domain-Policies master-only Access-Control-Allow-Credentials true Access-Control-Max-Age 86400 Connection keep-alive Request-Time 1 Content-Length 0 X-Content-Type-Options nosniff
GET H2	200	b349715971fc02f992e4cc58b88ce41f.js Show response www.gstatic.com/mysidia/ Frame E036	7 KB 4 KB	72ms 23ms	Script text/javascript	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/b349715971fc02f992e4cc58b88ce41f.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 16 Sep 2021 09:38:41 GMT content-encoding gzip x-content-type-options nosniff age 591132 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3166 x-xss-protection 0 last-modified Thu, 16 Sep 2021 09:11:48 GMT server sffe vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="mysidia" expires Wed, 15 Dec 2021 09:38:41 GMT
GET H2	200	a1aae16d08f1cf4ca3f32f832dc900b8.js Show response www.gstatic.com/mysidia/ Frame E036	8 KB 3 KB	90ms 41ms	Script text/javascript	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/a1aae16d08f1cf4ca3f32f832dc900b8.js?tag=text/vanilla_cta_animation_title_highlight Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 5f3dca760a16a5bbc551921bccf65a5d73945f97616ea347cf09ffa50ca2b4cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 17 Sep 2021 08:02:57 GMT content-encoding gzip x-content-type-options nosniff age 510476 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3426 x-xss-protection 0 last-modified Thu, 16 Sep 2021 09:11:48 GMT server sffe vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="mysidia" expires Thu, 16 Dec 2021 08:02:57 GMT
GET H2	200	css fonts.googleapis.com/ Frame E036	3 KB 1 KB	85ms 31ms	Stylesheet text/css	142.250.184.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f10.1e100.net Software ESF / Resource Hash 32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 23 Sep 2021 04:00:48 GMT server ESF date Thu, 23 Sep 2021 05:50:53 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 23 Sep 2021 05:50:53 GMT
GET H2	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame E036	1 KB 960 B	92ms 41ms	Script text/javascript	142.250.185.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f1.1e100.net Software cafe / Resource Hash 2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 22 Sep 2021 20:02:46 GMT content-encoding gzip x-content-type-options nosniff age 35287 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 852 x-xss-protection 0 server cafe etag 14170629819630813772 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 06 Oct 2021 20:02:46 GMT
GET H2	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210921/r20110914/ Frame E036	18 KB 8 KB	72ms 21ms	Script text/javascript	142.250.185.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f1.1e100.net Software cafe / Resource Hash 830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 22 Sep 2021 19:50:02 GMT content-encoding gzip x-content-type-options nosniff age 36051 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7635 x-xss-protection 0 server cafe etag 15605042170853735879 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 06 Oct 2021 19:50:02 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame E036	3 KB 1 KB	92ms 41ms	Script text/javascript	142.250.185.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f1.1e100.net Software cafe / Resource Hash c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 22 Sep 2021 19:50:02 GMT content-encoding gzip x-content-type-options nosniff age 36051 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1358 x-xss-protection 0 server cafe etag 15351394696698642166 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 06 Oct 2021 19:50:02 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame E036	128 KB 39 KB	60ms 32ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software sffe / Resource Hash c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:53 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39662 x-xss-protection 0 server sffe etag "1632310973010379" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="active-view-scs-read-write-acl" expires Thu, 23 Sep 2021 05:50:53 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame E036	14 KB 6 KB	74ms 23ms	Script text/javascript	142.250.185.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f1.1e100.net Software cafe / Resource Hash d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 22 Sep 2021 19:50:02 GMT content-encoding gzip x-content-type-options nosniff age 36051 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6232 x-xss-protection 0 server cafe etag 15606800361334891596 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 06 Oct 2021 19:50:02 GMT
GET H2	200	730400e8020df307e81d4efe9cf79fce.js Show response www.gstatic.com/mysidia/ Frame E036	27 KB 11 KB	70ms 24ms	Script text/javascript	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/730400e8020df307e81d4efe9cf79fce.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 16 Sep 2021 09:24:12 GMT content-encoding gzip x-content-type-options nosniff age 592001 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11108 x-xss-protection 0 last-modified Thu, 16 Sep 2021 09:11:48 GMT server sffe vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="mysidia" expires Wed, 15 Dec 2021 09:24:12 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame E036	0 0	47ms 46ms	Fetch text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Ccbb_vRVMYarhF6Hb-gbckZDADZTcyZNlu-CB4v8M2dkeEAEgg4yKR2CV4pCCoAegAa2ukJ8DyAEBqAMByAPDBKoE6AFP0GYVhzeukRmRTDhqskHJPvDH8glysf9LPWC5x2Qrv4NG4mF80E2I9_-ixXUFJY2qgEDJplfaLGXxG7I0xXW3UdmLEAfeWT0xXFjt8Rql0UOR5v7BpOh8B0eigY6cF7q2LE6_QpChg-gZOkzm7R4PieuYg3SADD_FdLLIPDfkTrF75awXvvW6My4FRKhnB4_rXta4DCHUZREhivvn2d5_4cijSYcpccBsTAYydg5g_3M-kFrI9v3pwg77kWQdov0Q1jFvUXeWbNjcyqrKNWVF0akMC1LFMnBNDxdh9ClMiWLsKiKxXjcnwAS03-_SxAOSBQQIBBgBkgUECAUYBKAGUYAHu9HvYKgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQkfAY0ggJCIDhgBAQARgfgAoByAsB2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTIzMzk1OTIzODMxNzAwMzIYAA&sigh=RxwBDC-j2RI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Thu, 23 Sep 2021 05:50:53 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 9DE3	143 B 163 B	23ms 23ms	Document text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software safe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/s?v=r20120211 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 accept-encoding gzip, deflate, br cookie IDE=AHWqTUlee4c5T6rKncsBqLFYPWnPcXYaMlxxnc2Yw8D87-CIy-hNVaQ3SAa3Fxw5WM4; test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Response headers content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Thu, 23 Sep 2021 05:00:06 GMT server safe content-length 145 x-xss-protection 0 cache-control public, max-age=3600 age 3047 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame E036	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 29822d0b8e3c1f48a308ec0b27928306ee17bab3f37b2e3b88184fc16d62375c Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 9DE3 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 16 B	32ms 31ms	Document text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software safe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/si pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUlee4c5T6rKncsBqLFYPWnPcXYaMlxxnc2Yw8D87-CIy-hNVaQ3SAa3Fxw5WM4; test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Thu, 23 Sep 2021 05:50:54 GMT server safe content-length 0 x-xss-protection 0 set-cookie DSID=NO_DATA; expires=Thu, 23-Sep-2021 06:50:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 23 Sep 2021 05:50:54 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Thu, 23 Sep 2021 05:50:54 GMT server safe content-length 246 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js Show response pagead2.googlesyndication.com/bg/ Frame 9D88	35 KB 13 KB	24ms 24ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20210921/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash 34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 19:45:13 GMT content-encoding br x-content-type-options nosniff age 122740 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13338 x-xss-protection 0 last-modified Mon, 20 Sep 2021 23:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Wed, 21 Sep 2022 19:45:13 GMT
GET H3	200	css fonts.googleapis.com/ Frame 46F2	2 KB 414 B	61ms 32ms	Stylesheet text/css	142.250.184.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1632376253&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253258&bpp=1&bdt=198&idt=110&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2318508471028&frm=20&pv=1&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TceI3LaEdI&p=https%3A//winintro.ru&dtd=113 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f10.1e100.net Software ESF / Resource Hash bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 23 Sep 2021 05:50:05 GMT server ESF date Thu, 23 Sep 2021 05:50:54 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 23 Sep 2021 05:50:54 GMT
GET H3	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame 46F2	1 KB 879 B	77ms 47ms	Script text/javascript	142.250.185.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1632376253&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253258&bpp=1&bdt=198&idt=110&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2318508471028&frm=20&pv=1&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TceI3LaEdI&p=https%3A//winintro.ru&dtd=113 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f1.1e100.net Software cafe / Resource Hash 2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 22 Sep 2021 20:02:46 GMT content-encoding gzip x-content-type-options nosniff age 35288 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 852 x-xss-protection 0 server cafe etag 14170629819630813772 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 06 Oct 2021 20:02:46 GMT
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210921/r20110914/ Frame 46F2	18 KB 7 KB	46ms 20ms	Script text/javascript	142.250.185.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1632376253&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253258&bpp=1&bdt=198&idt=110&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2318508471028&frm=20&pv=1&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TceI3LaEdI&p=https%3A//winintro.ru&dtd=113 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f1.1e100.net Software cafe / Resource Hash 830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 22 Sep 2021 19:50:02 GMT content-encoding gzip x-content-type-options nosniff age 36052 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7635 x-xss-protection 0 server cafe etag 15605042170853735879 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 06 Oct 2021 19:50:02 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame 46F2	3 KB 1 KB	71ms 45ms	Script text/javascript	142.250.185.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1632376253&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253258&bpp=1&bdt=198&idt=110&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2318508471028&frm=20&pv=1&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TceI3LaEdI&p=https%3A//winintro.ru&dtd=113 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f1.1e100.net Software cafe / Resource Hash c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 22 Sep 2021 19:50:02 GMT content-encoding gzip x-content-type-options nosniff age 36052 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1358 x-xss-protection 0 server cafe etag 15351394696698642166 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 06 Oct 2021 19:50:02 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 46F2	128 KB 39 KB	37ms 37ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1632376253&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253258&bpp=1&bdt=198&idt=110&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2318508471028&frm=20&pv=1&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TceI3LaEdI&p=https%3A//winintro.ru&dtd=113 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software sffe / Resource Hash c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39662 x-xss-protection 0 server sffe etag "1632310973010379" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="active-view-scs-read-write-acl" expires Thu, 23 Sep 2021 05:50:54 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/ Frame 46F2	14 KB 6 KB	46ms 21ms	Script text/javascript	142.250.185.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210921/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1632376253&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253258&bpp=1&bdt=198&idt=110&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2318508471028&frm=20&pv=1&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TceI3LaEdI&p=https%3A//winintro.ru&dtd=113 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f1.1e100.net Software cafe / Resource Hash d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 22 Sep 2021 19:50:02 GMT content-encoding gzip x-content-type-options nosniff age 36052 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6232 x-xss-protection 0 server cafe etag 15606800361334891596 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 06 Oct 2021 19:50:02 GMT
GET H3	200	730400e8020df307e81d4efe9cf79fce.js Show response www.gstatic.com/mysidia/ Frame 46F2	27 KB 11 KB	49ms 21ms	Script text/javascript	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/730400e8020df307e81d4efe9cf79fce.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1632376253&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253258&bpp=1&bdt=198&idt=110&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2318508471028&frm=20&pv=1&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TceI3LaEdI&p=https%3A//winintro.ru&dtd=113 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 16 Sep 2021 09:24:12 GMT content-encoding gzip x-content-type-options nosniff age 592002 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11108 x-xss-protection 0 last-modified Thu, 16 Sep 2021 09:11:48 GMT server sffe vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="mysidia" expires Wed, 15 Dec 2021 09:24:12 GMT
GET H3	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/2849617625860998062/ Frame 46F2	42 KB 42 KB	48ms 25ms	Image image/png	142.250.185.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2849617625860998062/downsize_200k_v1?w=600&h=314 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1632376253&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253258&bpp=1&bdt=198&idt=110&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2318508471028&frm=20&pv=1&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TceI3LaEdI&p=https%3A//winintro.ru&dtd=113 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f1.1e100.net Software sffe / Resource Hash 3dc251450aecc57ea13cfbc5ddc362d379fff22d710b2268b3edbc09387cb5be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 16 Sep 2021 10:38:41 GMT x-content-type-options nosniff age 587533 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43192 x-xss-protection 0 last-modified Mon, 30 Aug 2021 15:56:03 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 16 Sep 2022 10:38:41 GMT
GET DATA	200 OK	truncated / Frame 46F2	221 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 46F2	0 0	46ms 46ms	Fetch text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CELHIvRVMYaKTGJ65x_AP642pwAip_pD1ZPer2MK0DruAwMWMDhABIIOMikdgleKQgqAHoAGfnqnjAsgBCagDAcgDywSqBO0BT9CPd_YpR4NmxbMdRKY_CUyUyhL6x-ADciUCO9G3gjgdBslryYp3V57iEeQlea3H_-xIq74YlB3XJPEISkmEN-Us5rXAlb9t25tSCXSIrSEKf3cZ6klRPTfHR4hikdzd22wz6j61ED_nHhNj8BGsPXlQFZxqIxLBs6JZePxwyjncVg7VygSUTTYrrjhaU19OdDaY4zzyZ-gacz28UbcIMI2ot4gzhqaEISr4R0VRgdD-ZfLAxN8g3wARZVyFNJpvtc-ANne5jTYzXdMC_pMYBnWUB7WX24xz1MelXlmpj6lRIukOCuZCR9_Hi_MJwAS0yJ3q1QOSBQQIBBgBkgUECAUYBKAGLoAHnP6EAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwUQlqHwAdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0yMzM5NTkyMzgzMTcwMDMyGAA&sigh=l-V5yAX7XFI&template_id=484 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1632376253&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253258&bpp=1&bdt=198&idt=110&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2318508471028&frm=20&pv=1&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TceI3LaEdI&p=https%3A//winintro.ru&dtd=113 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1632376253&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253258&bpp=1&bdt=198&idt=110&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2318508471028&frm=20&pv=1&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TceI3LaEdI&p=https%3A//winintro.ru&dtd=113 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Thu, 23 Sep 2021 05:50:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET DATA	200 OK	truncated / Frame 46F2	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 091d37b67899701efcc0dce7bb05c53822688341c40adc93f318f2d2384eac74 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v20/ Frame 46F2	22 KB 23 KB	99ms 48ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 04:13:08 GMT x-content-type-options nosniff age 178666 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22992 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:18:57 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 21 Sep 2022 04:13:08 GMT
GET H2	200	S6u9w4BMUTPHh7USSwiPGQ.woff2 fonts.gstatic.com/s/lato/v20/ Frame 46F2	23 KB 23 KB	74ms 25ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash 9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 19 Sep 2021 15:49:32 GMT x-content-type-options nosniff age 309682 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23248 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:18:53 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 19 Sep 2022 15:49:32 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	68ms 37ms	XHR application/json	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210921&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 3c2cc07c58115b4c1cf60ffbdb88dacf6f85c9fd88d83071dad41078ff5bfbdd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Thu, 23 Sep 2021 05:50:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8644 x-xss-protection 0
GET H3	200	NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js Show response pagead2.googlesyndication.com/bg/ Frame 77A0	35 KB 13 KB	24ms 23ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1632376253&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fts_license.en%2Fhtml%2F83fcf57f-1e7a-4dc0-b866-0c4e04ebb132.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632376253258&bpp=1&bdt=198&idt=110&shv=r20210921&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2318508471028&frm=20&pv=1&ga_vid=285062501.1632376253&ga_sid=1632376253&ga_hid=1467957196&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=22&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750533&oid=3&pvsid=1586604271858616&pem=516&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TceI3LaEdI&p=https%3A//winintro.ru&dtd=113 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash 34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 19:45:13 GMT content-encoding br x-content-type-options nosniff age 122741 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13338 x-xss-protection 0 last-modified Mon, 20 Sep 2021 23:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Wed, 21 Sep 2022 19:45:13 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	50ms 49ms	Script text/javascript	142.250.185.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f1.1e100.net Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:54 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Thu, 23 Sep 2021 05:50:54 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 28D3	12 KB 5 KB	21ms 20ms	Document text/html	142.250.185.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f1.1e100.net Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://winintro.ru/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Wed, 22 Sep 2021 20:29:24 GMT expires Thu, 22 Sep 2022 20:29:24 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 33690 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame FB69	783 B 535 B	83ms 33ms	Document text/html	142.250.181.228 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f4.1e100.net Software GSE / Resource Hash 8b1c3a5dd526df1c3f83cdea5146425e486b868d07bd98620abfd7eac372b98c Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-+ZZhhmDFxRYukQ2SDAS8LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://winintro.ru/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy-report-only require-corp; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Thu, 23 Sep 2021 05:50:54 GMT date Thu, 23 Sep 2021 05:50:54 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-+ZZhhmDFxRYukQ2SDAS8LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js Show response pagead2.googlesyndication.com/bg/ Frame 28D3	35 KB 13 KB	23ms 23ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash 34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 19:45:13 GMT content-encoding br x-content-type-options nosniff age 122741 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13338 x-xss-protection 0 last-modified Mon, 20 Sep 2021 23:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Wed, 21 Sep 2022 19:45:13 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame FB69	0 0	78ms 78ms	Image text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210921&jk=1586604271858616&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	78ms 77ms	Image text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210921&jk=1586604271858616&bg=!e3ileDzNAAZNQyuQTUM7ACkAdvg8WoL7IrjbQmP_2E1wKaQAXVWn8GjQZ1e96zzkO64YayezD-1jdAIAAABaUgAAAAloAQcKAE9G7FitvBgE6v6mBr46y7Rer7LGS7n1X_cVymfvEsM8Od-0VQ_F8ZGgkzSBB1ynJv75AXYB5tvTFsuJ0eUTfXPeObIONH1_bwYAmnCleRqjmQKogZmO1PaVazO37VdDE1cli7ekgSzSghWuWOeywfOXW12ItvRgCAesCYRSl_aGVxDpMZ0OfVG9nsYAKSPxBS_r_jU3hC9EIcTHN3gLAl_fC8x5MB7TkKLsWMFEXUjD7_8QDTdVQJ16jLrc91smwQNRXg7EmfOA3H2rfQjxWOWYOfTm7FAfhStDeSA2KMJCxdNYHNUXbB_j2RBt71Q2MsbQTYNu4Gr6Ii5hRBAZ9OzKxBdHTAUo7-zOi2HG40u7g66y7vN-VMiB9CPboJKI1lP00dm8fzDUddJrRmCvbG4lwJhhhIdpsWEVgZg2Qv93ywgpKKpTBzkOYPosrTzHnANTFLSOxz4CEJDd_KHPGO2f5tJLrlAyMb-MkpwFBKdUkp5HPnYbz1cd2jjmt5A3tw-fCHIr34zYPDkd6sHWhYAQA5SgsZtBlRVZ2prZORV0Ody4dLbAxBsz4k3cD3L4U2pWkEdb74e_9Cdj4RQOfZ-nrkFDdHWXT95FOwr38gWZ14s7gU8Up2osOhMvcU4p41__SHf0hM1TH99Yro8hSM25fnKy6TB6HtUkLxG43iyRSyXA5Af6nhdnqnId2yNo1QNAyy7RRFtWlTIf853XMgimVN18vMW2qoTLf1uvKa5JQellA0p-iA6tPUwc87AhwpOx3XVCiiqYa98gtxvQWF6Hk8NodpB32nAXJu-8i8y8LbmEpXdxneIy3feAVFBgndS-GClzm4Dag4470EAZqY7KSrHC-4_YvkKqPcRFGKeQ9dYp1Kk3zdBJ_Il2deP3Ttogfowk_3F-XREWVzbJi5Le-1DdavGgWRpWubcNvxRTXK8L9LFlt7fISGyJh2eRFjrAQAVx51ALBKIxMxdmpcVeTkav3KHYX3IVnYO14JP3BN5udDFNPx-cAME Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame E036	42 B 64 B	46ms 45ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoFWPG4V7VDCdH6BFqcbILRnJYXjTnq1DOHaaUdxnAeqoL0Fjp4qCEx_kzp70-QPqqCM87vyQoHZM1xH-A3dwUPHe2115lel37yMpcX0UIwlGagrreew&sai=AMfl-YST8jlw4wNl6FXF4pJt8_97f1SPjp2YmK_aLcScTGfzB87xF4WaIrdwlGpkAQs1WTBEakcJM5PJjStG&sig=Cg0ArKJSzI4R4Qpt4lBlEAE&id=lidar2&mcvt=1000&p=1106,298,1230,1303&mtos=84,767,1000,1102,1194&tos=84,683,233,102,92&v=20210922&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632376253741&rpt=193&r=v Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Thu, 23 Sep 2021 05:50:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 46F2	42 B 64 B	46ms 46ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaIZi9ypvvjz_-rdXav2fCD1KjkiDQ22_8Q1lpIwyX1NcpiWm0JKrB1oY34ACKEDVi-rJxRemRH-2CR-urYxvIEnmRn_KIW1ncNmRT02ZpKY1xcwBFLg&sai=AMfl-YQQGn2p-EzERA7XEau3-qPin5TKLFoyvATLPB7epSuH32yvaz-z13prWL2NqMdXCRX6B-FgpZbRqGsp&sig=Cg0ArKJSzG4AXVzMag7bEAE&id=lidar2&mcvt=1001&p=63,22,343,1222&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210922&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1636916721&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632376253372&rpt=1084&r=v Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Thu, 23 Sep 2021 05:50:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.acint.net/ping/	43 B 224 B	11ms 11ms	Image image/gif	46.4.121.26 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/ping/?v=0.3.0&uid=8389347a-aa98-474e-b97d-e06c362b7bb4&dp=10&tz=%2B00%3A00&nc=99595560&dT=2021-09-23T05%3A50%3A56.176 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz1271109.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://winintro.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 05:50:56 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT