urlscan.io logo urlscan.io
SecurityTrails logo

chinas-lafa.ru Open in urlscan Pro
185.4.64.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aliexpress-kabinet-online.ru/
Effective URL: https://chinas-lafa.ru/
Submission: On November 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 5 countries across 27 domains to perform 132 HTTP transactions. The main IP is 185.4.64.72, located in Moscow, Russian Federation and belongs to RECONN, RU. The main domain is chinas-lafa.ru.
TLS certificate: Issued by R3 on October 14th 2023. Valid for: 3 months.
This is the only time chinas-lafa.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 40 185.4.64.72 12722 (RECONN)
2 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
3 10 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 1 45.130.41.10 198610 (BEGET-AS)
7 2607:f8b0:402... 15169 (GOOGLE)
1 8 2607:f8b0:402... 15169 (GOOGLE)
13 2607:f8b0:402... 15169 (GOOGLE)
3 2607:f8b0:402... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
6 23.51.52.28 16625 (AKAMAI-AS)
12 23.202.52.23 16625 (AKAMAI-AS)
3 2607:f8b0:402... 15169 (GOOGLE)
2 172.217.13.194 15169 (GOOGLE)
2 104.117.182.193 20940 (AKAMAI-ASN1)
2 23.44.201.209 20940 (AKAMAI-ASN1)
3 14 172.217.13.130 15169 (GOOGLE)
1 2620:116:800b... 14618 (AMAZON-AES)
2 2 184.86.146.172 16625 (AKAMAI-AS)
1 1 20.253.86.149 8075 (MICROSOFT...)
1 34.235.203.47 14618 (AMAZON-AES)
2 74.119.119.150 19750 (AS-CRITEO)
2 2 35.207.24.140 15169 (GOOGLE)
1 2 23.51.53.155 16625 (AKAMAI-AS)
2 2 2606:ae80:145... 25751 (VALUECLICK)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 172.104.70.67 63949 (AKAMAI-LI...)
2 2 70.42.32.31 22075 (AS-OUTBRAIN)
1 1 51.222.239.230 16276 (OVH)
1 1 82.145.213.8 39832 (NO-OPERA)
132 21
40    185.4.64.72 (Moscow, Russian Federation)

ASN12722 (RECONN, RU)
PTR: cabinet-moneyman.ru
aliexpress-kabinet-online.ru
chinas-lafa.ru
2    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    45.130.41.10 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS, RU)
aliexpress-lafa.ru
7    2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
13    2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    23.51.52.28 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-52-28.deploy.static.akamaitechnologies.com
contextual.media.net
12    23.202.52.23 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-52-23.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
cs.media.net
3    2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
2    172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net
www.googleadservices.com
2    104.117.182.193 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-193.deploy.static.akamaitechnologies.com
pxlclnmdecom-a.akamaihd.net
2    23.44.201.209 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-209.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
14    172.217.13.130 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net
cm.g.doubleclick.net
1    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    184.86.146.172 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-146-172.deploy.static.akamaitechnologies.com
px.owneriq.net
1    20.253.86.149 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    34.235.203.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-203-47.compute-1.amazonaws.com
rtb.adentifi.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    23.51.53.155 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-53-155.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2606:ae80:1451:21::440 (United States)

ASN25751 (VALUECLICK, US)
dclk-match.dotomi.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    172.104.70.67 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1680-67.members.linode.com
a.c.appier.net
2    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
Apex Domain
Subdomains		 Transfer
39 chinas-lafa.ru
chinas-lafa.ru
555 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
304 KB
22 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
99 KB
18 media.net
contextual.media.net — Cisco Umbrella Rank: 691
warp.media.net — Cisco Umbrella Rank: 2821
lg3.media.net — Cisco Umbrella Rank: 7529
hblg.media.net — Cisco Umbrella Rank: 2223
cs.media.net — Cisco Umbrella Rank: 1513
210 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8755
4 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
103 KB
4 akamaihd.net
pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 22538
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2166
85 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
192 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
892 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
604 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
1 KB
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 597
725 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1767
2 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4034
70 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
674 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
387 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 15453
597 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
640 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1218
287 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 2875
462 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
464 B
1 aliexpress-lafa.ru
aliexpress-lafa.ru
137 B
1 aliexpress-kabinet-online.ru
aliexpress-kabinet-online.ru
77 B
132 27
Domain Requested by
39 chinas-lafa.ru chinas-lafa.ru
14 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
10 pagead2.googlesyndication.com chinas-lafa.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
8 mc.yandex.com 2 redirects chinas-lafa.ru
mc.yandex.ru
8 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 fonts.gstatic.com fonts.googleapis.com
6 contextual.media.net googleads.g.doubleclick.net
contextual.media.net
4 hblg.media.net googleads.g.doubleclick.net
4 lg3.media.net googleads.g.doubleclick.net
contextual.media.net
3 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
3 www.googletagservices.com googleads.g.doubleclick.net
2 b1sync.zemanta.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 sync.teads.tv 1 redirects
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com googleads.g.doubleclick.net
2 px.owneriq.net 2 redirects
2 cs.media.net contextual.media.net
2 qsearch-a.akamaihd.net googleads.g.doubleclick.net
2 pxlclnmdecom-a.akamaihd.net contextual.media.net
2 www.googleadservices.com chinas-lafa.ru
2 warp.media.net googleads.g.doubleclick.net
2 mc.yandex.ru 1 redirects chinas-lafa.ru
2 fonts.googleapis.com chinas-lafa.ru
googleads.g.doubleclick.net
1 t.adx.opera.com 1 redirects
1 onetag-sys.com 1 redirects
1 a.c.appier.net 1 redirects
1 px.ads.linkedin.com 1 redirects
1 rtb.adentifi.com googleads.g.doubleclick.net
1 mweb.ck.inmobi.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 aliexpress-lafa.ru 1 redirects
1 aliexpress-kabinet-online.ru 1 redirects
132 35

This site contains links to these domains. Also see Links.

Domain
dassdg.ru
Subject Issuer Validity Valid
chinas-lafa.ru
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh

This page contains 17 frames:

Primary Page: https://chinas-lafa.ru/
Frame ID: BC7FFA13C288D4F29347CBECDAC31F99
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html
Frame ID: 1D64611C39E40BE5AC188777B0DE999F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&adk=1812271804&adf=3025194257&lmt=1701275723&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475709&bpp=34&bdt=1251&idt=370&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=752623355864&frm=20&pv=2&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=411
Frame ID: DC67E63229AF601773ECF62E277A673B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2498843383&pi=t.aa~a.1647758531~rp.1&w=1090&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475743&bpp=3&bdt=1285&idt=383&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=388
Frame ID: 82501C8757EE4971C89D817B3DB370C7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Frame ID: 872CD5961A14478A38B99907A7C3FB58
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Frame ID: 75FC5D02DBC0E71CF866227A1BACCA67
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Frame ID: 34E88BD9B69987BC09B7598A086519C4
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Frame ID: C0F81198A78DDF1701AD99E9EF349882
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Frame ID: 071ADA8CCC216B97D585600D1DB792A2
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3249&&kkdd=3W%7C3%7C9n*HA&(s=QjzQC2-ujj2-uN-QH2-&LKwi=z&J4wT=z&DK(=QQCH&O4DX=YhhC&DsK=-dgjpjjQG&DwDK=pD6LFb_ZAUG_~QAA7iiUDW%3D%3D&DisK=u-Q2jj2CH&4s!X=QNzbNzz&DD=gB&4D=xr&DvcJ=a9Ik3xr&wsK=-t3NjIrhB&OwsK=oQGhNN-&vOOw4=Q&iii=O!I7vYDM7Y-iZvr1qwot_-gpqrhu3wuvgr1ukFrbuB4%3D&c4X=H&MW=Q&ZLK=u&TKOQ=-dgg2Uq-a&TKOC=QQNCQQz2Q&*KTOT=4KC%3DcZMMlsZiMAM%3DQzlZMJAw%3Dz8zQhjlFLXiwJ%3Dz8zjl(WAXbD%3Dz8CQl(s4A4K%3DjzNlZiMAiw4A*%3DQu8uQlKFJA*%3Dz8HhlKDC%3DQl4DK%3DyMliTX%3Dz%2Czl(AT4c%3D2zz2lKFJAM%3DCzl(MCiA4K%3DCzChQQC2QClsZiMA*%3Djjj8jjlZiMAO5D%3DzlZiMAiCTA*%3Dzl4OK%3DT4WsyOACAXbwTcKliTO%3Dz8zzz%2CzlMT4O%3DlD(FL%3Du8Nhl(s4AZiMA*%3Dz8ujl(MCiAsA4K%3DCzChQQC2Qzlsw%3DrFKa5wyc2~5syTutrJ4Gkly**%3Dzl(s4AZiMAM%3DzlisswZT%3DCu%2CCulXO%3DQ-liD%3DQlis4ZsK%3Dz%2Czl(MCiAsA*%3Dz8zCliw4A4K%3DCzChQQC2QCl(s4A*%3DQhQ8CCliTK(%3Dz8zzz%2CzlZiMA*%3DQ8C-l(MCiAZiMA*%3Dzl(MCiAZiMA(s%3DQG7QNlZiMAO(s%3DzlZiMAM%3DQzl4M(%3DhN8QHlLDTO%3D7Qzl**%3DQ2Nl((%3DzlD(MCiA4K%3Djz-liy(%3Duh8hNlMCiA*%3DQzzzlXiwJ%3Dz8zjl(MCiAZiMA5D%3DzGzlw4sAD%3DQ%2CQ%2Cz%2Cz%2Cz%2Cz%2Cz%2Czl*J%3DQlw4sAK%3Dzli5X%3Dz%2CzliTKw%3Dz8zzz%2CzlThwA*%3DN8jQ%2C--82ul4sK%3Du-Q2jj2CHl4K%3DQlZsK%3DCETPc!wbqY*iQ(fQu3lZiMAiw4A5D%3DzlD(MCiA*%3Du8Nhl*OK%3Dhzj2jQjNuhCHNzjzCu2jNNN2CzHjjHuzhQjNh-HHhChN2HuNQjuhzHHQC2-zuHuCuz2-QQ-----C2uh-uzzQNHChjH-uj-H-h2CNj-ul(WZ%3Dz8CQlKCwAM%3DQzlD(MC%3Du8NhlhwDy%3D2228HjlZsJ%3DzlFLAJ4v%3Dz8zjli5O%3Dz8zzz%2CzlKJJA4OiL%3DvTiJFc~lKCwA*%3Dz82-lFLKCwA*%3Dz82-l44%3Dx9lDD%3DgBlZsW%3D7QlDX%3Dzliw4A*%3D--82ulZiMA4iw4A*%3DQu8uQliD(%3Duh8hNldE%3DhzHzli5Ww%3Dz8zzz%2Czl5*AZD%3D7ClcO4%3DCl5*ADD54%3D7ClDO%3DJsTJsl*44AfoR%3Dx9%2Cx9li5WK%3Dz8zzz%2Czl*T4s4C%3DQ2Nl*T4s4Q%3DQ2Nls4IXy%3Dzls4sy%3DzlZiMAiwDA*%3Dzl*sK%3Dz8zjlKD%3D-lZiMAiw4Ai(%3Dzl(MCiA*%3DN8hjlD*Kw%3Dz8zQul4K%3DQlsO~wXAsK%3DQjl4XMMXiAOTLAsK%3DT4WsyOACAXbwTcKl4ZwwM~AOTLAsK%3DlKXOXDOXKAOTLAsK%3DT4WsyOACAXbwTcKl(sXWT*sMsO~%3Dz8CQlwF4%3DhlTDAO~wX%3DQlTK*M5%3DCHNCCHuu2QlTJw%3DQlFL*sK%3Dz8zjzl*yMi%3Dz8zQzl4ZsK%3Dd9GBG_7ZhAPVAM2e7W-WHZOFf6WlKOD%3DXT4OA4DlKJJAXiwJ%3DyTM4XlKJJ%3DvTiJFc~l*KwDTwK%3DzlKTML%3DZcs4FcCNl4F*w%3DlbsK%3D9)S7wZ*7H2NQQCQu2u-QCQQhlvOJM%3DQlKDZO%3D-zlKFL*%3Dz7QlXDwAZ4XK%3D6zHlXDwAwzH%3Dz8zhHjhujzzN2Nuzu-hlXDwAwQz%3Dz8z2HQh-z2j2C-jH-QNlXDwAwQH%3Dz8QHuh2z2Nu-HH2-Q2lXDwAwCz%3Dz8CQzN---QQhhujhHlXDwAwCH%3Dz8CjjCh2N2-NhQh2QClXDwAwhz%3Dz8huH-QCHuzCNCHz-QlXDwAwhH%3Dz8uQjHzjzQ-N-HjhzClXDwAwuz%3Dz8u2hHQHQQ---jQhC-ulXDwAwuH%3Dz8H-u22NuH-HHhh-CQlXDwAwHz%3Dz8N--HQ-NN-Q-2zhzClXDwAwHH%3Dz8-zuhQ-uzHQCzuHj2lXDwAwNz%3Dz82uCQhhCQj2zjHNCHlXDwAwNH%3DQ8QzuH2CQHuhCzHzC-lXDwAwjz%3DQ8C2uhjjCjzQzj-NQhlXDwAwjH%3DQ8Hhu2huCjzNhCNQCNlXDwAw-z%3DQ8-N-uC-CNQhzj-ClXDwAw-H%3DC8hhhCNCzNQNuuHQHjlXDwAw2z%3Dh8Chj-h2zNh2-2hjQhlXDwAw2H%3DH8uzHHHC2C2uzhuH2lXDwAw22%3DQN8h-NjNQuCQj2zHQls*D%3DQlc4!%3DClOL4%3DQNzbNzz%7ChzzbNzzl*4*%3Dzl*4w%3DzlOJb%3DChQ&cO(=z&JJJ=ZSF4xyE)6G5%3D&sW=QNz&scEyi=Q&*KiEK=uNz&*sK=hu2zNj&JDy=NjQQ2&~K4wi=Q&*TX=_bX_LTTXbu&5TOwiX=Q&5TO*sK=7QzC&DTKFJTsc=O!I7vYDM7Y7aBvxuC7ZZyKcH3SvCsdzxN6KhC~uEBDVe3aVA5~VF!L%3D%3D&~wMw=Q&s4sK=H&TK(=Ec(X4OFi%20qFDZ4&44JDiA(Xi=H&wLsK=wzQN2h2h-NCjOCzChQQC2CCHu&44MK=%7B%2244sw%22%3A%22CzzQ%3AzHHz%3AQKzH%3Azzzz%3Azzzz%3Azzzz%3Azzzz%3Azzzz%22%2C%2244DD%22%3A%22gB%22%2C%22444D%22%3A%22qY%22%2C%2244DO~%22%3A%22JsTJs%22%7D&vOJM4iD=Q&sflct=8818102&ure=1
Frame ID: 85877BB4A3DDE1F8624AED9CDA98D1F5
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 7E968259C92F522F1D0F9DFC6BE4824A
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3227&&kkdd=A!%7Cu%7C9H3An*&*7=fIVfURh~IIUI~nnhfn~&2W8A=V&k68p=V&eW*=ffUg&y6eP=-llU&e7W=hvMI5IIfq&e8eW=5e42D1uS!xquzf!!YAAxea%3D%3D&eA7W=~hfRIIRUg&67_P=fnV1nVV&ee=MZ&6e=(o&eBHk=Lmjt.(o&87W=hN.nIjolZ&y87W=rfqlnnh&Byy86=f&AAA=y_jYB-e0Y-hASBobE8rNuhM5Eol~.8~BMob~tDo1~Z6%3D&H6P=g&0a=f&S2W=~&pWyf=hvMMRxEhL&pWyU=ffnUffVRf&JWpyp=6WU%3DHS00s7SA0!0%3DfVsS0k!8%3DVwVflIsD2PA8k%3DVwfUs*a!P1e%3DVwUns*76!6W%3DIVnsSA0!A86!J%3Df~w~fsWDk!J%3DVwglsWeU%3Dfs6eW%3DG0sApP%3DV%2CVs*!p6H%3DRVVRsWDk!0%3DUVs*0UA!6W%3DUVUlffURfUs7SA0!J%3DIIIwIIsSA0!yQe%3DVsSA0!AUp!J%3DVs6yW%3DlUg~ghnhIgsApy%3DVwVVV%2CVs0p6y%3Dse*D2%3D~wf~s*76!SA0!J%3DVw~Is*0UA!7!6W%3DUVUlffURfVs78%3DoDWLQ8GHRzQ7Gp~Nok6qtsGJJ%3DVs*76!SA0!0%3DVsA778Sp%3DU~%2CU~sPy%3DfRsAe%3DfsA76S7W%3DV%2CVs*0UA!7!J%3DVwVlsA86!6W%3DUVUlffURfUs*76!J%3DfIVwRUsApW*%3DVwVVV%2CVsSA0!J%3DfwURs*0UA!SA0!J%3DVs*0UA!SA0!*7%3DfqYfnsSA0!y*7%3DVsSA0!0%3DfVs60*%3DUUwhIs2epy%3DYfVsJJ%3DfRns**%3DVse*0UA!6W%3DIVhsAG*%3D~lwlns0UA!J%3DfVVVsPA8k%3DVwfUs*0UA!SA0!Qe%3DVqVs867!e%3Df%2Cf%2CV%2CV%2CV%2CV%2CV%2CVsJk%3Dfs867!W%3DVsAQP%3DV%2CVsApW8%3DVwVVV%2CVspl8!J%3DhwVh%2ChIwUls67W%3D~hfRIIRUgs6W%3DfsS7W%3DUCpFkvrQh3RbyG~Eb7sSA0!A86!Qe%3DVse*0UA!J%3D~wf~sJyW%3DlVIRIfIn~lUnVffU~RlVlUUlVhVlghf~IVIfVInhUnfVggUgVVIRgnUIUl~hglh~ngIfnIRhVVhIflf~~RhgURI~gnVlVRhl~R~V~fns*aS%3DVwUnsWU8!0%3DfVse*0U%3D~wf~sl8eG%3DRRRwRnsS7k%3DVsD2!k6B%3DVwfUsAQy%3DVwVVV%2CVsWkk!6yA2%3DBpAkDHzsWU8!J%3DVwRhsD2WU8!J%3DVwRhs66%3D(msee%3DMZsS7a%3DYfseP%3DVsA86!J%3DhIwUlsSA0!6A86!J%3Df~w~fsAe*%3D~lwlnsvC%3DlVgVsAQa8%3DVwVVV%2CVsQJ!Se%3DYUsHy6%3DUsQJ!eeQ6%3DYUsey%3Dk7pk7sJ66!3r9%3D(m%2C(msAQaW%3DVwVVV%2CVsJp676U%3DfRnsJp676f%3DfRns76jPG%3DVs767G%3DVsSA0!A8e!J%3DVsJ7W%3DVwfUsWe%3DhsSA0!A86!A*%3DVs*0UA!J%3DhwVhseJW8%3DVwVU~s6W%3Dfs7yz8P!7W%3DfIs6P00PA!yp2!7W%3DlUg~ghnhIgs6S880z!yp2!7W%3DsWPyPeyPW!yp2!7W%3Ds*7PapJ707yz%3DVwUns8D6%3Dlspe!yz8P%3DfspWJ0Q%3DlUg~ghnhIgspk8%3DfsD2J7W%3DVwfUVsJG0A%3DVwVfVs6S7W%3DvmqZqT!7xl7UbS45h3*nCoWDT15sWye%3DPp6y!6esWkk!PA8k%3DGp06PsWkk%3DBpAkDHzsJW8ep8W%3DVsWp02%3DSH76DHUns6DJ8%3Ds17W%3DmT)Y8SJYgRnffUf~R~hfUfflsByk0%3DfsWeSy%3DhVsWD2J%3DVYfsPe8!S6PW%3D4VgsPe8!8Vg%3DVwV~nIU~~IRRllVVlgnsPe8!8fV%3DVwfUVghghlhfIgRIU~RsPe8!8fg%3DVwfRU~IR~VUf~UhnfUUsPe8!8UV%3DVwUnUU~RgIRRRUfUIfsPe8!8Ug%3DVwl~VllggRRUIfhIn~sPe8!8lV%3DVw~UUnRnlh~~n~flVR~sPe8!8lg%3DVwgffgVnhUVhgfR~IlsPe8!8~V%3DVwnVIUV~hIl~RI~~ngsPe8!8~g%3DVwIfn~RnhIfIfllUUhsPe8!8gV%3DVwhlhUgVgggnnnUVRgsPe8!8gg%3DVwRInUIhnVIIVggUgfsPe8!8nV%3Dfwf~glgnRVRVlUnRgUsPe8!8ng%3Dfwl~gnVgUh~~~nnUUUsPe8!8IV%3DfwgII~~lhhf~R~nh~lsPe8!8Ig%3DfwhhhR~g~gnIUU~UfhsPe8!8hV%3DUwl~~nllggffgUlRhsPe8!8hg%3DUwRhhffhnIUnglf~nnsPe8!8RV%3D~wUhhfIfV~gIUghUlsPe8!8Rg%3DIw~Rh~~fflnhUVhfRsPe8!8RR%3DUnwRlUUgngIVfnlVUs7Je%3DfsH6_%3DUsy26%3DfnV1nVV%7ClVV1nVVsJ6J%3DVsJ68%3DVsyk1%3DUlU&Hy*=V&kkk=S)D6(GCT4qQ%3D&7a=fnV&7HCGA=f&JWACW=~nV&J7W=l~RVng&keG=nIffR&zW68A=f&JpP=u1Pu2ppP1~&Qpy8AP=f&QpyJ7W=YfVU&epWDkp7H=y_jYB-e0Y-YLZB(~UYSSGWHg.)BU7vV(n4WlUz~CZeic.Li!QziD_2%3D%3D&z808=f&767W=g&pW*=CH*P6yDA%20EDeS6&66keA!*PA=g&827W=8VfnRlRlhnUIyUVUlffURUUg~&660W=%7B%226678%22%3A%22UVVf%3AVggV%3AfWVg%3AVVVV%3AVVVV%3AVVVV%3AVVVV%3AVVVV%22%2C%2266ee%22%3A%22MZ%22%2C%22666e%22%3A%22E-%22%2C%2266eyz%22%3A%22k7pk7%22%7D&Byk06Ae=f&sflct=8818102&ure=1
Frame ID: D15B2CF219094924C1AFBD37AB50610F
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: D52154093CBF6F990E87CDA61A74105D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 52BB7313C82D1DCE989DADCD84D43264
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 42F831CEE24F88DB94C101B0289D14AF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA4FE0A0CD87D8AD244D64E1380F4F38
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D6F23079FD62D740069CC4AE491D0FE2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Алиэкспресс на русском — сайт помощи покупателям

Page URL History Show full URLs

  1. https://aliexpress-kabinet-online.ru/ HTTP 301
    https://chinas-lafa.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?
Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

132
Requests

88 %
HTTPS

40 %
IPv6

27
Domains

35
Subdomains

21
IPs

5
Countries

1623 kB
Transfer

4232 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aliexpress-kabinet-online.ru/ HTTP 301
    https://chinas-lafa.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://aliexpress-lafa.ru/wp-content/uploads/2018/12/backly.png HTTP 301
  • https://chinas-lafa.ru/wp-content/uploads/2018/12/backly.png
Request Chain 59
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10202.v1YrRjYEWOsrOSVdXWw8ZiEr_ztck8p-sNbDC98W7Vu_jG6OIW2fKwUWi_wC0od8.FMrLficTG5JQ3AaTJjD3enfilaw%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10202.TzLcqSrkJJn6gBcZ9vbrWn1kFrjukhs-gOBdpaqtCciVWPBKS_iXDDTRc2C-befRNHs5l06uSCDbhuWnZ5ttMRDyoME8pJmv6_cl3SFi08ecpjAcTKL1vLu8_yc-46dQzpimIZ9_juymi0hxNk0cjWObQjIHQbndCvkCrACZmtArMIPzv-ixGIhTWySH7lJOMjDK08JklplUObUDE58MTXO0w7FgOwQbdqMl5c8yTyg%2C.cBpISG3yew4FpiJirFO4CJJYkl4%2C
Request Chain 72
  • https://mc.yandex.com/watch/61048837?wmode=7&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A4686%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A529155419484%3Ahid%3A913670721%3Az%3A-600%3Ai%3A20231129125436%3Aet%3A1701298476%3Ac%3A1%3Arn%3A122840434%3Arqn%3A1%3Au%3A1701298476983404994%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C343%2C348%2C1%2C2843%2C0%2C%2C671%2C0%2C%2C%2C%2C4877%3Aco%3A0%3Acpf%3A1%3Ans%3A1701298470568%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701298477%3At%3A%D0%90%D0%BB%D0%B8%D1%8D%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%E2%80%94%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%B8%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D0%B5%D0%BB%D1%8F%D0%BC&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/61048837/1?wmode=7&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A4686%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A529155419484%3Ahid%3A913670721%3Az%3A-600%3Ai%3A20231129125436%3Aet%3A1701298476%3Ac%3A1%3Arn%3A122840434%3Arqn%3A1%3Au%3A1701298476983404994%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C343%2C348%2C1%2C2843%2C0%2C%2C671%2C0%2C%2C%2C%2C4877%3Aco%3A0%3Acpf%3A1%3Ans%3A1701298470568%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701298477%3At%3A%D0%90%D0%BB%D0%B8%D1%8D%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%E2%80%94%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%B8%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D0%B5%D0%BB%D1%8F%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Request Chain 88
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CiRluLMFnZeP5C_rkvPIP6vmVyATwwozDdOaTvYz_EdvZHhABIPOJwzlgyYaAgNyjxBCgAZjkgu0pyAEJqQKa2VsA7m2yPqgDAcgDywSqBMMBT9D-nzi5mhqQjb4nNbDGR5F9Xx7zaAEhucfqcQreQTslK5TE4cHUwINfC68LrJ9Kb6txZzAINi59KIyzRZXHQgRCr9KybVKB-8uEAUjhwDuoCB5phl7ZG8l6rq8yUzJx_3gFPodsIB5dvwcAuJnSf8p8jyjGtVYhFmPYJGAnQ9NmmSWXCIx6Eza5ANiJ3itI5JJ5-t6o5_XZplf8yvTTgiSuUZdyrqs_tgM9KWA0urHb93-yChCZ4iTmYLMtK0IXljgxwATp1u7_vQSIBbjv5YFNkgUECAQYAZIFBAgFGASgBi6AB5ic08wEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQhowE0ggdCIBhEAEYHzICigI6AoBASL39wTpYmITS2qbqggOaCXRodHRwczovL215aGVhbHRoY3JlZGl0ZmluZGVyLmNvbS9yYi1yZzg4di9wMy1hc3EyMWViMGx2Mi8_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jYW1wYWlnbj0xNDAwdmVyMYAKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKENCm15Ky8faWURICAQO4E-QD2BMMiBQE0BUBgBcBshccChoIABIUcHViLTU5NjExMjE0OTQ4MTIxMTMYAA&sigh=-Hg1FQDmdxU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNubsYsL3BNvgI1U4DZrXviwX48RUIv9dZdQDQck4mFqqfFBKbheTG_BbgpD4xBnacmufxKykU6POesgyakHbI61EevyEwCc-xwxgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x62a09530f185f87c0000000000000000%22,%222%22:%220x6f027eebc45d182a0000000000000000%22,%223%22:%220x54c6af360b6fff430000000000000000%22,%224%22:%220x53126ae01dc34ee40000000000000000%22,%225%22:%220x88ce573ae7a689390000000000000000%22},%22debug_key%22:%227277670720732311197%22,%22debug_reporting%22:true,%22destination%22:%22https://myhealthcreditfinder.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211234488856%22],%224%22:[%2211-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229526556453439648097%22}&andc=true
Request Chain 112
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ0MzAwMDc4MTUyMzU0NTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMxZPxgx6GCJLMw9f5iii4w&google_cver=1
Request Chain 114
  • https://px.owneriq.net/ecmg?google_gid=CAESEBnnvZZx1VWeN5o8kzoWZJk&google_cver=1&google_push=AXcoOmRp1byikQp0NudIdPDtO45OfAttWeK8OvPlXsdxFNoOkAmPV1R98I4Z7Mzu9L6bT5jxzrIEkiac5FkezT410EvEHbF6X2IE HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmRp1byikQp0NudIdPDtO45OfAttWeK8OvPlXsdxFNoOkAmPV1R98I4Z7Mzu9L6bT5jxzrIEkiac5FkezT410EvEHbF6X2IE%26google_cver%3d1%26google_gid%3dCAESEBnnvZZx1VWeN5o8kzoWZJk%26google_hm%3dUTc1NDU4NDg3ODEzNzcyMjE4NTE%3d&uid=Q7545848781377221851&ref=%2Fecmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmRp1byikQp0NudIdPDtO45OfAttWeK8OvPlXsdxFNoOkAmPV1R98I4Z7Mzu9L6bT5jxzrIEkiac5FkezT410EvEHbF6X2IE&google_cver=1&google_gid=CAESEBnnvZZx1VWeN5o8kzoWZJk&google_hm=UTc1NDU4NDg3ODEzNzcyMjE4NTE=
Request Chain 115
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEDvv0ajGUx7C7f4Ah6oKnvQ&google_cver=1&google_push=AXcoOmQeewR9N3fGbcIv0wIk38E-fKOJP_MbcGNf6Ho6SG-0107IglQG6hIxFlh3rM4pbU5fzRrWRLB_-cuZcKFwqIZzDybZFN0Zvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZWU4YTJjMzUtOGZjMi00YTI1LWI2OTEtMmEwOWZjMGM0NTY5&google_gid=CAESEDvv0ajGUx7C7f4Ah6oKnvQ&google_cver=1&google_push=AXcoOmQeewR9N3fGbcIv0wIk38E-fKOJP_MbcGNf6Ho6SG-0107IglQG6hIxFlh3rM4pbU5fzRrWRLB_-cuZcKFwqIZzDybZFN0Zvw
Request Chain 118
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEOjwF-Qgc91H4ZrgdKwlHb0&google_cver=1&google_push=AXcoOmSYuLLffO8QIXx6AbIgJ4iEpqBmkIlLu09WMk4GmUx0XbQufsdq2I4HjB_s6YYTVe3VQ4Nwmv-Lxg1I_rjGppvTZsRGOEumIg HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEOjwF-Qgc91H4ZrgdKwlHb0&google_cver=1&google_push=AXcoOmSYuLLffO8QIXx6AbIgJ4iEpqBmkIlLu09WMk4GmUx0XbQufsdq2I4HjB_s6YYTVe3VQ4Nwmv-Lxg1I_rjGppvTZsRGOEumIg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=jX2UqW4TTA6EzYReXwudHw==&no_redirect=1&google_push=AXcoOmSYuLLffO8QIXx6AbIgJ4iEpqBmkIlLu09WMk4GmUx0XbQufsdq2I4HjB_s6YYTVe3VQ4Nwmv-Lxg1I_rjGppvTZsRGOEumIg
Request Chain 119
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKNPBAWorbOE9_GZ29njSdo&google_cver=1&google_push=AXcoOmSRZYH-32It0HWYPBSk5mb1dTvnHS3HI5qyyyyUbFrdsYfnX6vf3_DSou7zToD2rjX73AiSiLqynO8-p4_nHzEnp00sniJukw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZDg3MzBlMGItNGZhNy00MTMxLTg3YTgtOWZjZTA5YTkxNmI3&google_push=AXcoOmSRZYH-32It0HWYPBSk5mb1dTvnHS3HI5qyyyyUbFrdsYfnX6vf3_DSou7zToD2rjX73AiSiLqynO8-p4_nHzEnp00sniJukw HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ0MzAwMDc4MTUyMzU5OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMxZPxgx6GCJLMw9f5iii4w&google_cver=1
Request Chain 122
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJTX84VRIZs3sF4jRdlfHgQ&google_cver=1&google_push=AXcoOmT26xinrEVFuYiHXZlqvA846PZdx5VDSIR-bf04L3rA7lKd2eZU9FfHNqS8U2UJDySbWVoP-d72VnvjXmSe3nkRjn78KWvGUw HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=64c6a3b842001393&is_secure=true&networkId=14000&version=1&google_gid=CAESEJTX84VRIZs3sF4jRdlfHgQ&google_cver=1&google_push=AXcoOmT26xinrEVFuYiHXZlqvA846PZdx5VDSIR-bf04L3rA7lKd2eZU9FfHNqS8U2UJDySbWVoP-d72VnvjXmSe3nkRjn78KWvGUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHd2LRJGNgkAMAApoNAAAAAAA&expiration=1701384879&google_cver=1&is_secure=true&google_gid=CAESEJTX84VRIZs3sF4jRdlfHgQ&google_push=AXcoOmT26xinrEVFuYiHXZlqvA846PZdx5VDSIR-bf04L3rA7lKd2eZU9FfHNqS8U2UJDySbWVoP-d72VnvjXmSe3nkRjn78KWvGUw
Request Chain 123
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOEpd1GQosoQnCJj41XVNrM&google_cver=1&google_push=AXcoOmT2rGgkaoIXtBThxCP-xhKw8XbsPA5NxIhEWtc0clOe6MeZ5q4k4-7bQt_QpomAfskW5S9zUp3H4o_mrgoBlTbvPgOiQ2ldQA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT2rGgkaoIXtBThxCP-xhKw8XbsPA5NxIhEWtc0clOe6MeZ5q4k4-7bQt_QpomAfskW5S9zUp3H4o_mrgoBlTbvPgOiQ2ldQA
Request Chain 124
  • https://a.c.appier.net/gcm?google_gid=CAESECfLjYKxz6R6d9-2VukZWiQ&google_cver=1&google_push=AXcoOmRNbATMNtJveNV-h8htA_LD-m0VurVCZrwEt0wRIj75tAsaLs1ywK-Es2XL3kyqAIajopgwPUhkXg8s8t-dL--MY_lx-qpz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=SjhuQ2U4WGhBUzJjYnZkdkw4Rm5aUQ%3D%3D&google_push=AXcoOmRNbATMNtJveNV-h8htA_LD-m0VurVCZrwEt0wRIj75tAsaLs1ywK-Es2XL3kyqAIajopgwPUhkXg8s8t-dL--MY_lx-qpz
Request Chain 126
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAcv77vtWLkTUpvQCP9Piy8&google_cver=1&google_push=AXcoOmQwy2WJ3zBF_gaHAmb3h4vDWBFVI6YPgHud5xLDrfY8JZtX8WLG5ja5e_1K65dTRSnBdm8UANw0S1KPKtEPuu1I9DhdUYURyQ HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAcv77vtWLkTUpvQCP9Piy8&google_push=AXcoOmQwy2WJ3zBF_gaHAmb3h4vDWBFVI6YPgHud5xLDrfY8JZtX8WLG5ja5e_1K65dTRSnBdm8UANw0S1KPKtEPuu1I9DhdUYURyQ&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQwy2WJ3zBF_gaHAmb3h4vDWBFVI6YPgHud5xLDrfY8JZtX8WLG5ja5e_1K65dTRSnBdm8UANw0S1KPKtEPuu1I9DhdUYURyQ&google_hm=Tk5mU3VtUTVtbktRUmYwdlBqREw=
Request Chain 127
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECwBBzXRl58UsXZe8GV4oco&google_cver=1&google_push=AXcoOmSAg4QXvmRqlkmR-WzSjXbB6fBlUHjDnCVmiOjt-oHAZQbT6CC0myBzopauvW-iXECm8JX1NOGwTY8Upd2mi4148L92J61L_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSAg4QXvmRqlkmR-WzSjXbB6fBlUHjDnCVmiOjt-oHAZQbT6CC0myBzopauvW-iXECm8JX1NOGwTY8Upd2mi4148L92J61L_g
Request Chain 128
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRlQcrPKvHkOzkhh7AWJRAYm77k9wRqh6PcYGuWeLpBOibAjkhGsAI05BRRFsFIH2LUM7vu6uAGt1Cuqv0hdQZwlG8SaS9O6Fs&google_gid=CAESEM9PYBZV58YuApnGWUTW1mA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM9PYBZV58YuApnGWUTW1mA&google_hm=T1BVMWRiMjJlMGY2ZTIxNDY4YWFiZDYyM2Q1NGFjZjllMDE&google_nid=opera_norway_as&google_push=AXcoOmRlQcrPKvHkOzkhh7AWJRAYm77k9wRqh6PcYGuWeLpBOibAjkhGsAI05BRRFsFIH2LUM7vu6uAGt1Cuqv0hdQZwlG8SaS9O6Fs

132 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
chinas-lafa.ru/
Redirect Chain
  • https://aliexpress-kabinet-online.ru/
  • https://chinas-lafa.ru/
116 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
cb5ebf36fe15981a9b6f5810c87d1db6d870767146f8582f582a2420edee799d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 22:54:33 GMT
last-modified
Wed, 29 Nov 2023 16:35:23 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
162
content-type
text/html
date
Wed, 29 Nov 2023 22:54:32 GMT
location
https://chinas-lafa.ru
server
nginx
wc-blocks-vendors-style-5879503df6db87473470b138e49fcc23.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style-5879503df6db87473470b138e49fcc23.css
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
4a25eb6972f4a513da7ead5d8c0f74832ed42b1ae5e1f13ed3ea36f0865a59c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
content-encoding
gzip
last-modified
Thu, 26 Jan 2023 15:15:12 GMT
server
nginx
etag
W/"63d29900-28c3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
wc-blocks-style-5b82df54451145d470af4e7c2a8548fa.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 		239 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style-5b82df54451145d470af4e7c2a8548fa.css
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
9cab18dfde5e759ec0150d15909fed33098e3998dbdb6c6c3f2e680eaf42a236

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
content-encoding
gzip
last-modified
Thu, 26 Jan 2023 15:15:12 GMT
server
nginx
etag
W/"63d29900-3ba31"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
classic-themes.min.css
chinas-lafa.ru/wp-includes/css/ 		217 B
391 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-includes/css/classic-themes.min.css
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
last-modified
Sat, 14 Jan 2023 05:35:59 GMT
server
nginx
etag
"63c23f3f-d9"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
217
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles-6b41df7c82e49d100abdba2f1bceb370.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/contact-form-7/includes/css/styles-6b41df7c82e49d100abdba2f1bceb370.css
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
76ae9cfefc587779be483adfc76d0d3406e5bcef31c2005dac224bd5e1079841

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
content-encoding
gzip
last-modified
Thu, 26 Jan 2023 15:15:12 GMT
server
nginx
etag
W/"63d29900-8f8"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.min.css
chinas-lafa.ru/wp-content/plugins/expert-review/assets/public/css/ 		100 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/plugins/expert-review/assets/public/css/styles.min.css
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
a980b0b6b4b4f9cfdb443b03cc7d00e2a9ace7bbbb5c3d1bbd1064ec80339a59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
content-encoding
gzip
last-modified
Thu, 26 Aug 2021 16:38:41 GMT
server
nginx
etag
W/"6127c391-18fef"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
woocommerce-layout-d3556967b5f2a3743d20361bd65d4544.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-layout-d3556967b5f2a3743d20361bd65d4544.css
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
d1d3bda3abb4a198ac62f317ba910adede1affc22020165d7f2919a46f6c481f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
content-encoding
gzip
last-modified
Thu, 26 Jan 2023 15:15:12 GMT
server
nginx
etag
W/"63d29900-458f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
woocommerce-smallscreen-831476ff0ea4ff5ecffe89b7180c7688.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen-831476ff0ea4ff5ecffe89b7180c7688.css
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
3ddf90d6f5bc7849f1b0840de0475a0506924a1c770f325934f5ea8a87e270a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
content-encoding
gzip
last-modified
Thu, 26 Jan 2023 15:15:12 GMT
server
nginx
etag
W/"63d29900-1b81"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
woocommerce-6b8fcf5dd8d28739be6aae0448496d31.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/ 		62 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/woocommerce/assets/css/woocommerce-6b8fcf5dd8d28739be6aae0448496d31.css
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
4ba56e2af3a3cfc4a267c21e8b77e1e6f5d34b3c663be871eb8b1dd9d4094607

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
content-encoding
gzip
last-modified
Thu, 26 Jan 2023 15:15:12 GMT
server
nginx
etag
W/"63d29900-f8fd"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
wpp-3d9c41dcd095c9b189c9b9db243a4ccd.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/wordpress-popular-posts/assets/css/ 		292 B
466 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/wordpress-popular-posts/assets/css/wpp-3d9c41dcd095c9b189c9b9db243a4ccd.css
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
6b67b2995f11a31d6c53e0b447c49c7db7e40a771a18eadeb8f8f5720fa78327

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
last-modified
Thu, 26 Jan 2023 15:15:12 GMT
server
nginx
etag
"63d29900-124"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
292
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
626c91a33d665410e0e0cfbca6f571dc84132a5271a4d8db5eab22511e031e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 22:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 22:54:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 22:54:34 GMT
style.min.css
chinas-lafa.ru/wp-content/themes/root/assets/css/ 		163 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/themes/root/assets/css/style.min.css
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
bb634caf818dca49be8d3dc845f77ddd0b9b7871f3d3184a0e9a110bb45b8e9f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
content-encoding
gzip
last-modified
Sat, 14 Jan 2023 06:41:27 GMT
server
nginx
etag
W/"63c24e97-28a9a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
app-5b1b611d9890590e817c782ca7274fc4.css
chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/simple-lightbox/client/css/ 		230 B
404 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/cache/min/1/wp-content/plugins/simple-lightbox/client/css/app-5b1b611d9890590e817c782ca7274fc4.css
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
a72972ba5538156db48b6714082da0291d6098067f3d652ca9cc5dcd4ca3485f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
last-modified
Thu, 26 Jan 2023 15:15:12 GMT
server
nginx
etag
"63d29900-e6"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
230
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
chinas-lafa.ru/wp-content/plugins/wp-coupons-and-deals/assets/css/dist/ 		71 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/plugins/wp-coupons-and-deals/assets/css/dist/style.min.css
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
798b29407614413f2456386987e82e4f090d486596674d35e7f163beb9102935

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
content-encoding
gzip
last-modified
Sat, 14 Jan 2023 05:38:58 GMT
server
nginx
etag
W/"63c23ff2-11a9e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
chinas-lafa.ru/wp-content/themes/root_child/ 		266 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/themes/root_child/style.css
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
052896930d987cb9c366d2fadbd2e8744cf4d5939d2e947f2047fdb64aabf620

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
last-modified
Sat, 19 Feb 2022 07:31:12 GMT
server
nginx
etag
"62109cc0-10a"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
266
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
chinas-lafa.ru/wp-includes/js/jquery/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-includes/js/jquery/jquery.min.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
content-encoding
gzip
last-modified
Sat, 14 Jan 2023 05:35:59 GMT
server
nginx
etag
W/"63c23f3f-15e54"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
wpp.min.js
chinas-lafa.ru/wp-content/plugins/wordpress-popular-posts/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 17:01:06 GMT
server
nginx
etag
W/"6325fd52-bd7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
chinas-lafa.ru/wp-content/plugins/wp-coupons-and-deals/assets/js/ 		31 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/plugins/wp-coupons-and-deals/assets/js/main.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
7743f39ddc516c5d0540ce147ac3ba086974ec1dda39ef4fbb87b3a7915fb021

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
content-encoding
gzip
last-modified
Sat, 14 Jan 2023 05:38:58 GMT
server
nginx
etag
W/"63c23ff2-7cee"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.ttf
chinas-lafa.ru/wp-content/themes/root/fonts/ 		162 KB
162 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/themes/root/fonts/fontawesome-webfont.ttf
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

Referer
https://chinas-lafa.ru/
Origin
https://chinas-lafa.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
last-modified
Sat, 14 Jan 2023 06:41:27 GMT
server
nginx
accept-ranges
bytes
etag
"63c24e97-286ac"
content-length
165548
content-type
application/octet-stream
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b676e6c50eb7fc4bcc5b24771069ded4a70dc2d8269f40a10831b3a2a6c4b8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52955
x-xss-protection
0
server
cafe
etag
6381213645340722969
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 22:54:35 GMT
fontawesome-webfont.woff2
chinas-lafa.ru/wp-content/themes/root/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://chinas-lafa.ru/
Origin
https://chinas-lafa.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:33 GMT
last-modified
Sat, 14 Jan 2023 06:41:27 GMT
server
nginx
accept-ranges
bytes
etag
"63c24e97-12d68"
content-length
77160
content-type
font/woff2
index.js
chinas-lafa.ru/wp-content/plugins/contact-form-7/includes/swv/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/plugins/contact-form-7/includes/swv/js/index.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
content-encoding
gzip
last-modified
Sat, 14 Jan 2023 06:30:38 GMT
server
nginx
etag
W/"63c24c0e-2945"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.js
chinas-lafa.ru/wp-content/plugins/contact-form-7/includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
content-encoding
gzip
last-modified
Sat, 14 Jan 2023 06:30:38 GMT
server
nginx
etag
W/"63c24c0e-316c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.min.js
chinas-lafa.ru/wp-content/plugins/expert-review/assets/public/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/plugins/expert-review/assets/public/js/scripts.min.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
68d17341a90b4af7400a9096afe504bf2d21bf378c5f3e594436dbba105afe84

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
content-encoding
gzip
last-modified
Thu, 26 Aug 2021 16:38:41 GMT
server
nginx
etag
W/"6127c391-2f87"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.blockUI.min.js
chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
content-encoding
gzip
last-modified
Sat, 14 Jan 2023 05:38:40 GMT
server
nginx
etag
W/"63c23fe0-2521"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
js.cookie.min.js
chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/js-cookie/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
content-encoding
gzip
last-modified
Sat, 14 Jan 2023 05:38:40 GMT
server
nginx
etag
W/"63c23fe0-72a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
woocommerce.min.js
chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/frontend/ 		2 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
content-encoding
gzip
last-modified
Sat, 14 Jan 2023 05:38:40 GMT
server
nginx
etag
W/"63c23fe0-85b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
cart-fragments.min.js
chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
content-encoding
gzip
last-modified
Sat, 14 Jan 2023 05:38:40 GMT
server
nginx
etag
W/"63c23fe0-b7a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.min.js
chinas-lafa.ru/wp-content/themes/root/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/themes/root/assets/js/scripts.min.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
content-encoding
gzip
last-modified
Sat, 14 Jan 2023 06:41:27 GMT
server
nginx
etag
W/"63c24e97-1d5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
clipboard.min.js
chinas-lafa.ru/wp-includes/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-includes/js/clipboard.min.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
700c8bd73d93522ca53cdc35e2a71e96caf7c344bc7a8391f3af90c10b917033

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
content-encoding
gzip
last-modified
Sat, 14 Jan 2023 05:35:59 GMT
server
nginx
etag
W/"63c23f3f-2331"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
lazyload.min.js
chinas-lafa.ru/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
content-encoding
gzip
last-modified
Sat, 17 Jul 2021 07:07:59 GMT
server
nginx
etag
W/"60f281cf-15d1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1259e384f61c72a215e1c9b25c3cbc9d42d98c7ac4cb2fb290fc34ab6cc58bd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43f9c247438df69c6c2bc91f8267dde1862558c1032a04148838e324fb42f7e1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7be2fc598e2bb1478e0800c4af94de1811ce909e79b9ef67324b51843073aafb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ae732203f63d8eec2a0f935869470b71b5644926c8d13d898ec7dd109918dc4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
tag.js
mc.yandex.ru/metrika/ 		200 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
c3d606568f389989dd02561ca2b0d20d29eeb477ed633a690a518879748f487a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 24 Nov 2023 08:37:03 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"656060af-113c3"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70595
expires
Wed, 29 Nov 2023 23:54:35 GMT
backly.png
chinas-lafa.ru/wp-content/uploads/2018/12/
Redirect Chain
  • https://aliexpress-lafa.ru/wp-content/uploads/2018/12/backly.png
  • https://chinas-lafa.ru/wp-content/uploads/2018/12/backly.png
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chinas-lafa.ru/wp-content/uploads/2018/12/backly.png
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
18d776fb6668d0ef688694a98545815994f4308db2cd10a7ea1649de0dc28f35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:35 GMT
last-modified
Mon, 16 Mar 2020 11:18:27 GMT
server
nginx
etag
"5e6f6083-20a7"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8359
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://chinas-lafa.ru/wp-content/uploads/2018/12/backly.png
date
Wed, 29 Nov 2023 22:54:36 GMT
server
nginx-reuseport/1.21.1
content-length
350
content-type
text/html; charset=iso-8859-1
truncated
/ 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		966 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d6b8ecb2f70ad50610c2956c63e8b068d64b18b39ab2d3736fa5a81c8a2cac9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		541 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cc98d8e92a98749ce2cc2ecfd5cba57cdffa8e04048f66785646ddd3a2d6f75

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2c52a5a147e63e95afb2e063a0af8dc27e920bb027b2b8b1ffe1867bc8fb5b3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chinas-lafa.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 20:59:48 GMT
x-content-type-options
nosniff
age
6887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 20:59:48 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chinas-lafa.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:29:53 GMT
x-content-type-options
nosniff
age
131082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Nov 2024 10:29:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chinas-lafa.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:15:05 GMT
x-content-type-options
nosniff
age
95970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Nov 2024 20:15:05 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chinas-lafa.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 02:12:36 GMT
x-content-type-options
nosniff
age
74519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 02:12:36 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://chinas-lafa.ru
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 00:25:10 GMT
x-content-type-options
nosniff
age
80965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5560
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 00:25:10 GMT
/
chinas-lafa.ru/ 		260 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://chinas-lafa.ru/?wc-ajax=get_refreshed_fragments
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
307a4591edefbe1dc23df1c2e891454e4e908b771d881f6cc3e19c54942bf575

Request headers

Accept
*/*
Referer
https://chinas-lafa.ru/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:35 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
LafaLogo-e1546191454950.png
chinas-lafa.ru/wp-content/uploads/2018/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chinas-lafa.ru/wp-content/uploads/2018/12/LafaLogo-e1546191454950.png
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
a10283381ca468005bdfb498c8ee591c121f8b64a93eade5fdb762ca2ad8bd80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
last-modified
Mon, 16 Mar 2020 11:18:27 GMT
server
nginx
etag
"5e6f6083-653"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1619
expires
Thu, 31 Dec 2037 23:55:55 GMT
screenshot_3-330x140.png
chinas-lafa.ru/wp-content/uploads/2021/10/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chinas-lafa.ru/wp-content/uploads/2021/10/screenshot_3-330x140.png
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
780d7ba204df4bf6e7eeac03ffd0c7520ee2113aa39fdd521f03c4909f8ff200

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
last-modified
Thu, 28 Oct 2021 05:47:02 GMT
server
nginx
etag
"617a3956-6c1b"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
27675
expires
Thu, 31 Dec 2037 23:55:55 GMT
screenshot_3-330x140.png
chinas-lafa.ru/wp-content/uploads/2021/08/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chinas-lafa.ru/wp-content/uploads/2021/08/screenshot_3-330x140.png
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
2b47ce393ee927d93c3f2f7294f5b467e8662cba5c61e98f91761b96764b3c9c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
last-modified
Fri, 20 Aug 2021 13:57:08 GMT
server
nginx
etag
"611fb4b4-5787"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
22407
expires
Thu, 31 Dec 2037 23:55:55 GMT
meyzu-330x140.jpg
chinas-lafa.ru/wp-content/uploads/2021/04/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chinas-lafa.ru/wp-content/uploads/2021/04/meyzu-330x140.jpg
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
0e01cb2c163c8cca3deba719e4e5620244fd231cb641a2f6fb787e2201c91f9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
last-modified
Tue, 13 Apr 2021 14:28:08 GMT
server
nginx
etag
"6075aa78-1112"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4370
expires
Thu, 31 Dec 2037 23:55:55 GMT
dooling-330x140.jpg
chinas-lafa.ru/wp-content/uploads/2021/04/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chinas-lafa.ru/wp-content/uploads/2021/04/dooling-330x140.jpg
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
f4bf6742a3b2dbbbbbb39be2ce47b2940ae05774099b714911e2d57f5dba857e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
last-modified
Tue, 13 Apr 2021 13:57:50 GMT
server
nginx
etag
"6075a35e-138b"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5003
expires
Thu, 31 Dec 2037 23:55:55 GMT
Markery-shop5575131-store-330x140.jpg
chinas-lafa.ru/wp-content/uploads/2021/03/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chinas-lafa.ru/wp-content/uploads/2021/03/Markery-shop5575131-store-330x140.jpg
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
986c8a6074a6717f62e027cb56a312c44b713d8d2b1d6e8572ba093b790ea3ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
last-modified
Sun, 28 Mar 2021 09:06:18 GMT
server
nginx
etag
"6060470a-4bf5"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
19445
expires
Thu, 31 Dec 2037 23:55:55 GMT
bobot-330x140.jpg
chinas-lafa.ru/wp-content/uploads/2021/04/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chinas-lafa.ru/wp-content/uploads/2021/04/bobot-330x140.jpg
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
9ce833bc46f70606effbdcbe468c005d00d546f0b51e5fc5c6b2089ba3fed3ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
last-modified
Sun, 04 Apr 2021 08:40:37 GMT
server
nginx
etag
"60697b85-22ac"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8876
expires
Thu, 31 Dec 2037 23:55:55 GMT
hb305ef3fd434437c8e75007ad24a7529r.png
chinas-lafa.ru/wp-content/uploads/2020/10/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chinas-lafa.ru/wp-content/uploads/2020/10/hb305ef3fd434437c8e75007ad24a7529r.png
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.64.72 Moscow, Russian Federation, ASN12722 (RECONN, RU),
Reverse DNS
cabinet-moneyman.ru
Software
nginx /
Resource Hash
bc3d3b23ecf6cbb7b5b0654e17b7dd3fe3280f35829712c9fcd485829a0d4108

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:34 GMT
last-modified
Wed, 28 Oct 2020 06:27:53 GMT
server
nginx
etag
"5f990f69-a96d"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43373
expires
Thu, 31 Dec 2037 23:55:55 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079811
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76f02c28609ddc4f6dc55db428dd029fe4689db1d9ccf3f22c85f4664619e69c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137242
x-xss-protection
0
server
cafe
etag
10066804456316185013
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 22:54:35 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/ Frame 1D64 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chinas-lafa.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 21:50:59 GMT
etag
12051592065903069241
expires
Wed, 13 Dec 2023 21:50:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DC67 		49 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&adk=1812271804&adf=3025194257&lmt=1701275723&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475709&bpp=34&bdt=1251&idt=370&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=752623355864&frm=20&pv=2&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=411
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
657a26dfdb65aeb2f4ac85a1ae635a2e3c6cc6d34ca3c4bc9da965f84377cdf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chinas-lafa.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
6237
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 22:54:36 GMT
expires
Wed, 29 Nov 2023 22:54:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8250 		124 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2498843383&pi=t.aa~a.1647758531~rp.1&w=1090&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475743&bpp=3&bdt=1285&idt=383&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=388
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82059101f1e50730e7f6ba4cc7007c94d4e42171b9e5265f62a2e1a1da81d9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chinas-lafa.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41675
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 22:54:36 GMT
expires
Wed, 29 Nov 2023 22:54:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10202.v1YrRjYEWOsrOSVdXWw8ZiEr_ztck8p-sNbDC98W7Vu_jG6OIW2fKwUWi_wC0od8.FMrLficTG5JQ3AaTJjD3enfilaw%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10202.TzLcqSrkJJn6gBcZ9vbrWn1kFrjukhs-gOBdpaqtCciVWPBKS_iXDDTRc2C-befRNHs5l06uSCDbhuWnZ5ttMRDyoME8pJmv6_cl3SFi08ecpjAcTKL1vLu8_yc-46dQzpimIZ9_ju...
43 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10202.TzLcqSrkJJn6gBcZ9vbrWn1kFrjukhs-gOBdpaqtCciVWPBKS_iXDDTRc2C-befRNHs5l06uSCDbhuWnZ5ttMRDyoME8pJmv6_cl3SFi08ecpjAcTKL1vLu8_yc-46dQzpimIZ9_juymi0hxNk0cjWObQjIHQbndCvkCrACZmtArMIPzv-ixGIhTWySH7lJOMjDK08JklplUObUDE58MTXO0w7FgOwQbdqMl5c8yTyg%2C.cBpISG3yew4FpiJirFO4CJJYkl4%2C
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:36 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10202.TzLcqSrkJJn6gBcZ9vbrWn1kFrjukhs-gOBdpaqtCciVWPBKS_iXDDTRc2C-befRNHs5l06uSCDbhuWnZ5ttMRDyoME8pJmv6_cl3SFi08ecpjAcTKL1vLu8_yc-46dQzpimIZ9_juymi0hxNk0cjWObQjIHQbndCvkCrACZmtArMIPzv-ixGIhTWySH7lJOMjDK08JklplUObUDE58MTXO0w7FgOwQbdqMl5c8yTyg%2C.cBpISG3yew4FpiJirFO4CJJYkl4%2C
date
Wed, 29 Nov 2023 22:54:36 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:36 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 24 Nov 2023 08:37:03 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"656060af-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 29 Nov 2023 23:54:36 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 872C 		61 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14505cc3b38fab4c87eaf797f97a5facc911f2d7b2bebd1d836361ec13bf7464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chinas-lafa.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
22740
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 22:54:37 GMT
expires
Wed, 29 Nov 2023 22:54:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 75FC 		61 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c37ba4eb2e6ae2274456168da05b51cde1b105c23701e964ed94c540112fb6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chinas-lafa.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
22707
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 22:54:37 GMT
expires
Wed, 29 Nov 2023 22:54:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 8250 		4 KB
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2498843383&pi=t.aa~a.1647758531~rp.1&w=1090&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475743&bpp=3&bdt=1285&idt=383&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 22:54:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 22:26:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 22:54:36 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/14941946159203647343/ Frame 8250 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14941946159203647343/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2498843383&pi=t.aa~a.1647758531~rp.1&w=1090&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475743&bpp=3&bdt=1285&idt=383&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c74bae6ef0147b55ed0ae55145c3506adc2d8aedc09ba9f7ec1f9e694f78806f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:36 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21315
x-xss-protection
0
last-modified
Sun, 22 Oct 2023 14:57:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Nov 2024 22:54:36 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 8250 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2498843383&pi=t.aa~a.1647758531~rp.1&w=1090&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475743&bpp=3&bdt=1285&idt=383&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:55:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
3548
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:55:28 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/ Frame 8250 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2498843383&pi=t.aa~a.1647758531~rp.1&w=1090&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475743&bpp=3&bdt=1285&idt=383&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:49:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
3909
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:49:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 8250 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2498843383&pi=t.aa~a.1647758531~rp.1&w=1090&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475743&bpp=3&bdt=1285&idt=383&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
3930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:49:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 8250 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2498843383&pi=t.aa~a.1647758531~rp.1&w=1090&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475743&bpp=3&bdt=1285&idt=383&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
3930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:49:06 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8250 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2498843383&pi=t.aa~a.1647758531~rp.1&w=1090&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475743&bpp=3&bdt=1285&idt=383&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 22:54:36 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 8250 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2498843383&pi=t.aa~a.1647758531~rp.1&w=1090&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475743&bpp=3&bdt=1285&idt=383&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 20:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 19:21:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 27 Feb 2024 20:48:32 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/13004654108247536574/ Frame 8250 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13004654108247536574/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2498843383&pi=t.aa~a.1647758531~rp.1&w=1090&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475743&bpp=3&bdt=1285&idt=383&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7c6218c2f3cb9422a9e031a42438ef3a05cd18b14b6373f38768ba7fc74f5c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 20:09:29 GMT
x-content-type-options
nosniff
age
9907
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2604
x-xss-protection
0
last-modified
Sun, 22 Oct 2023 14:54:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Nov 2024 20:09:29 GMT
1
mc.yandex.com/watch/61048837/
Redirect Chain
  • https://mc.yandex.com/watch/61048837?wmode=7&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A4686%3Afu%3A0%3Aen%3Aut...
  • https://mc.yandex.com/watch/61048837/1?wmode=7&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A4686%3Afu%3A0%3Aen%3A...
446 B
613 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/61048837/1?wmode=7&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A4686%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A529155419484%3Ahid%3A913670721%3Az%3A-600%3Ai%3A20231129125436%3Aet%3A1701298476%3Ac%3A1%3Arn%3A122840434%3Arqn%3A1%3Au%3A1701298476983404994%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C343%2C348%2C1%2C2843%2C0%2C%2C671%2C0%2C%2C%2C%2C4877%3Aco%3A0%3Acpf%3A1%3Ans%3A1701298470568%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701298477%3At%3A%D0%90%D0%BB%D0%B8%D1%8D%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%E2%80%94%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%B8%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D0%B5%D0%BB%D1%8F%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
dc4d8e5497c9e81b79e3e68a025de8e8f6ee274a7ab0c7e8e3ba9492b4038699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 29-Nov-2023 22:54:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chinas-lafa.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
446
x-xss-protection
1; mode=block
expires
Wed, 29-Nov-2023 22:54:37 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:36 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 29-Nov-2023 22:54:36 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/61048837/1?wmode=7&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A4686%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A529155419484%3Ahid%3A913670721%3Az%3A-600%3Ai%3A20231129125436%3Aet%3A1701298476%3Ac%3A1%3Arn%3A122840434%3Arqn%3A1%3Au%3A1701298476983404994%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C343%2C348%2C1%2C2843%2C0%2C%2C671%2C0%2C%2C%2C%2C4877%3Aco%3A0%3Acpf%3A1%3Ans%3A1701298470568%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701298477%3At%3A%D0%90%D0%BB%D0%B8%D1%8D%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%E2%80%94%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%B8%20%D0%BF%D0%BE%D0%BA%D1%83%D0%BF%D0%B0%D1%82%D0%B5%D0%BB%D1%8F%D0%BC&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://chinas-lafa.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 29-Nov-2023 22:54:36 GMT
truncated
/ Frame 8250 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a3ab3dc67452b3556e11f903bbab3977553291ed0bbf31154c80f9ef2ace7c5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
nmedianet.js
contextual.media.net/ Frame 34E8 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.52.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-52-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a2fa7ccfc798a768333af017073fa5dfe47408797b0c2c1f25f6b36dfc60c120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-mnt-h
22-5h9m
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 29 Nov 2023 22:54:37 GMT
server
Apache
etag
"65ccbe65106597c75dc73f1e5db47124"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-5h9m
timing-allow-origin
*
content-length
38718
expires
Wed, 29 Nov 2023 22:59:37 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 34E8 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Wed, 29 Nov 2023 22:54:37 GMT
x-guploader-uploadid
ABPtcPrHbBlvEvxV9JZPdIuPUtSPCyDx2B_gprnpiJvmF4oXtmicvDd_rZM-PbNyxluXDNTlTynqrlmceQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Wed, 29 Nov 2023 23:54:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 34E8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
3931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:49:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame 34E8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
3931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:49:06 GMT
l
www.google.com/ads/measurement/ Frame 34E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaShFi4miQlecHX2J40NLHq6MGqJh9QBDbG_SPoha77auLKmc39L1vwIApr8Q_TheVH19pO9DU_wqOdUT4GCema6FrFPow
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 34E8 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 22:54:37 GMT
nmedianet.js
contextual.media.net/ Frame C0F8 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.52.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-52-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
04b5d10fd9260d945cb159618a98c72e15b16ec1c3a9979e037a3d290a2df2b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-mnt-h
22-5h9m
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 29 Nov 2023 22:54:37 GMT
server
Apache
etag
"65ccbe65106597c75dc73f1e5db47124"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-5h9m
timing-allow-origin
*
content-length
38719
expires
Wed, 29 Nov 2023 22:59:37 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame C0F8 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Wed, 29 Nov 2023 22:54:37 GMT
x-guploader-uploadid
ABPtcPrHbBlvEvxV9JZPdIuPUtSPCyDx2B_gprnpiJvmF4oXtmicvDd_rZM-PbNyxluXDNTlTynqrlmceQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Wed, 29 Nov 2023 23:54:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame C0F8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
3931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:49:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/ Frame C0F8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231128/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
3931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 21:49:06 GMT
l
www.google.com/ads/measurement/ Frame C0F8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSx8j6xkxG9JOZR20I96VSMW4fzyZ2b7iwYGCvCt6MHJgCei3ru654HnGPM_C7JVKjRCCko6e_RHlt7nLCuQ_fsIjNXIA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C0F8 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 22:54:37 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8250 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:31:09 GMT
x-content-type-options
nosniff
age
131008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Nov 2024 10:31:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8250 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:15:05 GMT
x-content-type-options
nosniff
age
95972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Nov 2024 20:15:05 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 8250
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CiRluLMFnZeP5C_rkvPIP6vmVyATwwozDdOaTvYz_EdvZHhABIPOJwzlgyYaAgNyjxBCgAZjkgu0pyAEJqQKa2VsA7m2yPqgDAcgDywSqBMMBT9D-nzi5mhqQjb4nNbDGR5F9Xx7zaAEhucf...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x62a09530f185f87c0000000000000000%22,%222%22:%220x6f027eebc45d182a0000000000000000%22,%223%22:%220x54c6af...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x62a09530f185f87c0000000000000000%22,%222%22:%220x6f027eebc45d182a0000000000000000%22,%223%22:%220x54c6af360b6fff430000000000000000%22,%224%22:%220x53126ae01dc34ee40000000000000000%22,%225%22:%220x88ce573ae7a689390000000000000000%22},%22debug_key%22:%227277670720732311197%22,%22debug_reporting%22:true,%22destination%22:%22https://myhealthcreditfinder.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211234488856%22],%224%22:[%2211-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229526556453439648097%22}&andc=true
Requested by
Host: chinas-lafa.ru
URL: https://chinas-lafa.ru/
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:38 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x62a09530f185f87c0000000000000000","2":"0x6f027eebc45d182a0000000000000000","3":"0x54c6af360b6fff430000000000000000","4":"0x53126ae01dc34ee40000000000000000","5":"0x88ce573ae7a689390000000000000000"},"debug_key":"7277670720732311197","debug_reporting":true,"destination":"https://myhealthcreditfinder.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11234488856"],"4":["11-29"],"6":["true"]},"priority":"500","source_event_id":"9526556453439648097"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 29 Nov 2023 22:54:38 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 29 Nov 2023 22:54:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x62a09530f185f87c0000000000000000","2":"0x6f027eebc45d182a0000000000000000","3":"0x54c6af360b6fff430000000000000000","4":"0x53126ae01dc34ee40000000000000000","5":"0x88ce573ae7a689390000000000000000"},"debug_key":"7277670720732311197","debug_reporting":true,"destination":"https://myhealthcreditfinder.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11234488856"],"4":["11-29"],"6":["true"]},"priority":"500","source_event_id":"9526556453439648097"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
pagead2.googlesyndication.com/bg/ Frame 071A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TrTmO4nDpjVVr9QkGA6PRPDTYtxejF7ay6ucA1cGs2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=280&adk=2801298807&adf=2498843383&pi=t.aa~a.1647758531~rp.1&w=1090&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=1090x280&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298475743&bpp=3&bdt=1285&idt=383&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=388
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eb4e63b89c3a63555afd424180e8f44f0d362dc5e8c5edacbab9c035706b363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:27:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
588410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15224
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 03:27:47 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x62a09530f185f87c0000000000000000%22,%222%22:%220x6f027eebc45d182a0000000000000000%22,%223%22:%220x54c6af360b6fff430000000000000000%22,%224%22:%220x53126ae01dc34ee40000000000000000%22,%225%22:%220x88ce573ae7a689390000000000000000%22},%22debug_key%22:%227277670720732311197%22,%22debug_reporting%22:true,%22destination%22:%22https://myhealthcreditfinder.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211234488856%22],%224%22:[%2211-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229526556453439648097%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 22:54:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame C0F8 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.193 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-193.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
39506fd9832a05ac305c5b86b68906e9b1a829000a3c63ce1ace872b27a03061

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 22:54:38 GMT
Content-Encoding
gzip
x-powered-by
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Max-Age
1800
Connection
keep-alive, Transfer-Encoding
Transfer-Encoding
chunked
Expires
Wed, 29 Nov 2023 22:59:38 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 8587 		81 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3249&&kkdd=3W%7C3%7C9n*HA&(s=QjzQC2-ujj2-uN-QH2-&LKwi=z&J4wT=z&DK(=QQCH&O4DX=YhhC&DsK=-dgjpjjQG&DwDK=pD6LFb_ZAUG_~QAA7iiUDW%3D%3D&DisK=u-Q2jj2CH&4s!X=QNzbNzz&DD=gB&4D=xr&DvcJ=a9Ik3xr&wsK=-t3NjIrhB&OwsK=oQGhNN-&vOOw4=Q&iii=O!I7vYDM7Y-iZvr1qwot_-gpqrhu3wuvgr1ukFrbuB4%3D&c4X=H&MW=Q&ZLK=u&TKOQ=-dgg2Uq-a&TKOC=QQNCQQz2Q&*KTOT=4KC%3DcZMMlsZiMAM%3DQzlZMJAw%3Dz8zQhjlFLXiwJ%3Dz8zjl(WAXbD%3Dz8CQl(s4A4K%3DjzNlZiMAiw4A*%3DQu8uQlKFJA*%3Dz8HhlKDC%3DQl4DK%3DyMliTX%3Dz%2Czl(AT4c%3D2zz2lKFJAM%3DCzl(MCiA4K%3DCzChQQC2QClsZiMA*%3Djjj8jjlZiMAO5D%3DzlZiMAiCTA*%3Dzl4OK%3DT4WsyOACAXbwTcKliTO%3Dz8zzz%2CzlMT4O%3DlD(FL%3Du8Nhl(s4AZiMA*%3Dz8ujl(MCiAsA4K%3DCzChQQC2Qzlsw%3DrFKa5wyc2~5syTutrJ4Gkly**%3Dzl(s4AZiMAM%3DzlisswZT%3DCu%2CCulXO%3DQ-liD%3DQlis4ZsK%3Dz%2Czl(MCiAsA*%3Dz8zCliw4A4K%3DCzChQQC2QCl(s4A*%3DQhQ8CCliTK(%3Dz8zzz%2CzlZiMA*%3DQ8C-l(MCiAZiMA*%3Dzl(MCiAZiMA(s%3DQG7QNlZiMAO(s%3DzlZiMAM%3DQzl4M(%3DhN8QHlLDTO%3D7Qzl**%3DQ2Nl((%3DzlD(MCiA4K%3Djz-liy(%3Duh8hNlMCiA*%3DQzzzlXiwJ%3Dz8zjl(MCiAZiMA5D%3DzGzlw4sAD%3DQ%2CQ%2Cz%2Cz%2Cz%2Cz%2Cz%2Czl*J%3DQlw4sAK%3Dzli5X%3Dz%2CzliTKw%3Dz8zzz%2CzlThwA*%3DN8jQ%2C--82ul4sK%3Du-Q2jj2CHl4K%3DQlZsK%3DCETPc!wbqY*iQ(fQu3lZiMAiw4A5D%3DzlD(MCiA*%3Du8Nhl*OK%3Dhzj2jQjNuhCHNzjzCu2jNNN2CzHjjHuzhQjNh-HHhChN2HuNQjuhzHHQC2-zuHuCuz2-QQ-----C2uh-uzzQNHChjH-uj-H-h2CNj-ul(WZ%3Dz8CQlKCwAM%3DQzlD(MC%3Du8NhlhwDy%3D2228HjlZsJ%3DzlFLAJ4v%3Dz8zjli5O%3Dz8zzz%2CzlKJJA4OiL%3DvTiJFc~lKCwA*%3Dz82-lFLKCwA*%3Dz82-l44%3Dx9lDD%3DgBlZsW%3D7QlDX%3Dzliw4A*%3D--82ulZiMA4iw4A*%3DQu8uQliD(%3Duh8hNldE%3DhzHzli5Ww%3Dz8zzz%2Czl5*AZD%3D7ClcO4%3DCl5*ADD54%3D7ClDO%3DJsTJsl*44AfoR%3Dx9%2Cx9li5WK%3Dz8zzz%2Czl*T4s4C%3DQ2Nl*T4s4Q%3DQ2Nls4IXy%3Dzls4sy%3DzlZiMAiwDA*%3Dzl*sK%3Dz8zjlKD%3D-lZiMAiw4Ai(%3Dzl(MCiA*%3DN8hjlD*Kw%3Dz8zQul4K%3DQlsO~wXAsK%3DQjl4XMMXiAOTLAsK%3DT4WsyOACAXbwTcKl4ZwwM~AOTLAsK%3DlKXOXDOXKAOTLAsK%3DT4WsyOACAXbwTcKl(sXWT*sMsO~%3Dz8CQlwF4%3DhlTDAO~wX%3DQlTK*M5%3DCHNCCHuu2QlTJw%3DQlFL*sK%3Dz8zjzl*yMi%3Dz8zQzl4ZsK%3Dd9GBG_7ZhAPVAM2e7W-WHZOFf6WlKOD%3DXT4OA4DlKJJAXiwJ%3DyTM4XlKJJ%3DvTiJFc~l*KwDTwK%3DzlKTML%3DZcs4FcCNl4F*w%3DlbsK%3D9)S7wZ*7H2NQQCQu2u-QCQQhlvOJM%3DQlKDZO%3D-zlKFL*%3Dz7QlXDwAZ4XK%3D6zHlXDwAwzH%3Dz8zhHjhujzzN2Nuzu-hlXDwAwQz%3Dz8z2HQh-z2j2C-jH-QNlXDwAwQH%3Dz8QHuh2z2Nu-HH2-Q2lXDwAwCz%3Dz8CQzN---QQhhujhHlXDwAwCH%3Dz8CjjCh2N2-NhQh2QClXDwAwhz%3Dz8huH-QCHuzCNCHz-QlXDwAwhH%3Dz8uQjHzjzQ-N-HjhzClXDwAwuz%3Dz8u2hHQHQQ---jQhC-ulXDwAwuH%3Dz8H-u22NuH-HHhh-CQlXDwAwHz%3Dz8N--HQ-NN-Q-2zhzClXDwAwHH%3Dz8-zuhQ-uzHQCzuHj2lXDwAwNz%3Dz82uCQhhCQj2zjHNCHlXDwAwNH%3DQ8QzuH2CQHuhCzHzC-lXDwAwjz%3DQ8C2uhjjCjzQzj-NQhlXDwAwjH%3DQ8Hhu2huCjzNhCNQCNlXDwAw-z%3DQ8-N-uC-CNQhzj-ClXDwAw-H%3DC8hhhCNCzNQNuuHQHjlXDwAw2z%3Dh8Chj-h2zNh2-2hjQhlXDwAw2H%3DH8uzHHHC2C2uzhuH2lXDwAw22%3DQN8h-NjNQuCQj2zHQls*D%3DQlc4!%3DClOL4%3DQNzbNzz%7ChzzbNzzl*4*%3Dzl*4w%3DzlOJb%3DChQ&cO(=z&JJJ=ZSF4xyE)6G5%3D&sW=QNz&scEyi=Q&*KiEK=uNz&*sK=hu2zNj&JDy=NjQQ2&~K4wi=Q&*TX=_bX_LTTXbu&5TOwiX=Q&5TO*sK=7QzC&DTKFJTsc=O!I7vYDM7Y7aBvxuC7ZZyKcH3SvCsdzxN6KhC~uEBDVe3aVA5~VF!L%3D%3D&~wMw=Q&s4sK=H&TK(=Ec(X4OFi%20qFDZ4&44JDiA(Xi=H&wLsK=wzQN2h2h-NCjOCzChQQC2CCHu&44MK=%7B%2244sw%22%3A%22CzzQ%3AzHHz%3AQKzH%3Azzzz%3Azzzz%3Azzzz%3Azzzz%3Azzzz%22%2C%2244DD%22%3A%22gB%22%2C%22444D%22%3A%22qY%22%2C%2244DO~%22%3A%22JsTJs%22%7D&vOJM4iD=Q&sflct=8818102&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.52.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-52-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
08d34949f1fc0e18bda108115a0754094b61085643e505b82cbd604439fe6040
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
31703
content-type
text/html
date
Wed, 29 Nov 2023 22:54:38 GMT
expires
Wed, 29 Nov 2023 22:54:38 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-sz63
bping.php
lg3.media.net/ Frame C0F8 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=3001&&vgd_cdv=1125&vgd_cage=1&vgd_tsce=L332&vgd_mcf=67119&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=481977925&vi=1701298477984681598&ugd=4&lf=6&cc=US&sc=NY&lper=100&wsip=170785101&r=1701298478194&rrr=tzR-hLcl-L8ruhYZFpTPB8UQFY34Op4hUYZ4MoYx4Ss%3D&requrl=https%3A%2F%2Fchinas-lafa.ru%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~xjYMEv9.9uAh~myJLEYv9.9h~eBMJ-Nv9.fu~e8QMQOvh9F~xLjMLEQMGvuH.Hu~OmYMGv9.XA~ONfvu~QNOvkj~L1Jv9%2C9~eM1Qzvi99i~OmYMjvf9~ejfLMQOvf9fAuufiuf~8xLjMGvhhh.hh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MfMJ-E1zO~L17v9.999%2C9~j1Q7v~NemyvH.FA~e8QMxLjMGv9.Hh~ejfLM8MQOvf9fAuufiu9~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGv9~e8QMxLjMjv9~L88Ex1vfH%2CfH~J7vuW~LNvu~L8Qx8Ov9%2C9~ejfLM8MGv9.9f~LEQMQOvf9fAuufiuf~e8QMGvuAu.ff~L1Oev9.999%2C9~xLjMGvu.fW~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~QjevAF.uX~yN17vou9~GGvuiF~eev9~NejfLMQOvh9W~LkevHA.AF~jfLMGvu999~JLEYv9.9h~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~L1OEv9.999%2C9~1AEMGvF.hu%2CWW.iH~Q8OvHWuihhifX~QOvu~x8OvfV1ZzlE-sTGLueCuHa~xLjMLEQMUNv9~NejfLMGvH.FA~G7OvA9hihuhFHAfXF9h9fHihFFFif9XhhXH9AuhFAWXXAfAFiXHFuhHA9XXufiW9HXHfH9iWuuWWWWWfiHAWH99uFXfAhXWHhWXWAifFhWH~eBxv9.fu~OfEMjvu9~NejfvH.FA~AENkviii.Xh~x8Yv9~myMYQwv9.9h~LU7v9.999%2C9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvWW.iH~xLjMQLEQMGvuH.Hu~LNevHA.AF~%3DVvA9X9~LUBEv9.999%2C9~UGMxNvof~z7Qvf~UGMNNUQvof~N7vY81Y8~GQQMC_pvIK%2CIK~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.9h~ONvW~xLjMLEQMLev9~ejfLMGvF.Ah~NGOEv9.9uH~QOvu~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MfMJ-E1zO~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MfMJ-E1zO~e8JB1G8j875v9.fu~EmQvA~1NM75EJvu~1OGjUvfXFffXHHiu~1YEvu~myG8Ov9.9h9~GkjLv9.9u9~Qx8Ov%3DK4b4RoxAMZdMji%2FoBWBXx7mC%20B~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~QmGEv~-8OvKrtoExGoXiFuufuHiHWufuuA~w7Yjvu~ONx7vW9~OmyGv9ou~JNEMxQJOv%209X~JNEME9Xv9.9AXhAHh99FiFH9HWA~JNEMEu9v9.9iXuAW9ihifWhXWuF~JNEMEuXv9.uXHAi9iFHWXXiWui~JNEMEf9v9.fu9FWWWuuAAHhAX~JNEMEfXv9.fhhfAiFiWFAuAiuf~JNEMEA9v9.AHXWufXH9fFfX9Wu~JNEMEAXv9.HuhX9h9uWFWXhA9f~JNEMEH9v9.HiAXuXuuWWWhuAfWH~JNEMEHXv9.XWHiiFHXWXXAAWfu~JNEMEX9v9.FWWXuWFFWuWi9A9f~JNEMEXXv9.W9HAuWH9Xuf9HXhi~JNEMEF9v9.iHfuAAfuhi9hXFfX~JNEMEFXvu.u9HXifuXHAf9X9fW~JNEMEh9vu.fiHAhhfh9u9hWFuA~JNEMEhXvu.XAHiAHfh9FAfFufF~JNEMEW9vu.WFWHfWfFuA9hWf~JNEMEWXvf.AAAfFf9FuFHHXuXh~JNEMEi9vA.fAhWAi9FAiWiAhuA~JNEMEiXvX.H9XXXfifiH9AHXi~JNEMEiivuF.AWFhFuHfuhi9Xu~8GNvu~zQlvf~7yQvuF9-F99%7CA99-F99~GQGv9~GQEv9~7Y-vfAu&ssld=%7B%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22sT%22%2C%22QQN75%22%3A%22Y81Y8%22%7D&vgd_bid=349067&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1701298477144877973&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_pgid=p01693938627t202311292254&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%5D&hvsid=00001701298478183006462152352345&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Wed, 29 Nov 2023 22:54:38 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 29 Nov 2023 22:54:38 GMT
checksync.php
contextual.media.net/ Frame 7E96 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.52.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-52-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1a8e290c005fa6bc3903561abadeaa1f07d172c836139e1e30edf877e799831b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9622
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 22:54:38 GMT
expires
Fri, 01 Dec 2023 22:54:38 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame C0F8 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=6399&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=Ewp-NW2cgn4yjmF67-sX9Q&vid=Ewp-NW2cgn4yjmF67-sX9Q&dn=chinas-lafa.ru&rawDn=chinas-lafa.ru&requrl_dn=chinas-lafa.ru&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fchinas-lafa.ru&cliIPV6=2001%3A0550%3A1d05%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=FL&ct=miami&zip=33186&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-54bdd58566-h6bhn.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=202&sckfl=1&suid=CAESEB-u3_Gj_l9V-w8w5utoKqw&sckfl2=0&smbrid=adx-1&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm4OgpA63gmyXxSHgRJLSaZFI8Uh0yJGiN9L_Wm5O4wQJZq23ADIwoTyQhiaacImwxNi&pexid=ADX-pub-5961121494812113&geoll=false&is_ortb=false&commit_id=f081fd94&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-11-29+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&rtttime=64&req_tid_present=false&pvid=460&prvAccId=481977925&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=116211091&prspt=headerBid&prvReqId=729738321925576_1184414044_1162110914601&size=160x600&chnl=HARMONY&bdp=0.070&bid_uuid=93a7de540859858c334db7173f6acab4&cbdp=0.014&og_cbdp=0.070&ogbdp=0.07&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.014&dsrc=-2&dp=0&dbf=1&epc=481977925&s=1&snm=SUCCESS&pcrid=8CU7Q771E-481977925-48-9&tpbTkn=false&exid=218&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=21&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1701298476765&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.07&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300160060000059500&strg=HARMONY&stagid=aswift_2_expand&vls=0&scrid=1700080807683300160060000059500&mang=1&pvdTmax=231&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=160x600%7C300x600&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=a59888003b&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23NedCkflWithData%3ADEFAULT%23%23launchexp%3Atoken2%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&acid=2d2788dd4d39429039e011471b1477c0&rtime=27.0&wsip=mowx-lite-d58694798-lz25t&ltime=36.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D0&adtypes=0&adblk=2562254491&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=2d2788dd4d39429039e011471b1477c0_1&policy_enf=2&pub_blk_enf=1&req_size=300x600%7C160x600&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=2&adpos=3&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=aswift_2_expand&feedback_id=Ewp-NW2cgn4yjmF67-sX9Q_1&supplyTagId=2562254491&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2023-11-29+22%3A54%3A36&__expireat=1701299077019&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.070&lo_cbdp=0.014&actltime=37&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ulm_p%3D0.0137~ogerpm%3D0.07~vw_exc%3D0.21~vis_sd%3D706~url_rps_b%3D14.41~dom_b%3D0.53~dc2%3D1~scd%3Dfl~rae%3D0%2C0~v_asn%3D9009~dom_l%3D20~vl2r_sd%3D2023112912~iurl_b%3D777.77~url_tkc%3D0~url_r2a_b%3D0~std%3Daswift_2_expand~rat%3D0.000%2C0~last%3D~cvog%3D4.63~vis_url_b%3D0.47~vl2r_i_sd%3D2023112910~ip%3DYodHkpfn9ykifa4PYmsEM~fbb%3D0~vis_url_l%3D0~riipua%3D24%2C24~et%3D18~rc%3D1~risuid%3D0%2C0~vl2r_i_b%3D0.02~rps_sd%3D2023112912~vis_b%3D131.22~radv%3D0.000%2C0~url_b%3D1.28~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~slv%3D36.15~gcat%3D-10~bb%3D196~vv%3D0~cvl2r_sd%3D708~rfv%3D43.36~l2r_b%3D1000~erpm%3D0.07~vl2r_url_kc%3D0E0~psi_c%3D1%2C1%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D0~rke%3D0%2C0~radp%3D0.000%2C0~a3p_b%3D6.71%2C88.94~sid%3D481977925~sd%3D1~uid%3D2IaGnzpxFLbr1vK14O~url_rps_kc%3D0~cvl2r_b%3D4.63~btd%3D3079717643256070249766692057754031763855323695461743055129804542409811888882943840016523758478583926784~vwu%3D0.21~d2p_l%3D10~cvl2%3D4.63~3pcf%3D999.57~uim%3D0~og_msh%3D0.07~rkt%3D0.000%2C0~dmm_strg%3Dharmony~d2p_b%3D0.98~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rps_b%3D88.94~url_srps_b%3D14.41~rcv%3D43.36~CI%3D3050~rkwp%3D0.000%2C0~kb_uc%3D-2~nts%3D2~kb_ccks%3D-2~ct%3Dmiami~bss_KTW%3DNA%2CNA~rkwd%3D0.000%2C0~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.07~dc%3D8~url_rps_rv%3D0~vl2r_b%3D6.37~cbdp%3D0.014%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_2_expand%7Esupply_tag_id%3D%7Edetected_tag_id%3Daswift_2_expand%7Eviewability%3D0.21%7Epos%3D3%7Eac_type%3D1%7Eadblk%3D2562254491%7Eamp%3D1%7Eogbid%3D0.070%7Ebflr%3D0.010%7Esuid%3DCAESEB-u3_Gj_l9V-w8w5utoKqw%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison26%7Esobp%3D%7Exid%3DADX-pub-5961121494812113%7Ehtml%3D1%7Edcut%3D80%7Edogb%3D0-1%7Eecp_used%3Dq05%7Eecp_p05%3D0.03573470069640483%7Eecp_p10%3D0.09513809792875816%7Eecp_p15%3D0.1543909648559819%7Eecp_p20%3D0.210688811334735%7Eecp_p25%3D0.2772396986313912%7Eecp_p30%3D0.3458125402625081%7Eecp_p35%3D0.4175070186857302%7Eecp_p40%3D0.49351511888713284%7Eecp_p45%3D0.5849964585533821%7Eecp_p50%3D0.6885186681890302%7Eecp_p55%3D0.8043184051204579%7Eecp_p60%3D0.9421332179075625%7Eecp_p65%3D1.1045921543205028%7Eecp_p70%3D1.2943772701078613%7Eecp_p75%3D1.5349342706326126%7Eecp_p80%3D1.86842826130782%7Eecp_p85%3D2.3332620616445157%7Eecp_p90%3D3.2378390639893713%7Eecp_p95%3D5.405552929403459%7Eecp_p99%3D16.38676142179051~ibc%3D1~nsz%3D2~tgs%3D160x600%7C300x600~bsb%3D0~bsp%3D0~tmx%3D231&utime=1447&sf=0&cpr=0.804088850346449
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 29 Nov 2023 22:54:38 GMT
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 34E8 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.182.193 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-193.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
39506fd9832a05ac305c5b86b68906e9b1a829000a3c63ce1ace872b27a03061

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 22:54:38 GMT
Content-Encoding
gzip
x-powered-by
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Max-Age
1800
Connection
keep-alive, Transfer-Encoding
Transfer-Encoding
chunked
Expires
Wed, 29 Nov 2023 22:59:38 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame D15B 		80 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3227&&kkdd=A!%7Cu%7C9H3An*&*7=fIVfURh~IIUI~nnhfn~&2W8A=V&k68p=V&eW*=ffUg&y6eP=-llU&e7W=hvMI5IIfq&e8eW=5e42D1uS!xquzf!!YAAxea%3D%3D&eA7W=~hfRIIRUg&67_P=fnV1nVV&ee=MZ&6e=(o&eBHk=Lmjt.(o&87W=hN.nIjolZ&y87W=rfqlnnh&Byy86=f&AAA=y_jYB-e0Y-hASBobE8rNuhM5Eol~.8~BMob~tDo1~Z6%3D&H6P=g&0a=f&S2W=~&pWyf=hvMMRxEhL&pWyU=ffnUffVRf&JWpyp=6WU%3DHS00s7SA0!0%3DfVsS0k!8%3DVwVflIsD2PA8k%3DVwfUs*a!P1e%3DVwUns*76!6W%3DIVnsSA0!A86!J%3Df~w~fsWDk!J%3DVwglsWeU%3Dfs6eW%3DG0sApP%3DV%2CVs*!p6H%3DRVVRsWDk!0%3DUVs*0UA!6W%3DUVUlffURfUs7SA0!J%3DIIIwIIsSA0!yQe%3DVsSA0!AUp!J%3DVs6yW%3DlUg~ghnhIgsApy%3DVwVVV%2CVs0p6y%3Dse*D2%3D~wf~s*76!SA0!J%3DVw~Is*0UA!7!6W%3DUVUlffURfVs78%3DoDWLQ8GHRzQ7Gp~Nok6qtsGJJ%3DVs*76!SA0!0%3DVsA778Sp%3DU~%2CU~sPy%3DfRsAe%3DfsA76S7W%3DV%2CVs*0UA!7!J%3DVwVlsA86!6W%3DUVUlffURfUs*76!J%3DfIVwRUsApW*%3DVwVVV%2CVsSA0!J%3DfwURs*0UA!SA0!J%3DVs*0UA!SA0!*7%3DfqYfnsSA0!y*7%3DVsSA0!0%3DfVs60*%3DUUwhIs2epy%3DYfVsJJ%3DfRns**%3DVse*0UA!6W%3DIVhsAG*%3D~lwlns0UA!J%3DfVVVsPA8k%3DVwfUs*0UA!SA0!Qe%3DVqVs867!e%3Df%2Cf%2CV%2CV%2CV%2CV%2CV%2CVsJk%3Dfs867!W%3DVsAQP%3DV%2CVsApW8%3DVwVVV%2CVspl8!J%3DhwVh%2ChIwUls67W%3D~hfRIIRUgs6W%3DfsS7W%3DUCpFkvrQh3RbyG~Eb7sSA0!A86!Qe%3DVse*0UA!J%3D~wf~sJyW%3DlVIRIfIn~lUnVffU~RlVlUUlVhVlghf~IVIfVInhUnfVggUgVVIRgnUIUl~hglh~ngIfnIRhVVhIflf~~RhgURI~gnVlVRhl~R~V~fns*aS%3DVwUnsWU8!0%3DfVse*0U%3D~wf~sl8eG%3DRRRwRnsS7k%3DVsD2!k6B%3DVwfUsAQy%3DVwVVV%2CVsWkk!6yA2%3DBpAkDHzsWU8!J%3DVwRhsD2WU8!J%3DVwRhs66%3D(msee%3DMZsS7a%3DYfseP%3DVsA86!J%3DhIwUlsSA0!6A86!J%3Df~w~fsAe*%3D~lwlnsvC%3DlVgVsAQa8%3DVwVVV%2CVsQJ!Se%3DYUsHy6%3DUsQJ!eeQ6%3DYUsey%3Dk7pk7sJ66!3r9%3D(m%2C(msAQaW%3DVwVVV%2CVsJp676U%3DfRnsJp676f%3DfRns76jPG%3DVs767G%3DVsSA0!A8e!J%3DVsJ7W%3DVwfUsWe%3DhsSA0!A86!A*%3DVs*0UA!J%3DhwVhseJW8%3DVwVU~s6W%3Dfs7yz8P!7W%3DfIs6P00PA!yp2!7W%3DlUg~ghnhIgs6S880z!yp2!7W%3DsWPyPeyPW!yp2!7W%3Ds*7PapJ707yz%3DVwUns8D6%3Dlspe!yz8P%3DfspWJ0Q%3DlUg~ghnhIgspk8%3DfsD2J7W%3DVwfUVsJG0A%3DVwVfVs6S7W%3DvmqZqT!7xl7UbS45h3*nCoWDT15sWye%3DPp6y!6esWkk!PA8k%3DGp06PsWkk%3DBpAkDHzsJW8ep8W%3DVsWp02%3DSH76DHUns6DJ8%3Ds17W%3DmT)Y8SJYgRnffUf~R~hfUfflsByk0%3DfsWeSy%3DhVsWD2J%3DVYfsPe8!S6PW%3D4VgsPe8!8Vg%3DVwV~nIU~~IRRllVVlgnsPe8!8fV%3DVwfUVghghlhfIgRIU~RsPe8!8fg%3DVwfRU~IR~VUf~UhnfUUsPe8!8UV%3DVwUnUU~RgIRRRUfUIfsPe8!8Ug%3DVwl~VllggRRUIfhIn~sPe8!8lV%3DVw~UUnRnlh~~n~flVR~sPe8!8lg%3DVwgffgVnhUVhgfR~IlsPe8!8~V%3DVwnVIUV~hIl~RI~~ngsPe8!8~g%3DVwIfn~RnhIfIfllUUhsPe8!8gV%3DVwhlhUgVgggnnnUVRgsPe8!8gg%3DVwRInUIhnVIIVggUgfsPe8!8nV%3Dfwf~glgnRVRVlUnRgUsPe8!8ng%3Dfwl~gnVgUh~~~nnUUUsPe8!8IV%3DfwgII~~lhhf~R~nh~lsPe8!8Ig%3DfwhhhR~g~gnIUU~UfhsPe8!8hV%3DUwl~~nllggffgUlRhsPe8!8hg%3DUwRhhffhnIUnglf~nnsPe8!8RV%3D~wUhhfIfV~gIUghUlsPe8!8Rg%3DIw~Rh~~fflnhUVhfRsPe8!8RR%3DUnwRlUUgngIVfnlVUs7Je%3DfsH6_%3DUsy26%3DfnV1nVV%7ClVV1nVVsJ6J%3DVsJ68%3DVsyk1%3DUlU&Hy*=V&kkk=S)D6(GCT4qQ%3D&7a=fnV&7HCGA=f&JWACW=~nV&J7W=l~RVng&keG=nIffR&zW68A=f&JpP=u1Pu2ppP1~&Qpy8AP=f&QpyJ7W=YfVU&epWDkp7H=y_jYB-e0Y-YLZB(~UYSSGWHg.)BU7vV(n4WlUz~CZeic.Li!QziD_2%3D%3D&z808=f&767W=g&pW*=CH*P6yDA%20EDeS6&66keA!*PA=g&827W=8VfnRlRlhnUIyUVUlffURUUg~&660W=%7B%226678%22%3A%22UVVf%3AVggV%3AfWVg%3AVVVV%3AVVVV%3AVVVV%3AVVVV%3AVVVV%22%2C%2266ee%22%3A%22MZ%22%2C%22666e%22%3A%22E-%22%2C%2266eyz%22%3A%22k7pk7%22%7D&Byk06Ae=f&sflct=8818102&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.52.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-52-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b23fabf74fbdb8b16675be743457809da3b3f96013fc65812e27d9e98c68cae7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
31657
content-type
text/html
date
Wed, 29 Nov 2023 22:54:38 GMT
expires
Wed, 29 Nov 2023 22:54:38 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-84ww
bping.php
lg3.media.net/ Frame 34E8 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2978&&vgd_cdv=1125&vgd_cage=1&vgd_tsce=L332&vgd_mcf=67119&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=481977925&vi=1701298477274668164&ugd=4&lf=6&cc=US&sc=NY&lper=100&wsip=170785101&r=1701298478272&rrr=tzR-hLcl-L8ruhYZFpTPB8UQFY34Op4hUYZ4MoYx4Ss%3D&requrl=https%3A%2F%2Fchinas-lafa.ru%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~xjYMEv9.9uAh~myJLEYv9.uf~eBMJ-Nv9.fF~e8QMQOvh9F~xLjMLEQMGvuH.Hu~OmYMGv9.XA~ONfvu~QNOvkj~L1Jv9%2C9~eM1Qzvi99i~OmYMjvf9~ejfLMQOvf9fAuufiuf~8xLjMGvhhh.hh~xLjM7UNv9~xLjMLf1MGv9~Q7OvAfXHXWFWhX~L17v9.999%2C9~j1Q7v~NemyvH.uH~e8QMxLjMGv9.Hh~ejfLM8MQOvf9fAuufiu9~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGv9~e8QMxLjMjv9~L88Ex1vfH%2CfH~J7vui~LNvu~L8Qx8Ov9%2C9~ejfLM8MGv9.9A~LEQMQOvf9fAuufiuf~e8QMGvuh9.if~L1Oev9.999%2C9~xLjMGvu.fi~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~Qjevff.Wh~yN17vou9~GGvuiF~eev9~NejfLMQOvh9W~LkevHA.AF~jfLMGvu999~JLEYv9.uf~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~L1OEv9.999%2C9~1AEMGvW.9W%2CWh.fA~Q8OvHWuihhifX~QOvu~x8OvfV1ZY%3D_UWCi27kHs28~xLjMLEQMUNv9~NejfLMGvH.uH~G7OvA9hihuhFHAfF9uufHiA9AffA9W9AXWuHh9hu9hFWfFu9XXfX99hiXFfhfAHWXAWHFXhuFhiW99WhuAuHHiWXfihHXF9A9iWAHiH9HuF~eBxv9.fF~OfEMjvu9~NejfvH.uH~AENkviii.iF~x8Yv9~myMYQwv9.uf~LU7v9.999%2C9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvWh.fA~xLjMQLEQMGvuH.Hu~LNevHA.AF~%3DVvA9X9~LUBEv9.999%2C9~UGMxNvof~z7Qvf~UGMNNUQvof~N7vY81Y8~GQQMC_pvIK%2CIK~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uf~ONvW~xLjMLEQMLev9~ejfLMGvW.9W~NGOEv9.9fH~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvAfXHXWFWhX~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.fF~EmQvA~1NM75EJvu~1OGjUvAfXHXWFWhX~1YEvu~myG8Ov9.uf9~GkjLv9.9u9~Qx8Ov%3DK4b4rM86A8f2x%20gWCeFV3Omr-g~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~QmGEv~-8OvKrtoExGoXiFuufuHiHWufuuA~w7Yjvu~ONx7vW9~OmyGv9ou~JNEMxQJOv%209X~JNEME9Xv9.9HFhfHHhiiAA99AXF~JNEMEu9v9.uf9XWXWAWuhXihfHi~JNEMEuXv9.uifHhiH9fuHfWFuff~JNEMEf9v9.fFffHiXhiiifufhu~JNEMEfXv9.AH9AAXXiifhuWhFH~JNEMEA9v9.HffFiFAWHHFHuA9iH~JNEMEAXv9.XuuX9FWf9WXuiHhA~JNEMEH9v9.F9hf9HWhAHihHHFX~JNEMEHXv9.huFHiFWhuhuAAffW~JNEMEX9v9.WAWfX9XXXFFFf9iX~JNEMEXXv9.ihFfhWF9hh9XXfXu~JNEMEF9vu.uHXAXFi9i9AfFiXf~JNEMEFXvu.AHXF9XfWHHHFFfff~JNEMEh9vu.XhhHHAWWuHiHFWHA~JNEMEhXvu.WWWiHXHXFhffHfuW~JNEMEW9vf.AHHFAAXXuuXfAiW~JNEMEWXvf.iWWuuWFhfFXAuHFF~JNEMEi9vH.fWWuhu9HXhfXWfA~JNEMEiXvh.HiWHHuuAFWf9Wui~JNEMEiivfF.iAffXFXh9uFA9f~8GNvu~zQlvf~7yQvuF9-F99%7CA99-F99~GQGv9~GQEv9~7Y-vfAf&ssld=%7B%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22sT%22%2C%22QQN75%22%3A%22Y81Y8%22%7D&vgd_bid=349065&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1701298477157504595&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_pgid=p01693938627t202311292254&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%5D&hvsid=00001701298478267006462152354448&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Wed, 29 Nov 2023 22:54:38 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 29 Nov 2023 22:54:38 GMT
checksync.php
contextual.media.net/ Frame D521 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.52.28 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-52-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1a8e290c005fa6bc3903561abadeaa1f07d172c836139e1e30edf877e799831b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9622
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 22:54:38 GMT
expires
Fri, 01 Dec 2023 22:54:38 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 34E8 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=6323&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=Wtxnf2e5-GilI385qWU-XQ&vid=Wtxnf2e5-GilI385qWU-XQ&dn=chinas-lafa.ru&rawDn=chinas-lafa.ru&requrl_dn=chinas-lafa.ru&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fchinas-lafa.ru&cliIPV6=2001%3A0550%3A1d05%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=FL&ct=miami&zip=33186&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-54bdd58566-h6bhn.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=202&sckfl=1&suid=CAESED_iJ3i2ZuqQ8Kv6IYdoDxQ&sckfl2=0&smbrid=adx-1&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm7qpTjQGhEQ_uIDsQdOd7dCRgQCdh6vzcSnFwCpRTGBLdAmIz4YQSQ7wtDWBHyxTAfx&pexid=ADX-pub-5961121494812113&geoll=false&is_ortb=false&commit_id=f081fd94&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-11-29+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&rtttime=65&req_tid_present=false&pvid=460&prvAccId=481977925&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=116211091&prspt=headerBid&prvReqId=28430686627587_1693871123_1162110914601&size=160x600&chnl=HARMONY&bdp=0.120&bid_uuid=ed27e89328f7b3fc8adf423e7ea1cac9&cbdp=0.024&og_cbdp=0.120&ogbdp=0.12&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.024&dsrc=-2&dp=0&dbf=1&epc=481977925&s=1&snm=SUCCESS&pcrid=8CU7Q771E-481977925-48-9&tpbTkn=false&exid=218&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=26&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1701298476766&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.12&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807683300160060000059500&strg=HARMONY&vls=0&scrid=1700080807683300160060000059500&mang=1&pvdTmax=232&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=160x600%7C300x600&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=a59888003b&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23NedCkflWithData%3ADEFAULT%23%23launchexp%3Atoken2%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&acid=aab2ad2a98456181f480244f57c7f672&rtime=28.0&wsip=mowx-lite-d58694798-thtp9&ltime=37.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D0&adtypes=0&adblk=3254586875&impId=1&reftime=0&reftype=0&psrc=fail&mowxReqId=aab2ad2a98456181f480244f57c7f672_1&policy_enf=2&pub_blk_enf=1&req_size=300x600%7C160x600&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=2&adpos=3&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=Wtxnf2e5-GilI385qWU-XQ_1&supplyTagId=3254586875&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2023-11-29+22%3A54%3A36&__expireat=1701299077021&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.120&lo_cbdp=0.024&actltime=38&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ulm_p%3D0.0137~ogerpm%3D0.12~vw_exc%3D0.26~vis_sd%3D706~url_rps_b%3D14.41~dom_b%3D0.53~dc2%3D1~scd%3Dfl~rae%3D0%2C0~v_asn%3D9009~dom_l%3D20~vl2r_sd%3D2023112912~iurl_b%3D777.77~url_tkc%3D0~url_r2a_b%3D0~std%3D3254586875~rat%3D0.000%2C0~last%3D~cvog%3D4.14~vis_url_b%3D0.47~vl2r_i_sd%3D2023112910~ip%3DYodHkpfn9ykifa4PYmsEM~fbb%3D0~vis_url_l%3D0~riipua%3D24%2C24~et%3D19~rc%3D1~risuid%3D0%2C0~vl2r_i_b%3D0.03~rps_sd%3D2023112912~vis_b%3D170.92~radv%3D0.000%2C0~url_b%3D1.29~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~slv%3D22.87~gcat%3D-10~bb%3D196~vv%3D0~cvl2r_sd%3D708~rfv%3D43.36~l2r_b%3D1000~erpm%3D0.12~vl2r_url_kc%3D0E0~psi_c%3D1%2C1%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D0~rke%3D0%2C0~radp%3D0.000%2C0~a3p_b%3D8.08%2C87.23~sid%3D481977925~sd%3D1~uid%3D2IaGmCTk8K9Ztf4FZi~url_rps_kc%3D0~cvl2r_b%3D4.14~btd%3D3079717643260112493032230803581470710768261055250079562723485384657167980087131449852974560309834940416~vwu%3D0.26~d2p_l%3D10~cvl2%3D4.14~3pcf%3D999.96~uim%3D0~og_msh%3D0.12~rkt%3D0.000%2C0~dmm_strg%3Dharmony~d2p_b%3D0.98~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rps_b%3D87.23~url_srps_b%3D14.41~rcv%3D43.36~CI%3D3050~rkwp%3D0.000%2C0~kb_uc%3D-2~nts%3D2~kb_ccks%3D-2~ct%3Dmiami~bss_KTW%3DNA%2CNA~rkwd%3D0.000%2C0~basis2%3D196~basis1%3D196~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.12~dc%3D8~url_rps_rv%3D0~vl2r_b%3D8.08~cbdp%3D0.024%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D3254586875%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.26%7Epos%3D3%7Eac_type%3D1%7Eadblk%3D3254586875%7Eamp%3D1%7Eogbid%3D0.120%7Ebflr%3D0.010%7Esuid%3DCAESED_iJ3i2ZuqQ8Kv6IYdoDxQ%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison26%7Esobp%3D%7Exid%3DADX-pub-5961121494812113%7Ehtml%3D1%7Edcut%3D80%7Edogb%3D0-1%7Eecp_used%3Dq05%7Eecp_p05%3D0.04672447993300356%7Eecp_p10%3D0.12058583817597249%7Eecp_p15%3D0.19247940214286122%7Eecp_p20%3D0.2622495799921271%7Eecp_p25%3D0.3403355992718764%7Eecp_p30%3D0.42269638446413094%7Eecp_p35%3D0.5115068208519473%7Eecp_p40%3D0.6072048734974465%7Eecp_p45%3D0.7164968717133228%7Eecp_p50%3D0.8382505556662095%7Eecp_p55%3D0.9762786077055251%7Eecp_p60%3D1.1453569090326952%7Eecp_p65%3D1.3456052844466222%7Eecp_p70%3D1.5774438814946843%7Eecp_p75%3D1.8889454567224218%7Eecp_p80%3D2.344633551152398%7Eecp_p85%3D2.9881186726531466%7Eecp_p90%3D4.288171045725823%7Eecp_p95%3D7.498441136820819%7Eecp_p99%3D26.93225657016302~ibc%3D1~nsz%3D2~tgs%3D160x600%7C300x600~bsb%3D0~bsp%3D0~tmx%3D232&utime=1519&sf=0&cpr=0.8599910934215327
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 29 Nov 2023 22:54:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 52BB 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
37170
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 12:35:08 GMT
etag
48472445140208031
expires
Thu, 30 Nov 2023 12:35:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 34E8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8b3bc2afb93d0babcfb4a38d4affaede2836e8bd16eaabe0a2a5f0ed72f2ad3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 34E8 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFx1QLMFnZd7mJ7DrxtYP4_aPsAu-laSvbPfa0tOsDMCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTU5NjExMjE0OTQ4MTIxMTPIAQmoAwHIAwKqBLoBT9CVmNCBpRTiuq84Ncpmj1l1x_-kpzir1uIT5_L5nHE9U-5QZzGgG2A1izidhNfKuSwQa2LR3zOdpgwXH0zuNfc_6OKYfomPId2CQZK9E70rwv1T17GPCZcgbI9VgkqAU2pqtETbsjf484SghHP2IGxMmc8rX8EoIL7a7hpJSyptgBjyJNMkIAkiYojFuyTqn5A-pjhGv0L5nyiNcvDMWJ7nBkSZBCDpfvoIKCg4lspzA2FwPJ8y_7R_gAaqn4vpibTu0MYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOli78u3apuqCA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTYxMTIxNDk0ODEyMTEzGAA&sigh=3jZ3VXHgL4o&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNnzaNHL_AJ6JRwXQKxc3TeRcOzIWzC_1ffzJR8y8ofIo9a6C3xHy8CjO69vftvttIidtiM1p-GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 29 Nov 2023 22:54:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 34E8 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAATjI4NDMwNjg2NjI3NTg3XzE2OTM4NzExMjNfMTE2MjExMDkxNDYwMUBhYWIyYWQyYTk4NDU2MTgxZjQ4MDI0NGY1N2M3ZjY3MpgHuB6F61G4vj8saHR0cHM6Ly9jaGluYXMtbGFmYS5ydQRVUwDoAU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2HGNoaW5hcy1sYWZhLnJ1EjhDVVU5SkY4SAgOMTYweDYwMAowLjAyNA5lYXN0X3NjBkFEWAgIbnVybAAAAAAAAAA6QLzb1NSDYwIyAAAAAAAA8L9AcnRiLWFwcG5leHVzLTU0YmRkNTg1NjYtaDZiaG4uU0M-MTcwMDA4MDgwNzY4MzMwMDE2MDA2MDAwMDA1OTUwMAIQZjA4MWZkOTQCZAI&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 29 Nov 2023 22:54:38 GMT
log
qsearch-a.akamaihd.net/ Frame 34E8 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=aab2ad2a98456181f480244f57c7f672&algo=unison26&bdp=0.1200&bidfp=0.0100&capd=0&cc=US&cid=8CUU9JF8H&crid=116211091&ct=miami&dc=east_sc&dfpbd=0.0240&dn=chinas-lafa.ru&iwb=1&ogcbdp=0.1200&other_bids=0.12&other_prv=460&pbshr=100.0000&prdp=0.0240&requrl=chinas-lafa.ru%2F&sat=1&sc=FL&sc_pvid=460&send_erpm=true&server=1&size=160x600&strg=harmony&totalTime=3779410&ugd=4&ver=9.6.3&cliIP=0&time_stamp=2023-11-29%2022%3A54%3A36&seat=BID_API&itype=adx&req_id=Wtxnf2e5-GilI385qWU-XQ&dfp_bucket=0.0&level_base=0&bdp_bucket=0.1&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.199%20Safari%2F537.36&br_ver=119.0.6045.199&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_adx_1-cid_0&ogerpm=0.1200&ogerpm_used=false&rawbid=0.1200&totalTimeBucket=3&as_cache=1&sub_bidder=196&current_day=3.0&current_hour=22&cut=80&floor_bucket=0.00&model_version=202311290343_generic_adx_1-cid_0&erpm_bucket=0.10&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=2&viewability=0.2600&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=1&predicted_wr=52.094&bdp_wider_bucket=1&adblk=3254586875&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=80&advurl=related.investorfocus.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&clisp=rtb-appnexus-54bdd58566-h6bhn.SC&dmm_m1=2023-11-29%2022%3A54%3A36.767968276&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.1200&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807683300160060000059500&erpm_mult=1.000000&zone=d&rc=-1&ecp_p50=0.8382505556662095&ecp_p75=1.8889454567224218&ecp_avg=0.02&ecp_status=Success&ecp_used=q05&ecp_rtime=1345.0&sfm_key=mowx_8CUU9JF8H_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-d58694798-thtp9&rel_cut_bkt=85&ecp_ver=multiquantile&djvm=9.5.8&ecp_p25=0.3403355992718764&ecp_p60=1.1453569090326952&ecp_p70=1.5774438814946843&ecp_p80=2.344633551152398&ecp_p85=2.9881186726531466&ecp_p90=4.288171045725823&ecp_p95=7.498441136820819&ecp_p99=26.93225657016302&optimal_cut=0.0&cut_cluster=0.0&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.201.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-201-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Nov 2023 22:54:38 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 29 Nov 2023 22:54:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 42F8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
37170
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 12:35:08 GMT
etag
48472445140208031
expires
Thu, 30 Nov 2023 12:35:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C0F8 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f93bf329ce9b8d48ca5b81f44952a68ef98343845d0dd97df3e854e9132fb728

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame C0F8 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cr9rgLMFnZYuGJ8WF3rsP_IeioAu-laSvbPfa0tOsDMCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTU5NjExMjE0OTQ4MTIxMTPIAQmoAwHIAwKqBLoBT9DXnzgkJFhAXKFku1vp5HB668wz7iKGpFrueqGps6BwficCGdqYbEZDjXb2U6AXEG9C4F_LNTx91WVfu69KX6QOIJ-3V7itW9cLlkzyyWx2HvuOtDj6cwTvEEKNgGNycO-p64YfTABPgyRHrVDt2oPzTzViQGaMC4VQgyhI-KIcj7HmcaE1-OHmIZ3N4gQkHuMHPXoMQ37J0pTPkQzZBIvkE_UEi1YbrmVGWE9b-XcYuU6c9A5z2nBAgAaqn4vpibTu0MYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIGwiAYRABMgKKAjoCgEBIvf3BOljq_-zapuqCA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTYxMTIxNDk0ODEyMTEzGAA&sigh=0FcMImvSgzg&uach_m=%5BUACH%5D&cid=CAQSPADICaaN892fOrWeG_TYSkrePAkaVUICmw_hOhdbNV_fJmspTfeS4rCBUmVGQjtf8uqkXHfxefPJRcELRhgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 29 Nov 2023 22:54:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame C0F8 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAAUDcyOTczODMyMTkyNTU3Nl8xMTg0NDE0MDQ0XzExNjIxMTA5MTQ2MDFAMmQyNzg4ZGQ0ZDM5NDI5MDM5ZTAxMTQ3MWIxNDc3YzCYB-xRuB6F67E_LGh0dHBzOi8vY2hpbmFzLWxhZmEucnUEVVMA6AFNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xOTkgU2FmYXJpLzUzNy4zNhxjaGluYXMtbGFmYS5ydRI4Q1VVOUpGOEgIDjE2MHg2MDAKMC4wMTQOZWFzdF9zYwZBRFgICG51cmwAAAAAAAAANUC629TUg2MCMgAAAAAAAPC_QHJ0Yi1hcHBuZXh1cy01NGJkZDU4NTY2LWg2YmhuLlNDPjE3MDAwODA4MDc2ODMzMDAxNjAwNjAwMDAwNTk1MDACEGYwODFmZDk0AmQC&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 29 Nov 2023 22:54:38 GMT
log
qsearch-a.akamaihd.net/ Frame C0F8 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=2d2788dd4d39429039e011471b1477c0&algo=unison26&bdp=0.0700&bidfp=0.0100&capd=0&cc=US&cid=8CUU9JF8H&crid=116211091&ct=miami&dc=east_sc&dfpbd=0.0140&dn=chinas-lafa.ru&iwb=1&ogcbdp=0.0700&other_bids=0.07&other_prv=460&pbshr=100.0000&prdp=0.0140&requrl=chinas-lafa.ru%2F&sat=1&sc=FL&sc_pvid=460&send_erpm=true&server=1&size=160x600&strg=harmony&totalTime=2921690&ugd=4&ver=9.6.3&cliIP=0&time_stamp=2023-11-29%2022%3A54%3A36&seat=BID_API&itype=adx&req_id=Ewp-NW2cgn4yjmF67-sX9Q&dfp_bucket=0.0&level_base=0&bdp_bucket=0.05&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.199%20Safari%2F537.36&br_ver=119.0.6045.199&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_adx_1-cid_0&ogerpm=0.0700&ogerpm_used=false&rawbid=0.0700&totalTimeBucket=2&as_cache=1&sub_bidder=196&current_day=3.0&current_hour=22&cut=80&floor_bucket=0.00&model_version=202311290343_generic_adx_1-cid_0&erpm_bucket=0.05&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=2&viewability=0.2100&stid=aswift_2_expand&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=1&predicted_wr=56.7218&bdp_wider_bucket=1&adblk=2562254491&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=80&advurl=related.investorfocus.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&clisp=rtb-appnexus-54bdd58566-h6bhn.SC&dmm_m1=2023-11-29%2022%3A54%3A36.767147617&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.0700&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807683300160060000059500&erpm_mult=1.000000&zone=d&rc=-1&ecp_p50=0.6885186681890302&ecp_p75=1.5349342706326126&ecp_avg=0.02&ecp_status=Success&ecp_used=q05&ecp_rtime=1003.0&sfm_key=mowx_8CUU9JF8H_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-d58694798-lz25t&rel_cut_bkt=95&ecp_ver=multiquantile&djvm=9.5.8&ecp_p25=0.2772396986313912&ecp_p60=0.9421332179075625&ecp_p70=1.2943772701078613&ecp_p80=1.86842826130782&ecp_p85=2.3332620616445157&ecp_p90=3.2378390639893713&ecp_p95=5.405552929403459&ecp_p99=16.38676142179051&optimal_cut=0.0&cut_cluster=0.0&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.201.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-201-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Nov 2023 22:54:38 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Wed, 29 Nov 2023 22:54:38 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8250 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslxxO32GmXFbU6NfBfTwsy1OfF5gLQOtb5WYxbkKl79qg6XeHWRtnroFHkGO7-CQ4w6xMgnW8_HemunNdBqNtfabXe2I0JlWctPwckkLCy0af0TGnIy4fGfppNAJ_JCd5fiS1LLyU_jg&sai=AMfl-YQVD6qtGQtUhxtgf03JumcrXqweWMGkqNU9Tn1kRPUcOb1HmhX-EEcsQZF6U0oGT6quqX3s8wZm1BUoziRRx6TxgXsHxRorACW-Y5FjIDkgkb0GkbHJCAwbgB3Cf2LvB34NCCcPsOx5VjUjL6hAaq4x-rchz1iLdfs&sig=Cg0ArKJSzHHJ3gB0iX6sEAE&cid=CAQSTgDICaaNubsYsL3BNvgI1U4DZrXviwX48RUIv9dZdQDQck4mFqqfFBKbheTG_BbgpD4xBnacmufxKykU6POesgyakHbI61EevyEwCc-xwxgB&id=lidar2&mcvt=1091&p=0,0,280,1090&mtos=1091,1091,1091,1091,1091&tos=1091,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2801298807&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701298476133&rpt=1131&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 7E96
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ0MzAwMDc4MTUyMzU0NTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMxZPxgx6GCJLMw9f5iii4w&google_cver=1
53 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMxZPxgx6GCJLMw9f5iii4w&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.202.52.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Wed, 29 Nov 2023 22:54:38 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMxZPxgx6GCJLMw9f5iii4w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 52BB 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMJStVABkM8tGQRNrMLL_kU&google_cver=1&google_push=AXcoOmSMR6PsTD6-NaPm0lYMb--20G2KMNNVv8O6-B_xuMUEG5FzQ5_SvHjOjFVEvh-eFch6LxssBODr9IrIzSZdxnJ00FHacTVA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 52BB
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEBnnvZZx1VWeN5o8kzoWZJk&google_cver=1&google_push=AXcoOmRp1byikQp0NudIdPDtO45OfAttWeK8OvPlXsdxFNoOkAmPV1R98I4Z7Mzu9L6bT5jxzrIEkiac5FkezT410EvEHbF6X2IE
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmRp1byikQp0NudIdPDtO45OfAttWeK8OvPlXsdxFNoOkAmPV1R98I4Z7Mzu9L6bT...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmRp1byikQp0NudIdPDtO45OfAttWeK8OvPlXsdxFNoOkAmPV1R98I4Z7Mzu9L6bT5jxzrIEkiac5FkezT410EvEHbF6X2IE&google_cver=1&googl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmRp1byikQp0NudIdPDtO45OfAttWeK8OvPlXsdxFNoOkAmPV1R98I4Z7Mzu9L6bT5jxzrIEkiac5FkezT410EvEHbF6X2IE&google_cver=1&google_gid=CAESEBnnvZZx1VWeN5o8kzoWZJk&google_hm=UTc1NDU4NDg3ODEzNzcyMjE4NTE=
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 29 Nov 2023 22:54:39 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmRp1byikQp0NudIdPDtO45OfAttWeK8OvPlXsdxFNoOkAmPV1R98I4Z7Mzu9L6bT5jxzrIEkiac5FkezT410EvEHbF6X2IE&google_cver=1&google_gid=CAESEBnnvZZx1VWeN5o8kzoWZJk&google_hm=UTc1NDU4NDg3ODEzNzcyMjE4NTE=
Content-Type
text/html
Cache-Control
max-age=68210
Connection
keep-alive
Content-Length
154
pixel
cm.g.doubleclick.net/ Frame 52BB
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEDvv0ajGUx7C7f4Ah6oKnvQ&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZWU4YTJjMzUtOGZjMi00YTI1LWI2OTEtMmEwOWZjMGM0NTY5&google_gid=CAESEDvv0ajGUx7C7f4Ah6oKnvQ&google_cver=1&google_push=AXcoOmQe...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZWU4YTJjMzUtOGZjMi00YTI1LWI2OTEtMmEwOWZjMGM0NTY5&google_gid=CAESEDvv0ajGUx7C7f4Ah6oKnvQ&google_cver=1&google_push=AXcoOmQeewR9N3fGbcIv0wIk38E-fKOJP_MbcGNf6Ho6SG-0107IglQG6hIxFlh3rM4pbU5fzRrWRLB_-cuZcKFwqIZzDybZFN0Zvw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZWU4YTJjMzUtOGZjMi00YTI1LWI2OTEtMmEwOWZjMGM0NTY5&google_gid=CAESEDvv0ajGUx7C7f4Ah6oKnvQ&google_cver=1&google_push=AXcoOmQeewR9N3fGbcIv0wIk38E-fKOJP_MbcGNf6Ho6SG-0107IglQG6hIxFlh3rM4pbU5fzRrWRLB_-cuZcKFwqIZzDybZFN0Zvw
date
Wed, 29 Nov 2023 22:54:38 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieSyncAdX
rtb.adentifi.com/ Frame 52BB 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEBzrwCwJIy7yyX7-cOXQjyA&google_cver=1&google_push=AXcoOmTIgkulQXcjA29whR0baWepv9pEmVblk7_MBky3ZQUMwuh7WnAgsXaruRsLT5Ojq1sPvLOsaspCDfeMd3i0s7UJaavwa28bPA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.203.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-203-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:38 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 52BB 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS4DOmI1uPWVGCNtPnaK8GwqZN8RV-vcBdbCWsQV7VoVTFpvsVaJ5aM87J-UzaX5ftWVDSfS0n9PCt5J_sWIizHQyACC7lNVw&google_gid=CAESECI2WfW8SPc-ks1cxDpdWps&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
234771
expires
Wed, 29 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 52BB
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEOjwF-Qgc91H4ZrgdKwlHb0&google_cver=1&google_push=AXcoOmSYuLLffO8QIXx6AbIgJ4iEpqBmkIlLu09WMk4GmUx0XbQufsdq2I4HjB_s6YYTVe3VQ4Nw...
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEOjwF-Qgc91H4ZrgdKwlHb0&google_cver=1&google_push=AXcoOmSYuLLffO8QIXx6AbIgJ4iEpqBmkIlLu09WMk4GmUx0XbQufsdq2I4HjB_s6YYTVe...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=jX2UqW4TTA6EzYReXwudHw==&no_redirect=1&google_push=AXcoOmSYuLLffO8QIXx6AbIgJ4iEpqBmkIlLu09WMk4GmUx0XbQufs...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=jX2UqW4TTA6EzYReXwudHw==&no_redirect=1&google_push=AXcoOmSYuLLffO8QIXx6AbIgJ4iEpqBmkIlLu09WMk4GmUx0XbQufsdq2I4HjB_s6YYTVe3VQ4Nwmv-Lxg1I_rjGppvTZsRGOEumIg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=jX2UqW4TTA6EzYReXwudHw==&no_redirect=1&google_push=AXcoOmSYuLLffO8QIXx6AbIgJ4iEpqBmkIlLu09WMk4GmUx0XbQufsdq2I4HjB_s6YYTVe3VQ4Nwmv-Lxg1I_rjGppvTZsRGOEumIg
date
Wed, 29 Nov 2023 22:54:38 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
report
sync.teads.tv/um/ Frame 52BB
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKNPBAWorbOE...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZDg3MzBlMGItNGZhNy00MTMxLTg3YTgtOWZjZTA5YTkxNmI3&google_push=AXcoOmSRZYH-32It0HWYPBSk5mb1dTvnHS3HI5qyyyyUbFrdsYfnX6vf3_DSou7zToD2r...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
23.51.53.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-53-155.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Wed, 29 Nov 2023 22:54:39 GMT
pragma
no-cache
date
Wed, 29 Nov 2023 22:54:39 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 52BB 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdXHcXRKjpjHDvKblaVTwbKKXT-JmjDHEZzrMMdyItKlKi_M-NXvesLGDRvQH_kWkPZzx-evw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=3254586875&adf=2788751979&pi=t.aa~a.3650758574~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2096&idt=1&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280%2C300x600&nras=4&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cksync
cs.media.net/ Frame D521
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ0MzAwMDc4MTUyMzU5OTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMxZPxgx6GCJLMw9f5iii4w&google_cver=1
53 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMxZPxgx6GCJLMw9f5iii4w&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.202.52.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Wed, 29 Nov 2023 22:54:38 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEMxZPxgx6GCJLMw9f5iii4w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 42F8
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJTX84VRIZs3sF4jRdlfHgQ&google_cver=1&google_push=AXcoOmT26xinrEVFuYiHXZlqvA846PZdx5VDSIR-bf04L3rA7lKd2eZ...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=64c6a3b842001393&is_secure=true&networkId=14000&version=1&google_gid=CAESEJTX84VRIZs3sF4jRdlfHgQ&google_cver=1&google_push=AXcoOmT26xin...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHd2LRJGNgkAMAApoNAAAAAAA&expiration=1701384879&google_cver=1&is_secure=true&google_gid=CAESEJTX84VRIZs3sF4jRdlfH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHd2LRJGNgkAMAApoNAAAAAAA&expiration=1701384879&google_cver=1&is_secure=true&google_gid=CAESEJTX84VRIZs3sF4jRdlfHgQ&google_push=AXcoOmT26xinrEVFuYiHXZlqvA846PZdx5VDSIR-bf04L3rA7lKd2eZU9FfHNqS8U2UJDySbWVoP-d72VnvjXmSe3nkRjn78KWvGUw
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:39 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHd2LRJGNgkAMAApoNAAAAAAA&expiration=1701384879&google_cver=1&is_secure=true&google_gid=CAESEJTX84VRIZs3sF4jRdlfHgQ&google_push=AXcoOmT26xinrEVFuYiHXZlqvA846PZdx5VDSIR-bf04L3rA7lKd2eZU9FfHNqS8U2UJDySbWVoP-d72VnvjXmSe3nkRjn78KWvGUw
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 42F8
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOEpd1GQosoQnCJj41XVNrM&google_cver=1&google_push=AXcoOmT2rGgkaoIXtBThxCP-xhKw8XbsPA5NxIhEWtc0clOe6MeZ5q4k4-7bQt_QpomAfskW5S9zU...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT2rGgkaoIXtBThxCP-xhKw8XbsPA5NxIhEWtc0clOe6MeZ5q4k4-7bQt_QpomAfskW5S9zUp3H4o_mrgoBlTbvPgOiQ2ldQA
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT2rGgkaoIXtBThxCP-xhKw8XbsPA5NxIhEWtc0clOe6MeZ5q4k4-7bQt_QpomAfskW5S9zUp3H4o_mrgoBlTbvPgOiQ2ldQA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 29 Nov 2023 22:54:38 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 71B4708CD7F54D96A45F3806223F90AB Ref B: MIAEDGE1816 Ref C: 2023-11-29T22:54:38Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmT2rGgkaoIXtBThxCP-xhKw8XbsPA5NxIhEWtc0clOe6MeZ5q4k4-7bQt_QpomAfskW5S9zUp3H4o_mrgoBlTbvPgOiQ2ldQA
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLUmt5P2B20Izw1sFKHg==
pixel
cm.g.doubleclick.net/ Frame 42F8
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESECfLjYKxz6R6d9-2VukZWiQ&google_cver=1&google_push=AXcoOmRNbATMNtJveNV-h8htA_LD-m0VurVCZrwEt0wRIj75tAsaLs1ywK-Es2XL3kyqAIajopgwPUhkXg8s8t-dL--MY_lx-qpz
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=SjhuQ2U4WGhBUzJjYnZkdkw4Rm5aUQ%3D%3D&google_push=AXcoOmRNbATMNtJveNV-h8htA_LD-m0VurVCZrwEt0wRIj75tAsaLs1ywK-Es2XL3kyqAIajopgwPUhkXg8s8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=SjhuQ2U4WGhBUzJjYnZkdkw4Rm5aUQ%3D%3D&google_push=AXcoOmRNbATMNtJveNV-h8htA_LD-m0VurVCZrwEt0wRIj75tAsaLs1ywK-Es2XL3kyqAIajopgwPUhkXg8s8t-dL--MY_lx-qpz
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 29 Nov 2023 22:54:39 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=SjhuQ2U4WGhBUzJjYnZkdkw4Rm5aUQ%3D%3D&google_push=AXcoOmRNbATMNtJveNV-h8htA_LD-m0VurVCZrwEt0wRIj75tAsaLs1ywK-Es2XL3kyqAIajopgwPUhkXg8s8t-dL--MY_lx-qpz
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
243
usersync.aspx
dis.criteo.com/dis/ Frame 42F8 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRnEag7OGLp1a4rKfQmOJSeamQqqM6itHJklXH6SZs0A-z6OCvWK5jXazgnNFrFJ4FcQPS23XNM1DCD_vVyUEpe2Zmslt5dMg&google_gid=CAESEPeo5NIlWZdsIuSAqiQ7QCI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
415773
expires
Wed, 29 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 42F8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAcv77vtWLkTUpvQCP9Piy8&google_cver=1&google_push=AXcoOmQwy2WJ3zBF_gaHAmb3h4vDWBFVI6YPgHud5xLDrfY8JZtX8WLG5ja5e_1K65dTRSnBdm8UANw0S1KPK...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAcv77vtWLkTUpvQCP9Piy8&google_push=AXcoOmQwy2WJ3zBF_gaHAmb3h4vDWBFVI6YPgHud5xLDrfY8JZtX8WLG5ja5e_1K65dTRSnBdm8UANw0S1KPK...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQwy2WJ3zBF_gaHAmb3h4vDWBFVI6YPgHud5xLDrfY8JZtX8WLG5ja5e_1K65dTRSnBdm8UANw0S1KPKtEPuu1I9DhdUYURyQ&google_hm=Tk5mU3VtUTVtbktRUm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQwy2WJ3zBF_gaHAmb3h4vDWBFVI6YPgHud5xLDrfY8JZtX8WLG5ja5e_1K65dTRSnBdm8UANw0S1KPKtEPuu1I9DhdUYURyQ&google_hm=Tk5mU3VtUTVtbktRUmYwdlBqREw=
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Nov 2023 22:54:39 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQwy2WJ3zBF_gaHAmb3h4vDWBFVI6YPgHud5xLDrfY8JZtX8WLG5ja5e_1K65dTRSnBdm8UANw0S1KPKtEPuu1I9DhdUYURyQ&google_hm=Tk5mU3VtUTVtbktRUmYwdlBqREw=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 42F8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECwBBzXRl58UsXZe8GV4oco&google_cver=1&google_push=AXcoOmSAg4QXvmRqlkmR-WzSjXbB6fBlUHjDnCVmiOjt-oHAZQbT6CC0myBzopauvW-iXECm8JX1NOGwTY8U...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSAg4QXvmRqlkmR-WzSjXbB6fBlUHjDnCVmiOjt-oHAZQbT6CC0myBzopauvW-iXECm8JX1NOGwTY8Upd2mi4148L92J61L_g
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSAg4QXvmRqlkmR-WzSjXbB6fBlUHjDnCVmiOjt-oHAZQbT6CC0myBzopauvW-iXECm8JX1NOGwTY8Upd2mi4148L92J61L_g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSAg4QXvmRqlkmR-WzSjXbB6fBlUHjDnCVmiOjt-oHAZQbT6CC0myBzopauvW-iXECm8JX1NOGwTY8Upd2mi4148L92J61L_g
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 42F8
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRlQcrPKvHkOzkhh7AWJRAYm77k9wRqh6PcYGuWeLpBOibAjkhGsAI05BRRFsFIH2LUM7vu6uAGt1Cuqv0hdQZwlG8SaS9O6Fs&google_gid=CAESEM9PYBZV58...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM9PYBZV58YuApnGWUTW1mA&google_hm=T1BVMWRiMjJlMGY2ZTIxNDY4YWFiZDYyM2Q1NGFjZjllMDE&google_nid=opera_norway_as&google_push=AXcoOmRlQcrP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM9PYBZV58YuApnGWUTW1mA&google_hm=T1BVMWRiMjJlMGY2ZTIxNDY4YWFiZDYyM2Q1NGFjZjllMDE&google_nid=opera_norway_as&google_push=AXcoOmRlQcrPKvHkOzkhh7AWJRAYm77k9wRqh6PcYGuWeLpBOibAjkhGsAI05BRRFsFIH2LUM7vu6uAGt1Cuqv0hdQZwlG8SaS9O6Fs
Protocol
H3
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:39 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM9PYBZV58YuApnGWUTW1mA&google_hm=T1BVMWRiMjJlMGY2ZTIxNDY4YWFiZDYyM2Q1NGFjZjllMDE&google_nid=opera_norway_as&google_push=AXcoOmRlQcrPKvHkOzkhh7AWJRAYm77k9wRqh6PcYGuWeLpBOibAjkhGsAI05BRRFsFIH2LUM7vu6uAGt1Cuqv0hdQZwlG8SaS9O6Fs
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
327
expires
Mon, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 42F8 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHuqmEOE6hTcBp7bFFuM2-C6jU2KclVUOUjvABqs1yV7vbQFu0aOvFhXp-Fasycz4vjvMDnw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961121494812113&output=html&h=600&adk=2562254491&adf=1605564971&pi=t.aa~a.3108187763~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1701275723&rafmt=1&to=qs&pwprc=3663841965&format=300x600&url=https%3A%2F%2Fchinas-lafa.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701298476554&bpp=1&bdt=2095&idt=-M&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=3&correlator=752623355864&frm=20&pv=1&ga_vid=1430682176.1701298476&ga_sid=1701298476&ga_hid=1180577590&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C42532524%2C44798934%2C44809315%2C31078301%2C31079811%2C44807753%2C44806140%2C44807764%2C44808149%2C44808285%2C44809072%2C318512602&oid=2&pvsid=1920459882206271&tmod=1469318285&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 8587 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8587 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8587 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 8587 		15 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=7384&&vgd_canary=0&vgd_l2type=scs_newfl&fp=oBuYNQpcK08H8bmw9Yla08anT5MPkfo9tT0lO4DHTi2k9lO4BvhcO_fIyV9Ucf5RHxvrPFcOVxD3vzYeKd3OYlGTHrwVgnsKZ8uPwo0nq8UIQJ6mGxrSBrMr7SGlgU8C6S7UFUcAdITplghfivIzzg%3D%3D&cme=0DEVj_VP6rTv9TPnZnVAg-UNrguGD76sO3Vqjm9L407t5GSn7vv8reBVaV39FEm3oPui3cWcHUTrNGKTdPattGn4v0CMZNYx2fWJYzftLCvreJK2_Gm-NDUM7DJ10sF5eEgqcSVsM8sGuO70hU94gmaHksXQK8RX4A2RCKa77QgyZgza2H29Nhp9DGevFn-nPRi-Zafoe-7mIi1YsaqDCfNDQW6HybHvTUnRSRRfrAULlmHPxE-HOA%3D%3D%7C%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD76ljQ04sNCQPe_yJlk9Pm1yjYUgGb1-P8%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CiFi0xlLg6lYMF9mjbK6Jwco7cVioC47KovkVtCk0kgP6dv812HCYrxTPlL7aaUM_RDZAJ8UwQyYOBSW1UBhWeKjRHlWDPkk-mN5UbqdRVscN1v5Usu-x-YfThSYNfBHYFTJ9r-xFVLsTSx6F-gGphvYC2d81FBS_DZBSZl2ecv0u_8OZy0DoTp92QVIpmhm8KSq0K9PZE6QPnNTX2S9V8cAnJOQqOSlljURPqID_XFi_mNAWwK3dz1hAMm8XbRw0KbhOpzVX2E0sjtQDHa3EVlHoWxmN9tqR%7C&subBdr=196&bdrid=460&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Bank+Owned+Cars+for+Sale&kwt[]=391&kbc[]=1262292604&kwp[]=1&kid[]=299487099&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D112908%7C13%3D0.0952%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C80%3D4.81%7C74%3D2.45%7C53%3D0.51%7C12%3D0.44%7C60%3D0.15%7C1%3D0.48%7C2%3D2.79&ktd[]=274911658240&kwd[]=Check+Payments+Online&kwt[]=391&kbc[]=1262292604&kwp[]=2&kid[]=59862962&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D112908%7C13%3D0.0733%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C80%3D0.30%7C74%3D2.45%7C53%3D0.27%7C12%3D0.51%7C60%3D0.30%7C1%3D0.37%7C2%3D3.36&ktd[]=274911658240&kwd[]=No.1+Stock+to+Buy+Now&kwt[]=391&kbc[]=1262292604&kwp[]=3&kid[]=324947967&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D112908%7C13%3D0.0809%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C80%3D3.10%7C74%3D2.45%7C53%3D1.80%7C12%3D1.41%7C60%3D0.74%7C1%3D1.62%7C2%3D7.69&ktd[]=274894881024&kwd[]=%2430+an+Hour+No+Experience+Jobs&kwt[]=391&kbc[]=1262292604&kwp[]=4&kid[]=350784374&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D112908%7C13%3D0.0787%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C80%3D2.61%7C74%3D2.45%7C53%3D0.33%7C12%3D0.50%7C60%3D0.74%7C1%3D0.45%7C2%3D2.15&ktd[]=274894881024&kwd[]=5+Best+Medicare+Advantage+Plans&kwt[]=391&kbc[]=1262292604&kwp[]=5&kid[]=329937320&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D112908%7C13%3D0.1043%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C80%3D12.66%7C74%3D2.45%7C53%3D6.37%7C12%3D11.29%7C60%3D2.09%7C1%3D7.67%7C2%3D21.48&ktd[]=274894881024&kwd[]=Best+Dentists+Near+Me&kwt[]=391&kbc[]=1262292604&kwp[]=6&kid[]=324977595&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D112908%7C13%3D0.0958%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C80%3D2.46%7C74%3D2.45%7C53%3D0.15%7C12%3D0.89%7C60%3D0.21%7C1%3D0.50%7C2%3D5.35&ktd[]=274894881024&kwd[]=7%25+Interest+Savings+Accounts&kwt[]=391&kbc[]=1262292604&kwp[]=7&kid[]=329753404&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D112908%7C13%3D0.0924%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C80%3D2.32%7C74%3D2.45%7C53%3D0.85%7C12%3D1.06%7C60%3D0.23%7C1%3D0.90%7C2%3D6.87&ktd[]=4503874522251520&v=1&geo=40.8%7C-73.97&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=US&wsip=170774892&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Y81Y8%22%2C%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22sT%22%7D&cid=8CU7Q771E&vi=1701298477984681598&vsid=3443000781523515&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=9&vgd_tsce=L332-S332&vgd_imdtl=1&vgd_l3_sc=NY&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000ca2a&vgd_nrrsf=scrr&vgd_cty=new+york&vgd_ifrmode=14&sttm=1701298478183&upk=1701298478.17698&hvsid=00001701298478183006462152352345&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rakh=1701298477144877973&vgd_ecrid=1700080807683300160060000059500&vgd_isiolc=1&kbbq=%26asn%3D9009&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=67119&vgd_vstrid=3443000781523515&vgde_bdata=QOfvzxjj~8xLjMjvu9~xjYMEv9.9uAh~myJLEYv9.9h~eBMJ-Nv9.fu~e8QMQOvh9F~xLjMLEQMGvuH.Hu~OmYMGv9.XA~ONfvu~QNOvkj~L1Jv9%2C9~eM1Qzvi99i~OmYMjvf9~ejfLMQOvf9fAuufiuf~8xLjMGvhhh.hh~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MfMJ-E1zO~L17v9.999%2C9~j1Q7v~NemyvH.FA~e8QMxLjMGv9.Hh~ejfLM8MQOvf9fAuufiu9~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGv9~e8QMxLjMjv9~L88Ex1vfH%2CfH~J7vuW~LNvu~L8Qx8Ov9%2C9~ejfLM8MGv9.9f~LEQMQOvf9fAuufiuf~e8QMGvuAu.ff~L1Oev9.999%2C9~xLjMGvu.fW~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~QjevAF.uX~yN17vou9~GGvuiF~eev9~NejfLMQOvh9W~LkevHA.AF~jfLMGvu999~JLEYv9.9h~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~L1OEv9.999%2C9~1AEMGvF.hu%2CWW.iH~Q8OvHWuihhifX~QOvu~x8OvfV1ZzlE-sTGLueCuHa~xLjMLEQMUNv9~NejfLMGvH.FA~G7OvA9hihuhFHAfXF9h9fHihFFFif9XhhXH9AuhFAWXXAfAFiXHFuhHA9XXufiW9HXHfH9iWuuWWWWWfiHAWH99uFXfAhXWHhWXWAifFhWH~eBxv9.fu~OfEMjvu9~NejfvH.FA~AENkviii.Xh~x8Yv9~myMYQwv9.9h~LU7v9.999%2C9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvWW.iH~xLjMQLEQMGvuH.Hu~LNevHA.AF~%3DVvA9X9~LUBEv9.999%2C9~UGMxNvof~z7Qvf~UGMNNUQvof~N7vY81Y8~GQQMC_pvIK%2CIK~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.9h~ONvW~xLjMLEQMLev9~ejfLMGvF.Ah~NGOEv9.9uH~QOvu~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MfMJ-E1zO~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7MfMJ-E1zO~e8JB1G8j875v9.fu~EmQvA~1NM75EJvu~1OGjUvfXFffXHHiu~1YEvu~myG8Ov9.9h9~GkjLv9.9u9~Qx8Ov%3DK4b4RoxAMZdMji%2FoBWBXx7mC%20B~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~QmGEv~-8OvKrtoExGoXiFuufuHiHWufuuA~w7Yjvu~ONx7vW9~OmyGv9ou~JNEMxQJOv%209X~JNEME9Xv9.9AXhAHh99FiFH9HWA~JNEMEu9v9.9iXuAW9ihifWhXWuF~JNEMEuXv9.uXHAi9iFHWXXiWui~JNEMEf9v9.fu9FWWWuuAAHhAX~JNEMEfXv9.fhhfAiFiWFAuAiuf~JNEMEA9v9.AHXWufXH9fFfX9Wu~JNEMEAXv9.HuhX9h9uWFWXhA9f~JNEMEH9v9.HiAXuXuuWWWhuAfWH~JNEMEHXv9.XWHiiFHXWXXAAWfu~JNEMEX9v9.FWWXuWFFWuWi9A9f~JNEMEXXv9.W9HAuWH9Xuf9HXhi~JNEMEF9v9.iHfuAAfuhi9hXFfX~JNEMEFXvu.u9HXifuXHAf9X9fW~JNEMEh9vu.fiHAhhfh9u9hWFuA~JNEMEhXvu.XAHiAHfh9FAfFufF~JNEMEW9vu.WFWHfWfFuA9hWf~JNEMEWXvf.AAAfFf9FuFHHXuXh~JNEMEi9vA.fAhWAi9FAiWiAhuA~JNEMEiXvX.H9XXXfifiH9AHXi~JNEMEiivuF.AWFhFuHfuhi9Xu~8GNvu~zQlvf~7yQvuF9-F99%7CA99-F99~GQGv9~GQEv9~7Y-vfAu&vgd_bhv_kbb=-1&vgd_cfud=230323&vgd_scsver=256&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=160_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=501&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1125&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A160%3Brend_h%3A600&vgd_uspa=0&vgd_sc=NY&vgd_l1rhst=contextual.media.net&hvsid=00001701298478183006462152352345&rc=0&rand=1701298478492&acid=2d2788dd4d39429039e011471b1477c0&matm=1701298478492&vgd_ltimesrc=1&vgd_ltime=1277&vgd_rtime=1276&vgd_etm=17&vgd_l1hcsd=S5h9m%7C7842&vgda_l1btm=%5B%22SPAMPXL%22%5D&vgd_l1ch=1&vgd_lhl=6438&vgd_pgid=p01693938627t202311292254&vgd_csip=rtb-appnexus-54bdd58566-h6bhn.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CBODY%7CHTML%7Cundefined&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3249&&kkdd=3W%7C3%7C9n*HA&(s=QjzQC2-ujj2-uN-QH2-&LKwi=z&J4wT=z&DK(=QQCH&O4DX=YhhC&DsK=-dgjpjjQG&DwDK=pD6LFb_ZAUG_~QAA7iiUDW%3D%3D&DisK=u-Q2jj2CH&4s!X=QNzbNzz&DD=gB&4D=xr&DvcJ=a9Ik3xr&wsK=-t3NjIrhB&OwsK=oQGhNN-&vOOw4=Q&iii=O!I7vYDM7Y-iZvr1qwot_-gpqrhu3wuvgr1ukFrbuB4%3D&c4X=H&MW=Q&ZLK=u&TKOQ=-dgg2Uq-a&TKOC=QQNCQQz2Q&*KTOT=4KC%3DcZMMlsZiMAM%3DQzlZMJAw%3Dz8zQhjlFLXiwJ%3Dz8zjl(WAXbD%3Dz8CQl(s4A4K%3DjzNlZiMAiw4A*%3DQu8uQlKFJA*%3Dz8HhlKDC%3DQl4DK%3DyMliTX%3Dz%2Czl(AT4c%3D2zz2lKFJAM%3DCzl(MCiA4K%3DCzChQQC2QClsZiMA*%3Djjj8jjlZiMAO5D%3DzlZiMAiCTA*%3Dzl4OK%3DT4WsyOACAXbwTcKliTO%3Dz8zzz%2CzlMT4O%3DlD(FL%3Du8Nhl(s4AZiMA*%3Dz8ujl(MCiAsA4K%3DCzChQQC2Qzlsw%3DrFKa5wyc2~5syTutrJ4Gkly**%3Dzl(s4AZiMAM%3DzlisswZT%3DCu%2CCulXO%3DQ-liD%3DQlis4ZsK%3Dz%2Czl(MCiAsA*%3Dz8zCliw4A4K%3DCzChQQC2QCl(s4A*%3DQhQ8CCliTK(%3Dz8zzz%2CzlZiMA*%3DQ8C-l(MCiAZiMA*%3Dzl(MCiAZiMA(s%3DQG7QNlZiMAO(s%3DzlZiMAM%3DQzl4M(%3DhN8QHlLDTO%3D7Qzl**%3DQ2Nl((%3DzlD(MCiA4K%3Djz-liy(%3Duh8hNlMCiA*%3DQzzzlXiwJ%3Dz8zjl(MCiAZiMA5D%3DzGzlw4sAD%3DQ%2CQ%2Cz%2Cz%2Cz%2Cz%2Cz%2Czl*J%3DQlw4sAK%3Dzli5X%3Dz%2CzliTKw%3Dz8zzz%2CzlThwA*%3DN8jQ%2C--82ul4sK%3Du-Q2jj2CHl4K%3DQlZsK%3DCETPc!wbqY*iQ(fQu3lZiMAiw4A5D%3DzlD(MCiA*%3Du8Nhl*OK%3Dhzj2jQjNuhCHNzjzCu2jNNN2CzHjjHuzhQjNh-HHhChN2HuNQjuhzHHQC2-zuHuCuz2-QQ-----C2uh-uzzQNHChjH-uj-H-h2CNj-ul(WZ%3Dz8CQlKCwAM%3DQzlD(MC%3Du8NhlhwDy%3D2228HjlZsJ%3DzlFLAJ4v%3Dz8zjli5O%3Dz8zzz%2CzlKJJA4OiL%3DvTiJFc~lKCwA*%3Dz82-lFLKCwA*%3Dz82-l44%3Dx9lDD%3DgBlZsW%3D7QlDX%3Dzliw4A*%3D--82ulZiMA4iw4A*%3DQu8uQliD(%3Duh8hNldE%3DhzHzli5Ww%3Dz8zzz%2Czl5*AZD%3D7ClcO4%3DCl5*ADD54%3D7ClDO%3DJsTJsl*44AfoR%3Dx9%2Cx9li5WK%3Dz8zzz%2Czl*T4s4C%3DQ2Nl*T4s4Q%3DQ2Nls4IXy%3Dzls4sy%3DzlZiMAiwDA*%3Dzl*sK%3Dz8zjlKD%3D-lZiMAiw4Ai(%3Dzl(MCiA*%3DN8hjlD*Kw%3Dz8zQul4K%3DQlsO~wXAsK%3DQjl4XMMXiAOTLAsK%3DT4WsyOACAXbwTcKl4ZwwM~AOTLAsK%3DlKXOXDOXKAOTLAsK%3DT4WsyOACAXbwTcKl(sXWT*sMsO~%3Dz8CQlwF4%3DhlTDAO~wX%3DQlTK*M5%3DCHNCCHuu2QlTJw%3DQlFL*sK%3Dz8zjzl*yMi%3Dz8zQzl4ZsK%3Dd9GBG_7ZhAPVAM2e7W-WHZOFf6WlKOD%3DXT4OA4DlKJJAXiwJ%3DyTM4XlKJJ%3DvTiJFc~l*KwDTwK%3DzlKTML%3DZcs4FcCNl4F*w%3DlbsK%3D9)S7wZ*7H2NQQCQu2u-QCQQhlvOJM%3DQlKDZO%3D-zlKFL*%3Dz7QlXDwAZ4XK%3D6zHlXDwAwzH%3Dz8zhHjhujzzN2Nuzu-hlXDwAwQz%3Dz8z2HQh-z2j2C-jH-QNlXDwAwQH%3Dz8QHuh2z2Nu-HH2-Q2lXDwAwCz%3Dz8CQzN---QQhhujhHlXDwAwCH%3Dz8CjjCh2N2-NhQh2QClXDwAwhz%3Dz8huH-QCHuzCNCHz-QlXDwAwhH%3Dz8uQjHzjzQ-N-HjhzClXDwAwuz%3Dz8u2hHQHQQ---jQhC-ulXDwAwuH%3Dz8H-u22NuH-HHhh-CQlXDwAwHz%3Dz8N--HQ-NN-Q-2zhzClXDwAwHH%3Dz8-zuhQ-uzHQCzuHj2lXDwAwNz%3Dz82uCQhhCQj2zjHNCHlXDwAwNH%3DQ8QzuH2CQHuhCzHzC-lXDwAwjz%3DQ8C2uhjjCjzQzj-NQhlXDwAwjH%3DQ8Hhu2huCjzNhCNQCNlXDwAw-z%3DQ8-N-uC-CNQhzj-ClXDwAw-H%3DC8hhhCNCzNQNuuHQHjlXDwAw2z%3Dh8Chj-h2zNh2-2hjQhlXDwAw2H%3DH8uzHHHC2C2uzhuH2lXDwAw22%3DQN8h-NjNQuCQj2zHQls*D%3DQlc4!%3DClOL4%3DQNzbNzz%7ChzzbNzzl*4*%3Dzl*4w%3DzlOJb%3DChQ&cO(=z&JJJ=ZSF4xyE)6G5%3D&sW=QNz&scEyi=Q&*KiEK=uNz&*sK=hu2zNj&JDy=NjQQ2&~K4wi=Q&*TX=_bX_LTTXbu&5TOwiX=Q&5TO*sK=7QzC&DTKFJTsc=O!I7vYDM7Y7aBvxuC7ZZyKcH3SvCsdzxN6KhC~uEBDVe3aVA5~VF!L%3D%3D&~wMw=Q&s4sK=H&TK(=Ec(X4OFi%20qFDZ4&44JDiA(Xi=H&wLsK=wzQN2h2h-NCjOCzChQQC2CCHu&44MK=%7B%2244sw%22%3A%22CzzQ%3AzHHz%3AQKzH%3Azzzz%3Azzzz%3Azzzz%3Azzzz%3Azzzz%22%2C%2244DD%22%3A%22gB%22%2C%22444D%22%3A%22qY%22%2C%2244DO~%22%3A%22JsTJs%22%7D&vOJM4iD=Q&sflct=8818102&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Wed, 29 Nov 2023 22:54:38 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
15
expires
Wed, 29 Nov 2023 22:54:38 GMT
truncated
/ Frame D15B 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D15B 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D15B 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame D15B 		15 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=7361&&vgd_canary=0&vgd_l2type=scs_newfl&fp=oBuYNQpcK09ZfTCKGY9KjirB-qGEpX9FqDCiqjsBXAH2RISClfPp_kPgotLmCuFRB1ZVxUQqhvhd7RiPQC0AJ_WqXFlOre-jyr14bz6ncOssfX2LLFwRF_MRg3gFD8Wmtt-Cb385lEasLqPTUHG2KQ%3D%3D&cme=WGZAIqvUWnh2VDaQUE9rI7_LvRvVE-bhmUQibjDBcWlgDVy1LsZj0lVPFDV_AbkjsEA4o7G_mmrNgHCsha9pnkAJ5TowU4m8iR_m9-EufzDNi8VXABao0fDqRrwSv0Zu3jgFoxxsq12hgs7AadyKD47865uAa8T9u0qVUX-Ew0mZbHvCYaqY0LMLE-jwagSyIIOaQdsGT4Fsulw-34PqfInZ4i7mCSRxizX_iTTouvGvvlAKCKn7Cg%3D%3D%7C%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD76ljQ04sNCQPe_yJlk9Pm1yjYUgGb1-P8%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7C-lA8saYLvmcIg0hyE7Kowro-hyCCteq_sGc6K5TiRJuX5JsCHRco5QemS1vucAAXK2aWVU_HCJJzx6RCFhSagB3otW1iD-2VGHniqeMHXtvXf4_ioct9VVKm45u8cfMxul_2Q8yIOEE1iNaYoqM2TyUgFdfTJTTL8HPmXd6p_jehKMSdXx5FV68CkjrDVJffQ5YifbrpOL0Tyds6ehF0UxluH_gbdRSc_MipoDcicJzQerHopL_pTcRsyIs_Dt5F_AQdkoDSvLCSzWz19vQh7f3yUYoPre9M%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7C&subBdr=196&bdrid=460&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Bank+Owned+Cars+for+Sale&kwt[]=391&kbc[]=1262292604&kwp[]=1&kid[]=299487099&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D112908%7C13%3D0.0952%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C12%3D0.44%7C80%3D4.81%7C60%3D0.15%7C53%3D0.51%7C74%3D2.45%7C1%3D0.48%7C2%3D2.79&ktd[]=4503874539028736&kwd[]=Check+Payments+Online&kwt[]=391&kbc[]=1262292604&kwp[]=2&kid[]=59862962&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D112908%7C13%3D0.0733%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C12%3D0.51%7C80%3D0.30%7C60%3D0.30%7C53%3D0.27%7C74%3D2.45%7C1%3D0.37%7C2%3D3.36&ktd[]=274911658240&kwd[]=No.1+Stock+to+Buy+Now&kwt[]=391&kbc[]=1262292604&kwp[]=3&kid[]=324947967&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D112908%7C13%3D0.0809%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C12%3D1.41%7C80%3D3.10%7C60%3D0.74%7C53%3D1.80%7C74%3D2.45%7C1%3D1.62%7C2%3D7.69&ktd[]=274894881024&kwd[]=%2430+an+Hour+No+Experience+Jobs&kwt[]=391&kbc[]=1262292604&kwp[]=4&kid[]=350784374&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D112908%7C13%3D0.0787%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C12%3D0.50%7C80%3D2.61%7C60%3D0.74%7C53%3D0.33%7C74%3D2.45%7C1%3D0.45%7C2%3D2.15&ktd[]=274894881024&kwd[]=5+Best+Medicare+Advantage+Plans&kwt[]=391&kbc[]=1262292604&kwp[]=5&kid[]=329937320&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D112908%7C13%3D0.1043%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C12%3D11.29%7C80%3D12.66%7C60%3D2.09%7C53%3D6.37%7C74%3D2.45%7C1%3D7.67%7C2%3D21.48&ktd[]=274894881024&kwd[]=Best+Dentists+Near+Me&kwt[]=391&kbc[]=1262292604&kwp[]=6&kid[]=324977595&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D112908%7C13%3D0.0958%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C12%3D0.89%7C80%3D2.46%7C60%3D0.21%7C53%3D0.15%7C74%3D2.45%7C1%3D0.50%7C2%3D5.35&ktd[]=274894881024&kwd[]=7%25+Interest+Savings+Accounts&kwt[]=391&kbc[]=1262292604&kwp[]=7&kid[]=329753404&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D112908%7C13%3D0.0924%7C14%3D112918%7Cokt%3D391%7Cbkt%3D391%7Cps%3D0.330%7C12%3D1.06%7C80%3D2.32%7C60%3D0.23%7C53%3D0.85%7C74%3D2.45%7C1%3D0.90%7C2%3D6.87&ktd[]=274894881024&v=1&geo=40.8%7C-73.97&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=US&wsip=170774754&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Y81Y8%22%2C%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22sT%22%7D&cid=8CU7Q771E&vi=1701298477274668164&vsid=3443000781523596&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=9&vgd_tsce=L332-S332&vgd_imdtl=1&vgd_l3_sc=NY&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000ca2a&vgd_nrrsf=scrr&vgd_cty=new+york&vgd_ifrmode=14&sttm=1701298478267&upk=1701298478.16490&hvsid=00001701298478267006462152354448&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rakh=1701298477157504595&vgd_ecrid=1700080807683300160060000059500&vgd_isiolc=1&kbbq=%26asn%3D9009&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=67119&vgd_vstrid=3443000781523596&vgde_bdata=QOfvzxjj~8xLjMjvu9~xjYMEv9.9uAh~myJLEYv9.uf~eBMJ-Nv9.fF~e8QMQOvh9F~xLjMLEQMGvuH.Hu~OmYMGv9.XA~ONfvu~QNOvkj~L1Jv9%2C9~eM1Qzvi99i~OmYMjvf9~ejfLMQOvf9fAuufiuf~8xLjMGvhhh.hh~xLjM7UNv9~xLjMLf1MGv9~Q7OvAfXHXWFWhX~L17v9.999%2C9~j1Q7v~NemyvH.uH~e8QMxLjMGv9.Hh~ejfLM8MQOvf9fAuufiu9~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGv9~e8QMxLjMjv9~L88Ex1vfH%2CfH~J7vui~LNvu~L8Qx8Ov9%2C9~ejfLM8MGv9.9A~LEQMQOvf9fAuufiuf~e8QMGvuh9.if~L1Oev9.999%2C9~xLjMGvu.fi~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~Qjevff.Wh~yN17vou9~GGvuiF~eev9~NejfLMQOvh9W~LkevHA.AF~jfLMGvu999~JLEYv9.uf~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~LUJv9%2C9~L1OEv9.999%2C9~1AEMGvW.9W%2CWh.fA~Q8OvHWuihhifX~QOvu~x8OvfV1ZY%3D_UWCi27kHs28~xLjMLEQMUNv9~NejfLMGvH.uH~G7OvA9hihuhFHAfF9uufHiA9AffA9W9AXWuHh9hu9hFWfFu9XXfX99hiXFfhfAHWXAWHFXhuFhiW99WhuAuHHiWXfihHXF9A9iWAHiH9HuF~eBxv9.fF~OfEMjvu9~NejfvH.uH~AENkviii.iF~x8Yv9~myMYQwv9.uf~LU7v9.999%2C9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iW~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvWh.fA~xLjMQLEQMGvuH.Hu~LNevHA.AF~%3DVvA9X9~LUBEv9.999%2C9~UGMxNvof~z7Qvf~UGMNNUQvof~N7vY81Y8~GQQMC_pvIK%2CIK~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.uf~ONvW~xLjMLEQMLev9~ejfLMGvW.9W~NGOEv9.9fH~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvAfXHXWFWhX~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.fF~EmQvA~1NM75EJvu~1OGjUvAfXHXWFWhX~1YEvu~myG8Ov9.uf9~GkjLv9.9u9~Qx8Ov%3DK4b4rM86A8f2x%20gWCeFV3Omr-g~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~QmGEv~-8OvKrtoExGoXiFuufuHiHWufuuA~w7Yjvu~ONx7vW9~OmyGv9ou~JNEMxQJOv%209X~JNEME9Xv9.9HFhfHHhiiAA99AXF~JNEMEu9v9.uf9XWXWAWuhXihfHi~JNEMEuXv9.uifHhiH9fuHfWFuff~JNEMEf9v9.fFffHiXhiiifufhu~JNEMEfXv9.AH9AAXXiifhuWhFH~JNEMEA9v9.HffFiFAWHHFHuA9iH~JNEMEAXv9.XuuX9FWf9WXuiHhA~JNEMEH9v9.F9hf9HWhAHihHHFX~JNEMEHXv9.huFHiFWhuhuAAffW~JNEMEX9v9.WAWfX9XXXFFFf9iX~JNEMEXXv9.ihFfhWF9hh9XXfXu~JNEMEF9vu.uHXAXFi9i9AfFiXf~JNEMEFXvu.AHXF9XfWHHHFFfff~JNEMEh9vu.XhhHHAWWuHiHFWHA~JNEMEhXvu.WWWiHXHXFhffHfuW~JNEMEW9vf.AHHFAAXXuuXfAiW~JNEMEWXvf.iWWuuWFhfFXAuHFF~JNEMEi9vH.fWWuhu9HXhfXWfA~JNEMEiXvh.HiWHHuuAFWf9Wui~JNEMEiivfF.iAffXFXh9uFA9f~8GNvu~zQlvf~7yQvuF9-F99%7CA99-F99~GQGv9~GQEv9~7Y-vfAf&vgd_bhv_kbb=-1&vgd_cfud=230323&vgd_scsver=256&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=160_600&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=501&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1125&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A160%3Brend_h%3A600&vgd_uspa=0&vgd_sc=NY&vgd_l1rhst=contextual.media.net&hvsid=00001701298478267006462152354448&rc=0&rand=1701298478596&acid=aab2ad2a98456181f480244f57c7f672&matm=1701298478596&vgd_ltimesrc=1&vgd_ltime=1402&vgd_rtime=1400&vgd_etm=20&vgd_l1hcsd=S5h9m%7C7842&vgda_l1btm=%5B%22SPAMPXL%22%5D&vgd_l1ch=1&vgd_lhl=6420&vgd_pgid=p01693938627t202311292254&vgd_csip=rtb-appnexus-54bdd58566-h6bhn.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CBODY%7CHTML%7Cundefined&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3227&&kkdd=A!%7Cu%7C9H3An*&*7=fIVfURh~IIUI~nnhfn~&2W8A=V&k68p=V&eW*=ffUg&y6eP=-llU&e7W=hvMI5IIfq&e8eW=5e42D1uS!xquzf!!YAAxea%3D%3D&eA7W=~hfRIIRUg&67_P=fnV1nVV&ee=MZ&6e=(o&eBHk=Lmjt.(o&87W=hN.nIjolZ&y87W=rfqlnnh&Byy86=f&AAA=y_jYB-e0Y-hASBobE8rNuhM5Eol~.8~BMob~tDo1~Z6%3D&H6P=g&0a=f&S2W=~&pWyf=hvMMRxEhL&pWyU=ffnUffVRf&JWpyp=6WU%3DHS00s7SA0!0%3DfVsS0k!8%3DVwVflIsD2PA8k%3DVwfUs*a!P1e%3DVwUns*76!6W%3DIVnsSA0!A86!J%3Df~w~fsWDk!J%3DVwglsWeU%3Dfs6eW%3DG0sApP%3DV%2CVs*!p6H%3DRVVRsWDk!0%3DUVs*0UA!6W%3DUVUlffURfUs7SA0!J%3DIIIwIIsSA0!yQe%3DVsSA0!AUp!J%3DVs6yW%3DlUg~ghnhIgsApy%3DVwVVV%2CVs0p6y%3Dse*D2%3D~wf~s*76!SA0!J%3DVw~Is*0UA!7!6W%3DUVUlffURfVs78%3DoDWLQ8GHRzQ7Gp~Nok6qtsGJJ%3DVs*76!SA0!0%3DVsA778Sp%3DU~%2CU~sPy%3DfRsAe%3DfsA76S7W%3DV%2CVs*0UA!7!J%3DVwVlsA86!6W%3DUVUlffURfUs*76!J%3DfIVwRUsApW*%3DVwVVV%2CVsSA0!J%3DfwURs*0UA!SA0!J%3DVs*0UA!SA0!*7%3DfqYfnsSA0!y*7%3DVsSA0!0%3DfVs60*%3DUUwhIs2epy%3DYfVsJJ%3DfRns**%3DVse*0UA!6W%3DIVhsAG*%3D~lwlns0UA!J%3DfVVVsPA8k%3DVwfUs*0UA!SA0!Qe%3DVqVs867!e%3Df%2Cf%2CV%2CV%2CV%2CV%2CV%2CVsJk%3Dfs867!W%3DVsAQP%3DV%2CVsApW8%3DVwVVV%2CVspl8!J%3DhwVh%2ChIwUls67W%3D~hfRIIRUgs6W%3DfsS7W%3DUCpFkvrQh3RbyG~Eb7sSA0!A86!Qe%3DVse*0UA!J%3D~wf~sJyW%3DlVIRIfIn~lUnVffU~RlVlUUlVhVlghf~IVIfVInhUnfVggUgVVIRgnUIUl~hglh~ngIfnIRhVVhIflf~~RhgURI~gnVlVRhl~R~V~fns*aS%3DVwUnsWU8!0%3DfVse*0U%3D~wf~sl8eG%3DRRRwRnsS7k%3DVsD2!k6B%3DVwfUsAQy%3DVwVVV%2CVsWkk!6yA2%3DBpAkDHzsWU8!J%3DVwRhsD2WU8!J%3DVwRhs66%3D(msee%3DMZsS7a%3DYfseP%3DVsA86!J%3DhIwUlsSA0!6A86!J%3Df~w~fsAe*%3D~lwlnsvC%3DlVgVsAQa8%3DVwVVV%2CVsQJ!Se%3DYUsHy6%3DUsQJ!eeQ6%3DYUsey%3Dk7pk7sJ66!3r9%3D(m%2C(msAQaW%3DVwVVV%2CVsJp676U%3DfRnsJp676f%3DfRns76jPG%3DVs767G%3DVsSA0!A8e!J%3DVsJ7W%3DVwfUsWe%3DhsSA0!A86!A*%3DVs*0UA!J%3DhwVhseJW8%3DVwVU~s6W%3Dfs7yz8P!7W%3DfIs6P00PA!yp2!7W%3DlUg~ghnhIgs6S880z!yp2!7W%3DsWPyPeyPW!yp2!7W%3Ds*7PapJ707yz%3DVwUns8D6%3Dlspe!yz8P%3DfspWJ0Q%3DlUg~ghnhIgspk8%3DfsD2J7W%3DVwfUVsJG0A%3DVwVfVs6S7W%3DvmqZqT!7xl7UbS45h3*nCoWDT15sWye%3DPp6y!6esWkk!PA8k%3DGp06PsWkk%3DBpAkDHzsJW8ep8W%3DVsWp02%3DSH76DHUns6DJ8%3Ds17W%3DmT)Y8SJYgRnffUf~R~hfUfflsByk0%3DfsWeSy%3DhVsWD2J%3DVYfsPe8!S6PW%3D4VgsPe8!8Vg%3DVwV~nIU~~IRRllVVlgnsPe8!8fV%3DVwfUVghghlhfIgRIU~RsPe8!8fg%3DVwfRU~IR~VUf~UhnfUUsPe8!8UV%3DVwUnUU~RgIRRRUfUIfsPe8!8Ug%3DVwl~VllggRRUIfhIn~sPe8!8lV%3DVw~UUnRnlh~~n~flVR~sPe8!8lg%3DVwgffgVnhUVhgfR~IlsPe8!8~V%3DVwnVIUV~hIl~RI~~ngsPe8!8~g%3DVwIfn~RnhIfIfllUUhsPe8!8gV%3DVwhlhUgVgggnnnUVRgsPe8!8gg%3DVwRInUIhnVIIVggUgfsPe8!8nV%3Dfwf~glgnRVRVlUnRgUsPe8!8ng%3Dfwl~gnVgUh~~~nnUUUsPe8!8IV%3DfwgII~~lhhf~R~nh~lsPe8!8Ig%3DfwhhhR~g~gnIUU~UfhsPe8!8hV%3DUwl~~nllggffgUlRhsPe8!8hg%3DUwRhhffhnIUnglf~nnsPe8!8RV%3D~wUhhfIfV~gIUghUlsPe8!8Rg%3DIw~Rh~~fflnhUVhfRsPe8!8RR%3DUnwRlUUgngIVfnlVUs7Je%3DfsH6_%3DUsy26%3DfnV1nVV%7ClVV1nVVsJ6J%3DVsJ68%3DVsyk1%3DUlU&Hy*=V&kkk=S)D6(GCT4qQ%3D&7a=fnV&7HCGA=f&JWACW=~nV&J7W=l~RVng&keG=nIffR&zW68A=f&JpP=u1Pu2ppP1~&Qpy8AP=f&QpyJ7W=YfVU&epWDkp7H=y_jYB-e0Y-YLZB(~UYSSGWHg.)BU7vV(n4WlUz~CZeic.Li!QziD_2%3D%3D&z808=f&767W=g&pW*=CH*P6yDA%20EDeS6&66keA!*PA=g&827W=8VfnRlRlhnUIyUVUlffURUUg~&660W=%7B%226678%22%3A%22UVVf%3AVggV%3AfWVg%3AVVVV%3AVVVV%3AVVVV%3AVVVV%3AVVVV%22%2C%2266ee%22%3A%22MZ%22%2C%22666e%22%3A%22E-%22%2C%2266eyz%22%3A%22k7pk7%22%7D&Byk06Ae=f&sflct=8818102&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.202.52.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-52-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Wed, 29 Nov 2023 22:54:38 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
15
expires
Wed, 29 Nov 2023 22:54:38 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231128&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af19caea04ec7cb3553751c85942cf8d26d573d11e52ab351b7af61cfdf9c673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12215
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js?bust=31079811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 22:54:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA4F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chinas-lafa.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
120977
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 13:18:22 GMT
expires
Wed, 27 Nov 2024 13:18:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D6F2 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b03e55492e7ceeafbae145aa52e12c2f6d219b43331e7cd32e8befcd4493e7b8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0uv_wkr1HBvIcway3xWmgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chinas-lafa.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0uv_wkr1HBvIcway3xWmgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 22:54:39 GMT
expires
Wed, 29 Nov 2023 22:54:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js
pagead2.googlesyndication.com/bg/ Frame EA4F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:06:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
593260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15254
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 02:06:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D6F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231128&jk=1920459882206271&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame EA4F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?c37ijQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 22:54:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
61048837
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/61048837?wv-part=1&wv-type=7&wmode=0&wv-hit=913670721&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&rn=856400117&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1701298480%3Aw%3A1600x1200%3Av%3A1170%3Az%3A-600%3Ai%3A20231129125439%3Au%3A1701298476983404994%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Ast%3A1701298480&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chinas-lafa.ru/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:40 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 29-Nov-2023 22:54:40 GMT
content-type
image/gif
access-control-allow-origin
https://chinas-lafa.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 29-Nov-2023 22:54:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231128&jk=1920459882206271&bg=!2tml2ZbNAAaGYW-ApmE7ADQBe5WfOBF95l6j_4PHRYat4JDs0k8yzewJF2Xe7zUR6cj4Dy4iULVBy9EfHaV4KtDamGLkAgAAAGtSAAAAAmgBB5kCtaWHSJD0K55cyvifF6l2gCCcLBsKrsjkWk2LBF7T-Nqo7JYrYE0_yfVYg13ieuINn2cctMJ5UZWYzqWuJ37yHiBEULmkKPjJwJazxLYp7bzm6EjlEuYQwBi2-37RD49E0RLaRdAvoyT21Q3t79LimpxrF9mBclt0Ud9y8SZfY5wMjp-g0Cf5h2NYHP8b-lQm5Y2NgH8Q0DNv1XeKeTrnpFWkerjKi9H_FV_bDNvJ3FkY5TrOc5zERHDcWBuWGROEZV0WbtOPVaoFh3ZrtfjOGzx4SEyGfRAi9Tbgez2DMGsm0Q-Sa3M9p9cunQo8va0R8Ona16-fuNP-Q6gUt4iArBIY9r8XDBRGKspiaeBfihpr9_MXgn2d9zcGpOzjhcdD690ALvcrGYLz_GcaM02j7vPEKi-_88Y6KQgK9MkuxSCiVvy5Nr64r9PAEgWwmGhnVz3a6KwFVH5l7YACQ38NeU-rAJKygF8lziKz4r3VVhfIIW95lSBLOJazkQChbVz9Omi6Yn2Z-sPOIEzELysVSPBNJSB4n7HlBg3dLpwh4Sjr1Ec_Jf2sorURXLZxbRGy6VeZgOtp6628dkso014X3vGuga1xy4twRCnw8VcLo2popxb7OV0bfI4a-_ilj5Tw0Cvr6yjHWIfUCwvfoswpiWJZsHH3rr3JCUKaNv0x-H5jffxSILN7x3brCDUz8RfckmTtcyOeF1sx1y03WQSsHnvGr_nH9tvJMSRYfLm0PwLAMjhDvOB0J1PBOwmtqG4HDMBuTdDlakbMZh04Xsbgz7_NkeafMFQECagKUil9Cxn8NBWKaaKvOiz5dyD39w-cPKWqn9a1BF4GalDnteQ_1Uj6djztm6p5-x_7cNTIGlWH_LGV1bzkA5XqXl3uRquQwFQVKSF4xqqgliuGqF6Gz_hpqv2JwQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://chinas-lafa.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
61048837
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/61048837?wv-part=1&wv-type=7&wmode=0&wv-hit=913670721&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&rn=77060998&browser-info=we%3A1%3Aet%3A1701298480%3Aw%3A1600x1200%3Av%3A1170%3Az%3A-600%3Ai%3A20231129125440%3Au%3A1701298476983404994%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Ast%3A1701298480&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chinas-lafa.ru/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:40 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 29-Nov-2023 22:54:40 GMT
content-type
image/gif
access-control-allow-origin
https://chinas-lafa.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 29-Nov-2023 22:54:40 GMT
61048837
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/61048837?wv-part=2&wv-type=7&wmode=0&wv-hit=913670721&page-url=https%3A%2F%2Fchinas-lafa.ru%2F&rn=1018824509&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1701298481%3Aw%3A1600x1200%3Av%3A1170%3Az%3A-600%3Ai%3A20231129125441%3Au%3A1701298476983404994%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Ast%3A1701298481&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chinas-lafa.ru/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 22:54:41 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 29-Nov-2023 22:54:41 GMT
content-type
image/gif
access-control-allow-origin
https://chinas-lafa.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 29-Nov-2023 22:54:41 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture undefined| $ function| jQuery object| wpcd_object object| wpcd_main_js function| send object| adsbygoogle function| ym object| pseudo_links function| disable_keystrokes object| wpcf7 object| expert_review_ajax object| woocommerce_params object| wc_cart_fragments_params object| settings_array object| wps_ajax object| lazyLoadOptions undefined| swiper object| wpp_params object| WordPressPopularPosts function| wpcd_copyToClipboard function| wpcd_openCouponAffLink function| Cookies object| swv function| ClipboardJS function| _extends function| _typeof function| LazyLoad string| top_menu_mobile_position object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter61048837 object| googletag object| GoogleGcLKhOms object| google_image_requests

42 Cookies

Domain/Path Name / Value
chinas-lafa.ru/ Name: PHPSESSID
Value: 8a2lqnne21lv4jd3mhqn18e27i
.yandex.ru/ Name: i
Value: UZmUm4iyXtYTn1H3guT8Afjxj5eCizkN+7nawxttgSOoc9WKFc7qy51LJ4aCJjexjd4UFEZXmUNSRf70aA2Yfn30q1w=
.yandex.ru/ Name: yandexuid
Value: 9819601611701298475
.chinas-lafa.ru/ Name: _ym_uid
Value: 1701298476983404994
.chinas-lafa.ru/ Name: _ym_d
Value: 1701298476
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1092003607fake
.chinas-lafa.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2779843838fake
.yandex.com/ Name: yandexuid
Value: 9819601611701298475
.yandex.com/ Name: yuidss
Value: 9819601611701298475
.yandex.com/ Name: i
Value: UZmUm4iyXtYTn1H3guT8Afjxj5eCizkN+7nawxttgSOoc9WKFc7qy51LJ4aCJjexjd4UFEZXmUNSRf70aA2Yfn30q1w=
.yandex.com/ Name: yp
Value: 1701384876.yu.2650415351701298476
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 1593979691701298476
.yandex.com/ Name: ymex
Value: 1703890476.oyu.2650415351701298476#1732834476.yrts.1701298476
.yandex.com/ Name: bh
Value: KgI/MA==
.chinas-lafa.ru/ Name: __gads
Value: ID=1ed8bf51422c8100:T=1701298476:RT=1701298476:S=ALNI_MbEZM7S1hB5ZnHhT1Qyjc9LDMbVRA
.chinas-lafa.ru/ Name: __gpi
Value: UID=00000da4ad77161e:T=1701298476:RT=1701298476:S=ALNI_MZp59qU04VqdQJNUj-S_FXIJjoyWg
.doubleclick.net/ Name: IDE
Value: AHWqTUk2XXDN8Dp4sZjtIoi1lcBe5sDLYtZL9RYCl3xM9GIj6aplBX1UkcSocUoTjoA
.chinas-lafa.ru/ Name: _ym_visorc
Value: w
.googleadservices.com/ Name: ar_debug
Value: 1
.media.net/ Name: visitor-id
Value: 3443000781523596000V10
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_463f9100-8f0a-11ee-b4f0-125335d52042
.linkedin.com/ Name: bcookie
Value: "v=2&fae42033-6364-4fd3-8fb2-08d7b713aedb"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2640:u=1:x=1:i=1701298478:t=1701384878:v=2:sig=AQFunTMKLktvmtOwBBRRT9w3NkvryYux"
.inmobi.com/ Name: idsp_c
Value: ee8a2c35-8fc2-4a25-b691-2a09fc0c4569
.quantserve.com/ Name: d
Value: EHcBCQHFKoEA
.quantserve.com/ Name: mc
Value: 6567c12e-9b354-90bd9-600c5
.mfadsrvr.com/ Name: tuuid
Value: 8d7d94a9-6e13-4c0e-84cd-845e5f0b9d1f
.mfadsrvr.com/ Name: c
Value: 1701298478
.mfadsrvr.com/ Name: tuuid_lu
Value: 1701298478
.owneriq.net/ Name: si
Value: Q7545848781377221851P
.owneriq.net/ Name: p2
Value: gguuid
.owneriq.net/ Name: gguuid
Value: 1
.mfadsrvr.com/ Name: ssh
Value: !google,1701298478
.media.net/ Name: data-g
Value: CAESEMxZPxgx6GCJLMw9f5iii4w~~6
.teads.tv/ Name: tt_viewer
Value: d8730e0b-4fa7-4131-87a8-9fce09a916b7
.dotomi.com/ Name: DotomiTest
Value: 64c6a3b842001393
.adx.opera.com/ Name: UID
Value: OPU1db22e0f6e21468aabd623d54acf9e01
.zemanta.com/ Name: zuid
Value: NNfSumQ5mnKQRf0vPjDL
.c.appier.net/ Name: _auid
Value: J8nCe8XhAS2cbvdvL8FnZQ
.c.appier.net/ Name: _gu
Value: CAESECfLjYKxz6R6d9-2VukZWiQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
aliexpress-kabinet-online.ru
aliexpress-lafa.ru
b1sync.zemanta.com
chinas-lafa.ru
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cs.media.net
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hblg.media.net
lg3.media.net
mc.yandex.com
mc.yandex.ru
mweb.ck.inmobi.com
onetag-sys.com
pagead2.googlesyndication.com
px.ads.linkedin.com
px.owneriq.net
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
rtb.adentifi.com
rtb.mfadsrvr.com
sync.teads.tv
t.adx.opera.com
tpc.googlesyndication.com
warp.media.net
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
104.117.182.193
172.104.70.67
172.217.13.130
172.217.13.194
184.86.146.172
185.4.64.72
20.253.86.149
23.202.52.23
23.44.201.209
23.51.52.28
23.51.53.155
2606:ae80:1451:21::440
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::200a
2607:f8b0:4020:806::2002
2607:f8b0:4020:806::2003
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::2004
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2a02:6b8::1:119
34.235.203.47
35.207.24.140
45.130.41.10
51.222.239.230
70.42.32.31
74.119.119.150
82.145.213.8
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
04b5d10fd9260d945cb159618a98c72e15b16ec1c3a9979e037a3d290a2df2b4
052896930d987cb9c366d2fadbd2e8744cf4d5939d2e947f2047fdb64aabf620
08d34949f1fc0e18bda108115a0754094b61085643e505b82cbd604439fe6040
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0cc98d8e92a98749ce2cc2ecfd5cba57cdffa8e04048f66785646ddd3a2d6f75
0e01cb2c163c8cca3deba719e4e5620244fd231cb641a2f6fb787e2201c91f9e
14505cc3b38fab4c87eaf797f97a5facc911f2d7b2bebd1d836361ec13bf7464
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526
18d776fb6668d0ef688694a98545815994f4308db2cd10a7ea1649de0dc28f35
1a8e290c005fa6bc3903561abadeaa1f07d172c836139e1e30edf877e799831b
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b47ce393ee927d93c3f2f7294f5b467e8662cba5c61e98f91761b96764b3c9c
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
2d6b8ecb2f70ad50610c2956c63e8b068d64b18b39ab2d3736fa5a81c8a2cac9
307a4591edefbe1dc23df1c2e891454e4e908b771d881f6cc3e19c54942bf575
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
39506fd9832a05ac305c5b86b68906e9b1a829000a3c63ce1ace872b27a03061
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3ddf90d6f5bc7849f1b0840de0475a0506924a1c770f325934f5ea8a87e270a7
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43f9c247438df69c6c2bc91f8267dde1862558c1032a04148838e324fb42f7e1
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4a25eb6972f4a513da7ead5d8c0f74832ed42b1ae5e1f13ed3ea36f0865a59c9
4ae732203f63d8eec2a0f935869470b71b5644926c8d13d898ec7dd109918dc4
4ba56e2af3a3cfc4a267c21e8b77e1e6f5d34b3c663be871eb8b1dd9d4094607
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb4e63b89c3a63555afd424180e8f44f0d362dc5e8c5edacbab9c035706b363
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c91a33d665410e0e0cfbca6f571dc84132a5271a4d8db5eab22511e031e62
657a26dfdb65aeb2f4ac85a1ae635a2e3c6cc6d34ca3c4bc9da965f84377cdf7
68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4
68d17341a90b4af7400a9096afe504bf2d21bf378c5f3e594436dbba105afe84
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b67b2995f11a31d6c53e0b447c49c7db7e40a771a18eadeb8f8f5720fa78327
700c8bd73d93522ca53cdc35e2a71e96caf7c344bc7a8391f3af90c10b917033
76ae9cfefc587779be483adfc76d0d3406e5bcef31c2005dac224bd5e1079841
76f02c28609ddc4f6dc55db428dd029fe4689db1d9ccf3f22c85f4664619e69c
7743f39ddc516c5d0540ce147ac3ba086974ec1dda39ef4fbb87b3a7915fb021
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
780d7ba204df4bf6e7eeac03ffd0c7520ee2113aa39fdd521f03c4909f8ff200
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
798b29407614413f2456386987e82e4f090d486596674d35e7f163beb9102935
7a3ab3dc67452b3556e11f903bbab3977553291ed0bbf31154c80f9ef2ace7c5
7be2fc598e2bb1478e0800c4af94de1811ce909e79b9ef67324b51843073aafb
82059101f1e50730e7f6ba4cc7007c94d4e42171b9e5265f62a2e1a1da81d9da
986c8a6074a6717f62e027cb56a312c44b713d8d2b1d6e8572ba093b790ea3ab
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cab18dfde5e759ec0150d15909fed33098e3998dbdb6c6c3f2e680eaf42a236
9ce833bc46f70606effbdcbe468c005d00d546f0b51e5fc5c6b2089ba3fed3ae
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10283381ca468005bdfb498c8ee591c121f8b64a93eade5fdb762ca2ad8bd80
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a2fa7ccfc798a768333af017073fa5dfe47408797b0c2c1f25f6b36dfc60c120
a72972ba5538156db48b6714082da0291d6098067f3d652ca9cc5dcd4ca3485f
a980b0b6b4b4f9cfdb443b03cc7d00e2a9ace7bbbb5c3d1bbd1064ec80339a59
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
af19caea04ec7cb3553751c85942cf8d26d573d11e52ab351b7af61cfdf9c673
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b03e55492e7ceeafbae145aa52e12c2f6d219b43331e7cd32e8befcd4493e7b8
b23fabf74fbdb8b16675be743457809da3b3f96013fc65812e27d9e98c68cae7
b676e6c50eb7fc4bcc5b24771069ded4a70dc2d8269f40a10831b3a2a6c4b8c7
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bb634caf818dca49be8d3dc845f77ddd0b9b7871f3d3184a0e9a110bb45b8e9f
bc3d3b23ecf6cbb7b5b0654e17b7dd3fe3280f35829712c9fcd485829a0d4108
c37ba4eb2e6ae2274456168da05b51cde1b105c23701e964ed94c540112fb6aa
c3d606568f389989dd02561ca2b0d20d29eeb477ed633a690a518879748f487a
c74bae6ef0147b55ed0ae55145c3506adc2d8aedc09ba9f7ec1f9e694f78806f
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cb5ebf36fe15981a9b6f5810c87d1db6d870767146f8582f582a2420edee799d
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d1d3bda3abb4a198ac62f317ba910adede1affc22020165d7f2919a46f6c481f
d2c52a5a147e63e95afb2e063a0af8dc27e920bb027b2b8b1ffe1867bc8fb5b3
d7c6218c2f3cb9422a9e031a42438ef3a05cd18b14b6373f38768ba7fc74f5c4
dc4d8e5497c9e81b79e3e68a025de8e8f6ee274a7ab0c7e8e3ba9492b4038699
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e1259e384f61c72a215e1c9b25c3cbc9d42d98c7ac4cb2fb290fc34ab6cc58bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4bf6742a3b2dbbbbbb39be2ce47b2940ae05774099b714911e2d57f5dba857e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700
f8b3bc2afb93d0babcfb4a38d4affaede2836e8bd16eaabe0a2a5f0ed72f2ad3
f93bf329ce9b8d48ca5b81f44952a68ef98343845d0dd97df3e854e9132fb728