drimsim.com Open in urlscan Pro
2606:4700:20::6818:1132 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dreamsims.com/
Effective URL:
https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=...
Submission: On February 27 via api (February 27th 2020, 1:28:33 am UTC) from DE

Summary HTTP 235 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 47 IPs in 9 countries across 41 domains to perform 235 HTTP transactions. The main IP is 2606:4700:20::6818:1132, located in United States and belongs to CLOUDFLARENET, US. The main domain is drimsim.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 24th 2019. Valid for: a year.

This is the only time drimsim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:f940:4::9 2a00:f940:4::9	197695 (AS-REG) (AS-REG)
2 2	87.240.129.187 87.240.129.187	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
1 3	87.240.190.78 87.240.190.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
1	93.186.225.208 93.186.225.208	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
1 1	212.224.118.36 212.224.118.36	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
4	2606:4700:20:... 2606:4700:20::6818:1132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	2600:9000:20e... 2600:9000:20eb:7600:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
4	104.111.215.74 104.111.215.74	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	23.83.126.132 23.83.126.132	7979 (SERVERS) (SERVERS)
7	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	13.225.84.72 13.225.84.72	16509 (AMAZON-02) (AMAZON-02)
1	195.181.175.51 195.181.175.51	60068 (CDN77) (CDN77)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
1	13.225.73.39 13.225.73.39	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:3200:10:557c:b549:ac21	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	195.181.175.9 195.181.175.9	60068 (CDN77) (CDN77)
15	81.88.82.225 81.88.82.225	39684 (BWTELE-AS) (BWTELE-AS)
6	2a03:90c0:999... 2a03:90c0:9997::9997	199524 (GCORE) (GCORE)
1 4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 2	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
1	176.99.6.223 176.99.6.223	49352 (LOGOL-AS) (LOGOL-AS)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:de00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	37.18.16.19 37.18.16.19	205675 (HYBRID-AS) (HYBRID-AS)
1	54.170.179.250 54.170.179.250	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
25	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
3	2600:9000:21f... 2600:9000:21f3:9000:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
48	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	77.246.156.238 77.246.156.238	29182 (THEFIRST-AS) (THEFIRST-AS)
2 10	37.18.16.16 37.18.16.16	205675 (HYBRID-AS) (HYBRID-AS)
2 4	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1 2	188.42.29.196 188.42.29.196	7979 (SERVERS) (SERVERS)
1	185.33.223.197 185.33.223.197	29990 (ASN-APPNEX) (ASN-APPNEX)
1	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	52.29.126.123 52.29.126.123	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.162.92.2 185.162.92.2	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1 1	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
2 2	94.130.112.156 94.130.112.156	24940 (HETZNER-AS) (HETZNER-AS)
2	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	85.194.243.23 85.194.243.23	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
235	47

1 2a00:f940:4::9 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)

dreamsims.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.129.187 (Russian Federation) 2 redirects

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv187-129-240-87.vk.com

vk.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.240.190.78 (Russian Federation) 1 redirects

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv78-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)

away.vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.224.118.36 (Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde49-3.fornex.org

ad.admitad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::6818:1132 (United States)

ASN13335 (CLOUDFLARENET, US)

drimsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.drimsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2600:9000:20eb:7600:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.215.74 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-74.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.83.126.132 (Netherlands)

ASN7979 (SERVERS, US)

content.drimsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.drimsim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.72 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-72.fra2.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.51 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-51.datapacket.com

track.adspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-39.fra2.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:3200:10:557c:b549:ac21 (United States)

ASN16509 (AMAZON-02, US)

api.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.9 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-2.cdn77.com

st.targetix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 81.88.82.225 (Moscow, Russian Federation)

ASN39684 (BWTELE-AS, RU)
PTR: ics-prod-front.ru.mgo.su

widgets.mango-office.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:90c0:9997::9997 (Germany)

ASN199524 (GCORE, AT)

code.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.34 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.99.6.223 (Russian Federation)

ASN49352 (LOGOL-AS, RU)

pxl.adspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:de00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.19 (Moscow, Russian Federation)

ASN205675 (HYBRID-AS, RU)

dss.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.179.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-179-250.eu-west-1.compute.amazonaws.com

node125.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:9000:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.246.156.238 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: telemetry.jivosite.com

telemetry.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.18.16.16 (Moscow, Russian Federation) 2 redirects

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.100.125 (Nuremberg, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.29.196 (Luxembourg) 1 redirects

ASN7979 (SERVERS, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.197 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.126.123 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-126-123.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.162.92.2 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: 1753.ds.miran.ru

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Germany) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.112.156 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.156.112.130.94.clients.your-server.de

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.194.243.23 (Poland)

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-2.85-194-243-22.net.eco.atman.pl

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	twimg.com cdn.syndication.twimg.com pbs.twimg.com abs.twimg.com ton.twimg.com	2 MB
48	website-files.com assets.website-files.com	2 MB
15	mango-office.ru widgets.mango-office.ru	157 KB
12	drimsim.com drimsim.com content.drimsim.com static.drimsim.com api.drimsim.com	237 KB
11	hybrid.ai 2 redirects dss.hybrid.ai dm.hybrid.ai	4 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	108 KB
8	jivosite.com code.jivosite.com node125.jivosite.com telemetry.jivosite.com	270 KB
7	yandex.ru 1 redirects mc.yandex.ru an.yandex.ru	96 KB
6	branch.io cdn.branch.io api.branch.io api2.branch.io	24 KB
4	1dmp.io 2 redirects sync.1dmp.io	2 KB
4	facebook.com www.facebook.com	423 B
4	mail.ru top-fwz1.mail.ru ad.mail.ru	10 KB
4	google-analytics.com 1 redirects www.google-analytics.com	69 KB
4	facebook.net connect.facebook.net	258 KB
4	gstatic.com fonts.gstatic.com	27 KB
4	cloudflare.com cdnjs.cloudflare.com	33 KB
4	typekit.net use.typekit.net p.typekit.net	59 KB
4	vk.com 1 redirects vk.com away.vk.com	25 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	2 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	659 B
2	aidata.io 2 redirects x01.aidata.io	1 KB
2	casalemedia.com 1 redirects dsum.casalemedia.com	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net	902 B
2	betweendigital.com 1 redirects ads.betweendigital.com	898 B
2	google.de www.google.de	219 B
2	google.com 1 redirects www.google.com	313 B
2	adspire.io track.adspire.io pxl.adspire.io	5 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	6 KB
2	vk.cc 2 redirects vk.cc	558 B
1	onaudience.com pixel.onaudience.com	248 B
1	admixer.net 1 redirects inv-nets.admixer.net	479 B
1	bestssp.com 1 redirects ssp.bestssp.com	326 B
1	adriver.ru ssp.adriver.ru	201 B
1	adnxs.com ib.adnxs.com	861 B
1	app.link app.link	726 B
1	googleadservices.com www.googleadservices.com	10 KB
1	targetix.net st.targetix.net	3 KB
1	googletagmanager.com www.googletagmanager.com	37 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
1	admitad.com 1 redirects ad.admitad.com	531 B
1	dreamsims.com 1 redirects dreamsims.com	265 B
235	41

	Domain	Requested by
48	pbs.twimg.com	drimsim.com platform.twitter.com
48	assets.website-files.com	drimsim.com
22	abs.twimg.com	drimsim.com platform.twitter.com
15	widgets.mango-office.ru	drimsim.com widgets.mango-office.ru d3e54v103j8qbb.cloudfront.net
10	dm.hybrid.ai	2 redirects st.targetix.net
7	platform.twitter.com	drimsim.com platform.twitter.com
7	content.drimsim.com	drimsim.com content.drimsim.com
6	code.jivosite.com	drimsim.com code.jivosite.com
5	mc.yandex.ru	1 redirects away.vk.com drimsim.com
4	sync.1dmp.io	2 redirects dm.hybrid.ai
4	www.facebook.com	drimsim.com connect.facebook.net
4	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
4	connect.facebook.net	drimsim.com away.vk.com connect.facebook.net
4	fonts.gstatic.com	ajax.googleapis.com
4	cdnjs.cloudflare.com	drimsim.com
3	api2.branch.io	cdn.branch.io
3	top-fwz1.mail.ru	away.vk.com top-fwz1.mail.ru
3	use.typekit.net	drimsim.com use.typekit.net
3	vk.com	1 redirects away.vk.com drimsim.com
2	redirect.frontend.weborama.fr	2 redirects
2	an.yandex.ru
2	x01.aidata.io	2 redirects
2	dsum.casalemedia.com	1 redirects
2	x.bidswitch.net	2 redirects
2	ads.betweendigital.com	1 redirects
2	ton.twimg.com	platform.twitter.com
2	syndication.twitter.com	1 redirects drimsim.com
2	www.google.de	drimsim.com
2	www.google.com	1 redirects drimsim.com
2	api.branch.io	d3e54v103j8qbb.cloudfront.net drimsim.com
2	static.drimsim.com	drimsim.com
2	drimsim.com	away.vk.com drimsim.com
2	vk.cc	2 redirects
1	pixel.onaudience.com
1	cm.g.doubleclick.net	1 redirects
1	inv-nets.admixer.net	1 redirects
1	ssp.bestssp.com	1 redirects
1	ad.mail.ru
1	ssp.adriver.ru
1	ib.adnxs.com
1	telemetry.jivosite.com	away.vk.com
1	p.typekit.net	drimsim.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	node125.jivosite.com	code.jivosite.com
1	dss.hybrid.ai	drimsim.com
1	app.link	cdn.branch.io
1	googleads.g.doubleclick.net	www.googleadservices.com
1	pxl.adspire.io	track.adspire.io
1	stats.g.doubleclick.net	1 redirects
1	api.drimsim.com	static.drimsim.com
1	www.googleadservices.com	www.googletagmanager.com
1	st.targetix.net	drimsim.com
1	cdn.branch.io	drimsim.com
1	www.googletagmanager.com	drimsim.com
1	fonts.googleapis.com	ajax.googleapis.com
1	track.adspire.io	drimsim.com
1	d3e54v103j8qbb.cloudfront.net	drimsim.com
1	ajax.googleapis.com	drimsim.com
1	ad.admitad.com	1 redirects
1	away.vk.com
1	dreamsims.com	1 redirects
235	61

This site contains links to these domains. Also see Links.

Domain
blog.drimsim.com
www.instagram.com
www.facebook.com
twitter.com
vk.com
itunes.apple.com
play.google.com
tema.livejournal.com
aquatek-filips.livejournal.com
www.exler.ru
feedback.drimsim.com
hr.drimsim.com
www.mango-office.ru
www.jivosite.ru

Subject Issuer	Validity	Valid
*.vk.com COMODO ECC Organization Validation Secure Server CA	`2019-06-24` - `2020-06-23`	a year	crt.sh
drimsim.com CloudFlare Inc ECC CA-2	`2019-04-24` - `2020-04-24`	a year	crt.sh
*.website-files.com Amazon	`2020-01-09` - `2021-02-09`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
content.drimsim.com Let's Encrypt Authority X3	`2020-01-15` - `2020-04-14`	3 months	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-28` - `2020-09-01`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.adspire.io GlobalSign RSA OV SSL CA 2018	`2019-06-21` - `2020-07-12`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.branch.io DigiCert SHA2 Secure Server CA	`2018-12-05` - `2020-12-08`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.targetix.net Sectigo RSA Domain Validation Secure Server CA	`2020-02-13` - `2021-05-13`	a year	crt.sh
*.mango-office.ru RU-CENTER High Assurance Services CA 2	`2019-06-11` - `2021-06-28`	2 years	crt.sh
*.jivosite.com Go Daddy Secure Certificate Authority - G2	`2017-04-10` - `2020-06-04`	3 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
vk.com Sectigo ECC Extended Validation Secure Server CA	`2019-07-11` - `2020-07-09`	a year	crt.sh
*.mail.ru GlobalSign Organization Validation CA - SHA256 - G2	`2019-01-18` - `2021-01-18`	2 years	crt.sh
api.drimsim.com Let's Encrypt Authority X3	`2020-02-01` - `2020-05-01`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
appipv4.link Amazon	`2019-08-19` - `2020-09-19`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-07-22`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-01-02` - `2020-12-24`	a year	crt.sh
sync.1dmp.io Let's Encrypt Authority X3	`2020-02-19` - `2020-05-19`	3 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-17` - `2022-02-16`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2018-01-23` - `2020-04-23`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
bs.yandex.ru Yandex CA	`2019-09-24` - `2020-09-23`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2019-05-29` - `2020-05-28`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Frame ID: 6D82B405D967242BB3D270AF8504F88E
Requests: 160 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html?origin=https%3A%2F%2Fdrimsim.com
Frame ID: ED01F5E05B3C2960DA8370406618D635
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1229680955461267457/G_iTOrY_?format=jpg&name=600x314
Frame ID: 92DCCC6E07973D25F72760262B391C8A
Requests: 77 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df13d7c6ea61c3f4%26domain%3Ddrimsim.com%26origin%3Dhttps%253A%252F%252Fdrimsim.com%252Ff3b53afd511f81c%26relation%3Dparent.parent&container_width=366&height=400&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fdrimsim%2F&locale=ru_RU&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=400
Frame ID: A99A55C3A38432A464D1BD12CA978AFA
Requests: 1 HTTP requests in this frame

Frame: https://telemetry.jivosite.com/w?event=jivo_onLoadCallback&widget_id=jcPubia1ll&chat_mode=offline&site_id=1172270&device=desktop&visitor_id=49373efb10154eb1&widget_version=4.7.3&shard=main
Frame ID: CC07DE91B04E5D77AED3B0F7C9CFE61D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 4EC4AF7FEB27D7CC19FDAD5C7DB616A8
Requests: 1 HTTP requests in this frame

Frame: https://sync.1dmp.io/supersync?t=6f063011-5900-11ea-9e92-901b0e934d81
Frame ID: 74C2A5B5F0E20DA240C2316B67D8D4E2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://dreamsims.com/ HTTP 301
http://vk.cc/aoPctE HTTP 301
https://vk.cc/aoPctE HTTP 302
https://vk.com/away.php?cc_key=aoPctE&to=https%3A%2F%2Fad.admitad.com%2Fg%2Fqnn08swssg1ddcc... HTTP 302
https://away.vk.com/away.php Page URL
https://ad.admitad.com/g/qnn08swssg1ddcc84d7d5899866e9f/ HTTP 302
https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_conten... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

235
Requests

100 %
HTTPS

44 %
IPv6

41
Domains

61
Subdomains

47
IPs

9
Countries

5938 kB
Transfer

10490 kB
Size

22
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.drimsim.com/
Title: Блог

Search URL Search Domain Scan URL

URL: https://www.instagram.com/drimsim/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/drimsim

Search URL Search Domain Scan URL

URL: https://twitter.com/drimsim

Search URL Search Domain Scan URL

URL: https://vk.com/drimsim

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ru/app/id1075908840

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.drimsim

Search URL Search Domain Scan URL

URL: https://tema.livejournal.com/2624182.html
Title: tema.livejournal.com

Search URL Search Domain Scan URL

URL: https://aquatek-filips.livejournal.com/1261721.html
Title: aquatek-filips.livejournal.com

Search URL Search Domain Scan URL

URL: https://www.exler.ru/expromt/23-08-2017.htm
Title: exler.ru

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thunder.spb/posts/10215341149988223:0
Title: facebook.com/thunder.spb

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vert.anton/posts/1782094448481084
Title: facebook.com/vert.anton

Search URL Search Domain Scan URL

URL: https://feedback.drimsim.com/
Title: Предложить идею

Search URL Search Domain Scan URL

URL: https://hr.drimsim.com/
Title: Вакансии

Search URL Search Domain Scan URL

URL: http://www.mango-office.ru/products/virtualnaya_ats/functions/obratnyj_zvonok
Title: Технологии MANGO OFFICE

Search URL Search Domain Scan URL

URL: https://www.jivosite.ru/i_sa/?utm_source=drimsim.com&utm_medium=link&utm_content=label_tooltip&utm_campaign=from_widget

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dreamsims.com/ HTTP 301
http://vk.cc/aoPctE HTTP 301
https://vk.cc/aoPctE HTTP 302
https://vk.com/away.php?cc_key=aoPctE&to=https%3A%2F%2Fad.admitad.com%2Fg%2Fqnn08swssg1ddcc84d7d5899866e9f%2F HTTP 302
https://away.vk.com/away.php Page URL
https://ad.admitad.com/g/qnn08swssg1ddcc84d7d5899866e9f/ HTTP 302
https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://dreamsims.com/ HTTP 301
http://vk.cc/aoPctE HTTP 301
https://vk.cc/aoPctE HTTP 302
https://vk.com/away.php?cc_key=aoPctE&to=https%3A%2F%2Fad.admitad.com%2Fg%2Fqnn08swssg1ddcc84d7d5899866e9f%2F HTTP 302
https://away.vk.com/away.php

Request Chain 91

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1475319943&t=pageview&_s=1&dl=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997&dr=https%3A%2F%2Faway.vk.com%2F&ul=en-us&de=UTF-8&dt=%D0%9C%D0%B5%D0%B6%D0%B4%D1%83%D0%BD%D0%B0%D1%80%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B8%D0%BC%D0%BA%D0%B0%D1%80%D1%82%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83%20%7C%20%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D0%B0%D1%8F%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9%20%7C%20%D0%92%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%BE%D1%82%D0%BE%D0%B2%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEADQ~&jid=1190438054&gjid=1351815810&cid=1483563315.1582766896&tid=UA-76689230-1&_gid=1282111748.1582766896&_r=1&gtm=2wg2j0TW5HKCW&cd2=09d5c51768d95d8ae0c43344b0825948&z=709208563 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76689230-1&cid=1483563315.1582766896&jid=1190438054&_gid=1282111748.1582766896&gjid=1351815810&_v=j81&z=709208563 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76689230-1&cid=1483563315.1582766896&jid=1190438054&_v=j81&z=709208563 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76689230-1&cid=1483563315.1582766896&jid=1190438054&_v=j81&z=709208563&slf_rd=1&random=1094810171

Request Chain 109

https://mc.yandex.ru/watch/42879639?wmode=7&page-ref=https%3A%2F%2Faway.vk.com%2F&page-url=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997&charset=utf-8&browser-info=ti%3A10%3Ans%3A1582766895239%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200227022816%3Aet%3A1582766896%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A1053933938%3Ahid%3A747788150%3Ads%3A32%2C22%2C259%2C1%2C168%2C0%2C0%2C278%2C1%2C%2C%2C%2C931%3Afp%3A758%3Awn%3A54686%3Ahl%3A2%3Agdpr%3A14%3Av%3A1819%3Awv%3A2%3Ast%3A1582766896%3Au%3A1582766896827813411%3At%3A%D0%9C%D0%B5%D0%B6%D0%B4%D1%83%D0%BD%D0%B0%D1%80%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B8%D0%BC%D0%BA%D0%B0%D1%80%D1%82%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83%20%7C%20%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D0%B0%D1%8F%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9%20%7C%20%D0%92%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%BE%D1%82%D0%BE%D0%B2%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9 HTTP 302
https://mc.yandex.ru/watch/42879639/1?wmode=7&page-ref=https%3A%2F%2Faway.vk.com%2F&page-url=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997&charset=utf-8&browser-info=ti%3A10%3Ans%3A1582766895239%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200227022816%3Aet%3A1582766896%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A1053933938%3Ahid%3A747788150%3Ads%3A32%2C22%2C259%2C1%2C168%2C0%2C0%2C278%2C1%2C%2C%2C%2C931%3Afp%3A758%3Awn%3A54686%3Ahl%3A2%3Agdpr%3A14%3Av%3A1819%3Awv%3A2%3Ast%3A1582766896%3Au%3A1582766896827813411%3At%3A%D0%9C%D0%B5%D0%B6%D0%B4%D1%83%D0%BD%D0%B0%D1%80%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B8%D0%BC%D0%BA%D0%B0%D1%80%D1%82%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83%20%7C%20%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D0%B0%D1%8F%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9%20%7C%20%D0%92%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%BE%D1%82%D0%BE%D0%B2%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9

Request Chain 221

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 225

https://sync.1dmp.io/supersync?cid=7914e435-a562-48a5-aa01-6c28a47b11e9&pid=507f302c-a8c7-4ee3-b337-3e41b395da3d&uid=2ae3be95231d75b89647 HTTP 302
https://sync.1dmp.io/supersync?t=6f063011-5900-11ea-9e92-901b0e934d81

Request Chain 226

https://ads.betweendigital.com/match?bidder_id=10&external_user_id=2ae3be95231d75b89647 HTTP 302
https://ads.betweendigital.com/match?bidder_id=10&external_user_id=2ae3be95231d75b89647&crf=1

Request Chain 230

https://x.bidswitch.net/sync?dsp_id=258&user_id=2ae3be95231d75b89647&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=258&user_id=2ae3be95231d75b89647&expires=30 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f82df690-c888-42d5-bbfa-e18a654ca05a HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f82df690-c888-42d5-bbfa-e18a654ca05a&C=1

Request Chain 231

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fdm.hybrid.ai%2Fmatch%3Fid%3D124%26vid%3D2ae3be95231d75b89647%26r%3D HTTP 302
https://dm.hybrid.ai/match?id=124&vid=2ae3be95231d75b89647&r=SMOHUYPJ

Request Chain 232

https://inv-nets.admixer.net/adxcm.aspx?ssp=54304E4F-1356-44C1-9BA1-411FA7BAD4FD&rurl=https%3A%2F%2Fdm.hybrid.ai%2Fmatch%3Fid%3D128%26vid%3D%24%24visitor_cookie%24%24 HTTP 302
https://dm.hybrid.ai/match?id=128&vid=a922ef381a5e47f09e54840e4a178990

Request Chain 233

https://cm.g.doubleclick.net/pixel?google_nid=hybrid&google_cm&google_sc HTTP 302
https://dm.hybrid.ai/google-match?google_gid=CAESEOqhyD85MmHXAar9ftoFGSM&google_cver=1

Request Chain 234

https://x01.aidata.io/0.gif?pid=TARGETIX HTTP 302
https://x01.aidata.io/0.gif?pid=TARGETIX&bounce=1 HTTP 302
https://dm.hybrid.ai/match?id=8&vid=e4YHVSFGMnjZYS%2BCJwiuVQ

Request Chain 235

https://dm.hybrid.ai/yandex-match HTTP 302
https://an.yandex.ru/setud/targetix/4207979237538519746?sign=1089399078

Request Chain 236

https://sync.1dmp.io/pixel.gif?cid=7914e435-a562-48a5-aa01-6c28a47b11e9&pid=f684b536-8c82-4e99-97ca-d892a75859ca&uid=2ae3be95231d75b89647 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=7914e435-a562-48a5-aa01-6c28a47b11e9&pid=f684b536-8c82-4e99-97ca-d892a75859ca&uid=2ae3be95231d75b89647&cs=1

Request Chain 237

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdm.hybrid.ai%2Fmatch%3Fid%3D206%26vid%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdm.hybrid.ai%2Fmatch%3Fid%3D206%26vid%3D%7BWEBO_CID%7D&bounce=1&random=2759658428 HTTP 302
https://dm.hybrid.ai/match?id=206&vid=yOwvU7x1BV35lDFYHwPR2O

Request Chain 238

https://dm.hybrid.ai/yandexdmp-match HTTP 302
https://an.yandex.ru/mapuid/dmphybridai/2ae3be95231d75b89647?sign=22094209

235 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

away.php Show response
away.vk.com/
Redirect Chain

http://dreamsims.com/
http://vk.cc/aoPctE
https://vk.cc/aoPctE
https://vk.com/away.php?cc_key=aoPctE&to=https%3A%2F%2Fad.admitad.com%2Fg%2Fqnn08swssg1ddcc84d7d5899866e9f%2F
https://away.vk.com/away.php

515 B
685 B

210ms
73ms

Document
text/html

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://away.vk.com/away.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software: VK / PHP/3.23298
Resource Hash: 9c28ead6ce7e425f63a0165a0db91e338c3461dddc9a0652b077f59337ebca8e

Request headers

:method: GET
:authority: away.vk.com
:scheme: https
:path: /away.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: remixlang=3; remixsec_redir=https%3A%2F%2Fad.admitad.com%2Fg%2Fqnn08swssg1ddcc84d7d5899866e9f%2F; remixua=-1%7C-1%7C162%7C-294317073
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: VK
date: Thu, 27 Feb 2020 01:28:15 GMT
content-type: text/html; charset=windows-1251
content-length: 295
x-powered-by: PHP/3.23298
cache-control: no-store
set-cookie: remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; domain=.vk.com remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=away.vk.com remixsec_redir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/
content-encoding: gzip
x-frontend: front605107
access-control-expose-headers: X-Frontend

Redirect headers

status: 302
server: VK
date: Thu, 27 Feb 2020 01:28:14 GMT
content-type: text/html; charset=windows-1251
content-length: 20
location: https://away.vk.com/away.php
x-powered-by: PHP/3.23298
set-cookie: remixlang=3; expires=Tue, 02 Mar 2021 12:03:16 GMT; path=/; domain=.vk.com remixsec_redir=https%3A%2F%2Fad.admitad.com%2Fg%2Fqnn08swssg1ddcc84d7d5899866e9f%2F; path=/; domain=.vk.com remixua=-1%7C-1%7C162%7C-294317073; expires=Fri, 19 Feb 2021 17:29:46 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-encoding: gzip
x-frontend: front213211
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend

GET
H2

200

Primary Request / Show response
drimsim.com/
Redirect Chain

https://ad.admitad.com/g/qnn08swssg1ddcc84d7d5899866e9f/
https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

76 KB
19 KB

314ms
259ms

Document
text/html

2606:4700:20::6818:1132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Requested by

Host: away.vk.com
URL: https://away.vk.com/away.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6818:1132 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c1a674e3e8c9f5e5d6590a9ff185f2c6ea01d6c466370266546181920187830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: drimsim.com
:scheme: https
:path: /?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://away.vk.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://away.vk.com/away.php

Response headers

status: 200
date: Thu, 27 Feb 2020 01:28:15 GMT
content-type: text/html
set-cookie: __cfduid=dbde60195e48b1ade5ba7362d79a7a33a1582766895; expires=Sat, 28-Mar-20 01:28:15 GMT; path=/; domain=.drimsim.com; HttpOnly; SameSite=Lax
via: 1.1 varnish 1.1 varnish
age: 0
x-served-by: cache-iad2120-IAD, cache-fra19121-FRA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1582766896.532149,VS0,VE151
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56b66188ae1cd6e1-FRA
content-encoding: br

Redirect headers

status: 302
server: nginx
date: Thu, 27 Feb 2020 01:28:15 GMT
content-type: text/html; charset=utf-8
content-length: 1242
location: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Tue, 01 Jan 1980 1:00:00 GMT
set-cookie: UID=v=3|id=406942eab3eec2379b45e293eadf0200|expr=1645838895|type=0|business_expr=1587950895; Domain=.ad.admitad.com; Expires=Sat, 26-Feb-2022 01:28:15 GMT; Path=/ UID2=v=3|id=406942eab3eec2379b45e293eadf0200|expr=1645838895|type=0|business_expr=1587950895; Domain=.ad.admitad.com; Path=/
p3p: CP="NON DSP COR CURa TIA"

GET
H2 200 drimtest.08cf0a32a.min.css
assets.website-files.com/5ab2595c7b5f419d06d0263c/css/ 258 KB
42 KB 42ms
7ms Stylesheet
text/css 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd6b81aa0348fd1df6b000a2fb309f505214049a4f0217d6fea963a7c85685f0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-amz-version-id: yMKxrZN1O3qfGXgSVhEBv9dxLhik79bR
content-encoding: gzip
age: 82794
x-cache: Hit from cloudfront
status: 200
date: Wed, 26 Feb 2020 02:28:22 GMT
content-length: 42691
last-modified: Fri, 21 Feb 2020 13:10:02 GMT
server: AmazonS3
etag: "a429cb38e6fb5cf777eec655d60dff77"
content-type: text/css
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: H0nRRhgx8GppBrAs1STcdvZNTvm3pg7-9SdEnSr6cS0w8zk1NyZ-Wg==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 05 Feb 2020 03:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1894032
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 03:21:03 GMT

GET
H2 200 wmx6wne.js Show response
use.typekit.net/ 18 KB
7 KB 122ms
43ms Script
text/javascript 104.111.215.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/wmx6wne.js

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-74.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e6e999d1102978f8191c522b8c91564bd748df49ffefd9a5ffe9c3353ae9cde1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Thu, 27 Feb 2020 01:28:15 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7428

GET
H2 200 remodal.min.css
cdnjs.cloudflare.com/ajax/libs/remodal/1.1.1/ 770 B
411 B 14ms
12ms Stylesheet
text/css 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/remodal/1.1.1/remodal.min.css

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

348b24387ede3488f2245a547a1dc3944f67d5a99c1bf6f354a6d6c6e220887e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 18726026
cf-ray: 56b6618a8df8dfef-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:25:29 GMT
server: cloudflare
etag: W/"5afd4a89-302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Tue, 16 Feb 2021 01:28:15 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.000

GET
H2 200 remodal-default-theme.min.css
cdnjs.cloudflare.com/ajax/libs/remodal/1.1.1/ 4 KB
983 B 12ms
10ms Stylesheet
text/css 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/remodal/1.1.1/remodal-default-theme.min.css

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88996f95016fdf5db7db323fcebb0bfe36eeb9b2d65abfc1bfdf5df977da0bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 27400819
cf-ray: 56b6618a8df9dfef-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:26:38 GMT
server: cloudflare
etag: W/"5afd4ace-e77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Tue, 16 Feb 2021 01:28:15 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.022

GET
H2 200 main.css
content.drimsim.com/site/css/ 2 KB
664 B 117ms
50ms Stylesheet
text/css 23.83.126.132
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.drimsim.com/site/css/main.css
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.83.126.132 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7dad72fd77caabbbc90839af97bb3b33634987a8506ea47634281b26f3b39011

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 08:46:25 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5cf4de61-6eb"
vary: Accept-Encoding
content-type: text/css
status: 200

GET
H2 200 sourcebuster.min.js Show response
content.drimsim.com/site/js/ 14 KB
5 KB 118ms
51ms Script
application/javascript 23.83.126.132
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.drimsim.com/site/js/sourcebuster.min.js
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.83.126.132 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4101ef8c113c49ccf1fe62e77f5f08dbddb9ab70cd3acde4af21b90d8ee1bdc9

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 01:29:20 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5c106470-3879"
vary: Accept-Encoding
content-type: application/javascript
status: 200

GET
H2 200 check.js Show response
content.drimsim.com/site/js/ 7 KB
2 KB 119ms
52ms Script
application/javascript 23.83.126.132
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.drimsim.com/site/js/check.js
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.83.126.132 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cfee4a0f3c42e6691a4d32ff581eb055895c3da6118bf9178bbd88b3cac70783

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: gzip
last-modified: Mon, 12 Aug 2019 17:21:25 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5d51a015-1c03"
vary: Accept-Encoding
content-type: application/javascript
status: 200

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
29 KB 33ms
32ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 10438327
cf-ray: 56b6618a8dfadfef-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:21:00 GMT
server: cloudflare
etag: W/"5afd497c-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 16 Feb 2021 01:28:15 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.003

GET
H2 200 jivosite.css
content.drimsim.com/site/jivosite/ 1 KB
820 B 118ms
52ms Stylesheet
text/css 23.83.126.132
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.drimsim.com/site/jivosite/jivosite.css
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.83.126.132 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9c9745f706d799b80a96b76acb3087d855dbc7a625dd84ebc638041d86371f88

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: gzip
last-modified: Thu, 12 Dec 2019 12:14:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5df22f0d-4f6"
vary: Accept-Encoding
content-type: text/css
status: 200

GET
H2 200 jivosite.js Show response
content.drimsim.com/site/jivosite/ 2 KB
950 B 118ms
51ms Script
application/javascript 23.83.126.132
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.drimsim.com/site/jivosite/jivosite.js
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.83.126.132 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7b8b4de6fa64a0f06b5e65487e600a21a5c863a70429ffd18c31306cdf0cf4aa

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 13:27:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5e3ac2ce-666"
vary: Accept-Encoding
content-type: application/javascript
status: 200

GET
H2 200 5ab2595c7b5f417fa5d026af_englogo.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 4 KB
4 KB 41ms
7ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f417fa5d026af_englogo.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8938fc1c96571a209db41f707bf8f1400e6a69944c4b5030e09f7828a1331eb2

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 08 Feb 2020 21:34:38 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:46 GMT
server: AmazonS3
age: 1569217
etag: "6a9de59d7fbf0fde67defa4f3851ed8f"
x-cache: Hit from cloudfront
x-amz-version-id: SdeyzBnsYzDgqlmD6JheY5bkeXXvj63o
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 3807
x-amz-cf-id: wglxpKMn2FcclAMBw1erCf1XaHQ33hGVShuUPltNOWoTsXaA2gzTug==

GET
H2 200 5ab2595c7b5f4184c4d026ac_inst%20white.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 659 B
1 KB 41ms
7ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f4184c4d026ac_inst%20white.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a73a2bc1fa3a96566f05986b6538c11c95d69a705e39b7a3db9c7862e2faebb9

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Dec 2019 21:58:17 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:46 GMT
server: AmazonS3
age: 4937399
etag: "b0d6db301640ece86347103df33e42d7"
x-cache: Hit from cloudfront
x-amz-version-id: AEQ5EaE2YreUSsv9eCTKPXOdBus1qbfv
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 659
x-amz-cf-id: 2vWAYjdfQOMCJqbk4LmOD6pzzX7p9JUmlAtYp0LVclMYncvTappPew==

GET
H2 200 5ab2595c7b5f411094d026b9_fb.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 269 B
663 B 401ms
398ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f411094d026b9_fb.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38ad6225b0db73465d79e90067a0485364959e82beed247389c7828c7c26f458

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:17 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "85a48110794a589b3b98a513c898b651"
x-cache: Miss from cloudfront
x-amz-version-id: HtYlWwRSr.zY4b9Bk67k.TXGc_Us7j.2
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 269
x-amz-cf-id: mcb3mvxYtn6IVoOPPsn5QUvi3E8aNxgWTFBtnhHfvWrETgNUEmUK5g==

GET
H2 200 5ab2595c7b5f41252bd0267b_tw.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 667 B
1 KB 13ms
9ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41252bd0267b_tw.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2efe8390188e30c59bfcd64ab4d4e17dfc8fb9658182e5f33ccac77534b87ba9

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 09 Feb 2020 22:44:04 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 1478652
etag: "54d6d9dccfc7f1e3f0c95c51f35c09e3"
x-cache: Hit from cloudfront
x-amz-version-id: nqVQZpOqccdY4o1E58.dmWL_6qtLQ3Fn
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 667
x-amz-cf-id: wBL4UETjjqdNbKTQDHgGPrB8DHuxsK_wCtAhs2KEMnQiLdpSg8wh5w==

GET
H2 200 5ab2595c7b5f41c6a5d026a3_vk_white.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 613 B
1017 B 13ms
9ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41c6a5d026a3_vk_white.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bce3c74c6fd81d7fec99f87a905c8226d5754969d481f2b999d460660925606

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Jan 2020 00:47:12 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 4149664
etag: "82b26f24fcc06a846ca6772e61ddd55b"
x-cache: Hit from cloudfront
x-amz-version-id: AfVEAPEQFJM_Mr.jhWDqQvjpdMD.jqrT
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 613
x-amz-cf-id: LGHL3XLiZRKywYMiuSgVJSLs26Z0ain_YoVE3BP0-n_oOAKWm9OXfA==

GET
H2 200 5ab2595c7b5f41d834d02678_ru_as_white-p-500.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 12 KB
13 KB 13ms
9ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41d834d02678_ru_as_white-p-500.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fc178b2064b27f1608dd5f8642ab3c21a7f80ae36b853d62077faecceb1feee

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 02:03:40 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 84275
etag: "8984d8d8680e29e6e71eb31ac9cd6306"
x-cache: Hit from cloudfront
x-amz-version-id: Qj4VBcYEdleZK3I3Hjq7QTaWRqvV4pHN
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 12439
x-amz-cf-id: lJN_BOLnHpX756dEyvrh-NqIdFXKConQ4EzLeAOvJlIso1mGr8F60A==

GET
H2 200 5ab2595c7b5f4166abd0266a_ru_gp_white-p-500.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 12 KB
12 KB 14ms
10ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f4166abd0266a_ru_gp_white-p-500.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d726b50af36ac62a6b4a2c756f465f9e02992a814d3a5660636034f97c9c4ce

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 02:03:40 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 84275
etag: "68488388e34913ada2b5961133f4e115"
x-cache: Hit from cloudfront
x-amz-version-id: 98k9YJFLH1M..Hm2BcSSDV25DiwyjxiU
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 12122
x-amz-cf-id: w0iKclzjDbI3F80xDACX4waV26m0aeTnhXXF6QQ-g57Y5_YXOnKDeQ==

GET
H2 200 5ce6583a22f44f8d25ef1573_woman-hand-ru-p-500.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 438 KB
439 KB 15ms
12ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ce6583a22f44f8d25ef1573_woman-hand-ru-p-500.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fec0875f9172c58cf464d2a4197db852ca46448f2156e2c0cb67e00853f0eb86

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 24 Feb 2020 23:25:55 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 08:22:22 GMT
server: AmazonS3
age: 180140
etag: "51b467dc27b2be5dd6a8df1bea8bee00"
x-cache: Hit from cloudfront
x-amz-version-id: ZO1zx5KUwPFyHLyAYYIUtfPr20_gX8x_
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 448233
x-amz-cf-id: 8O0wPMpOr_zB0BdQKyT6mg6XwmQ_aV-eq7xh_S3nzxfZse8OHlX1Sw==

GET
H2 200 5ab2595c7b5f413092d0266b_sim.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 33 KB
33 KB 13ms
10ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f413092d0266b_sim.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da07a283b7577522112a0bee5bdfcd0bfcdab256d93356ec39b33471c8cbe462

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 22 Feb 2020 23:20:27 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 353268
etag: "f50294b5bf034616b3753f069b0b828d"
x-cache: Hit from cloudfront
x-amz-version-id: 1SdlHE.uA6DoHg.E2tpo92xBFsE.Aw9X
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 33558
x-amz-cf-id: 9PyNTk_9j3AmVCLQfLbQkaidr1mzk1t79Z0dt5p3uMxHHP0mJO0mhg==

GET
H2 200 5ab2595c7b5f41a729d02680_app%2520store_white_ru-p-500.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 12 KB
12 KB 14ms
10ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41a729d02680_app%2520store_white_ru-p-500.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba8871d13ea602fdc98d20925532b5c8fa1311e1e84baf38e735d7dd8e4eaf44

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 25 Feb 2020 06:53:54 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 153262
etag: "459ce72ce85721913a9565a2149db6b9"
x-cache: Hit from cloudfront
x-amz-version-id: rCovLzwD5JMRA6O0VGXeZpGcUa707jxF
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 11800
x-amz-cf-id: C55JEojYFYNcGOA5SyrqLz7wqiwcbwI3ldik3sKE0ciXrg0MSlaCeg==

GET
H2 200 5ab2595c7b5f410be6d027c4_gplay_white_ru-p-500.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 12 KB
13 KB 15ms
11ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f410be6d027c4_gplay_white_ru-p-500.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf37f335e5c3bcfe7cc258c0d5f2bdbfed511f7f46da84e8ff6d27938b4b52a8

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 24 Feb 2020 23:26:12 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:50 GMT
server: AmazonS3
age: 180124
etag: "de38889ffb1f9f1e6b2df4ce18bdeb2c"
x-cache: Hit from cloudfront
x-amz-version-id: h1n.1CdepLyGlfSstFp7N5SvuTjADwMH
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 12436
x-amz-cf-id: bs1OEqBFiMrUz-EO-2A_QJz4HcTVq-4CIqXScT999bQfZQ-jDmoDgQ==

GET
H2 200 5ab2595c7b5f4168f2d0274c_arrows.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 215 B
619 B 14ms
11ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f4168f2d0274c_arrows.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03e0f8424f5c77ca07546c05bdfea99f3e3714e76d7fc64d74900fbecf3f5a59

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 10 Feb 2020 20:59:22 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:48 GMT
server: AmazonS3
age: 1398534
etag: "b43e729416e5e8785e1ba162321c750f"
x-cache: Hit from cloudfront
x-amz-version-id: 5Fwp8NakDkVx1ztWpAXKk42QN3hcGAcf
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 215
x-amz-cf-id: eNMva1sBLfMSKuscpmFzC6y9aTMTIOrVrVJ-E4-oGKmEEXgzADKxWw==

GET
H2 200 5ab2595c7b5f41fb55d02721_time%20icon.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 3 KB
4 KB 18ms
15ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41fb55d02721_time%20icon.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1684d8677bdba8614107dbc2121a9c4fe21778e5b7fab6eda7ec7611b390b421

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 24 Feb 2020 22:44:05 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:46 GMT
server: AmazonS3
age: 182651
etag: "84919b43d5f0771e4d6730786a06b56c"
x-cache: Hit from cloudfront
x-amz-version-id: ttqHnTJVHB6pTBJo0m.0Hll7rn1al.Uv
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 3436
x-amz-cf-id: ED99hdfRuymsszGLpngpGEIrOmjHls9QVle3B2xDTzpXGdMb9qbVJA==

GET
H2 200 5ce65842d355ee7b21e1e403_demo-mode-ru-p-500.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 85 KB
85 KB 18ms
15ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ce65842d355ee7b21e1e403_demo-mode-ru-p-500.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e436e1bf11cfa02b38b3163130bb9d4ad490001bfd3514917072b69c2a28b0a

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 02:03:40 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 08:22:29 GMT
server: AmazonS3
age: 84275
etag: "ba2dc424df88fd69e66994d93079cd85"
x-cache: Hit from cloudfront
x-amz-version-id: KnxqaFevbo57EkKvMSSl.FNdmubC7Epq
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 86997
x-amz-cf-id: L5rmLV10AZlh3-iY3jpDqdOuW3qDysgXE5U0kF35y_vMPog2B_6RpA==

GET
H2 200 5ab2595c7b5f415529d02666_Download_on_the_App_Store_Badge_RU_RGB_blk_100317.svg
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 10 KB
5 KB 21ms
18ms Image
image/svg+xml 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f415529d02666_Download_on_the_App_Store_Badge_RU_RGB_blk_100317.svg
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27f35c64f2a984ecb4546982889d5514a46666b7aba55909d052e4036862e725

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 28 Jan 2020 03:59:26 GMT
content-encoding: gzip
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 2582929
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 9nQSPG2yOGgaEVYoKJ.azDHfIRjaewwb
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
x-amz-cf-id: rulu1EXUTSNcapCl-0OU-528ntiOzINhxDfUa6-6KqJE5V6CNjKCzw==
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)

GET
H2 200 5ab2595c7b5f41a615d02748_google-play-badge1.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 6 KB
7 KB 15ms
11ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41a615d02748_google-play-badge1.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a119d337e1cd12b6da7b4b06c1e96e88902ae84e8f7778ec9f58aa64432f6666

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 03 Jan 2020 19:47:12 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:48 GMT
server: AmazonS3
age: 4686064
etag: "feff372ffe3cfea54a85ae57345b001b"
x-cache: Hit from cloudfront
x-amz-version-id: dhIbut4.SDtRtCFtQK8_994.qnXv4b5Q
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 6405
x-amz-cf-id: l6nMevX_AihCMW_zd-KRiLdyn1zRUk_7wz8PhGr89UaNqDlFeMR_wg==

GET
H2 200 5ab2595c7b5f41459ed02755_arrow.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 436 B
837 B 16ms
13ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41459ed02755_arrow.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 332ee6cc095fecc13f488523f308b8241dfd2d5c1809cfd90e8deaa4ce941ce4

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 00:18:00 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:48 GMT
server: AmazonS3
age: 1300216
etag: "6ae60b8cd465e88d660178a041842235"
x-cache: Hit from cloudfront
x-amz-version-id: 31nfC.jOh8horcDPYPmr7zlms_88g9Hu
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 436
x-amz-cf-id: r4MmFeLoch3lZZ1qk2iQqpFSDLlFYB1XfkQdqkrIfteGOG-TNojreQ==

GET
H2 200 widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 128ms
37ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 62c8512b27ff9cbb23f96fd433e159b270bf3a75571a76b8428a4effc21effe0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 29101
x-served-by: cache-bwi5139-BWI, cache-fra19165-FRA
last-modified: Tue, 25 Feb 2020 00:16:08 GMT
etag: "b184acc5626add1721a10b1738df2dbe+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 5ab2595c7b5f4179f0d026bf_ru_as_blue-p-500.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 14 KB
15 KB 17ms
14ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f4179f0d026bf_ru_as_blue-p-500.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37a3fb7e0591b6f4d54499b245bd54da36c5b65ce9a65339e78e23eea984e3b2

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 02:03:41 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:46 GMT
server: AmazonS3
age: 84275
etag: "c8c4c4988f5bacead5090f0caa1fbc26"
x-cache: Hit from cloudfront
x-amz-version-id: 3rx20pdt05imi0_b27ijyKguIXLvsbH.
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 14839
x-amz-cf-id: VeZtcGSlkNmvXicI3IuvRUxPUZ8hYdeAMHOWYFe5NGXmwSgooueEYQ==

GET
H2 200 5ab2595c7b5f414649d02673_ru_gp_blue-p-500.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 13 KB
13 KB 26ms
23ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f414649d02673_ru_gp_blue-p-500.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69ff56d9c030edd37c2375fddbe6bcec3b08db681957225fad8dcc110eb6efd2

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 12 Feb 2020 02:35:37 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 1291959
etag: "8bcff9d47bc45d7c951a39cb2db62ac7"
x-cache: Hit from cloudfront
x-amz-version-id: f9j9vw.8TOR9rDP8GpanPv9EZLw6GrkJ
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 13390
x-amz-cf-id: VoFrPc_xDLCp6v1PolxBX6KqnNS-GlJjL32wvPV6gDtsVrjum-VfXQ==

GET
H2 200 5ab2595c7b5f41e082d027e0_FB.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 2 KB
3 KB 26ms
23ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41e082d027e0_FB.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b80a381cdbf6bbf850611dac9232b1b05c0f33920a50b8d15936239a069127f

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 01 Jan 2020 16:28:54 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:51 GMT
server: AmazonS3
age: 4870762
etag: "6375e0b8016d6f0032c5e6a18246a61f"
x-cache: Hit from cloudfront
x-amz-version-id: hpCXJbfaaOue0DM5mG8XFjGaaogPbxYi
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 2360
x-amz-cf-id: pcPEeNB_Ti00oKGLNM_XgZoDibkhe5_Oi9LMO6_0x8c0OZ2ljcFNWQ==

GET
H2 200 5ab2595c7b5f410eafd027df_TWI.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 3 KB
3 KB 25ms
22ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f410eafd027df_TWI.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6edcbbc56144f9c0bb5d26641f2436c7913b620f44f2f657d28ed53f5417443

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 10 Feb 2020 20:59:22 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:51 GMT
server: AmazonS3
age: 1398534
etag: "f1c5a9f69fbf109a2ca062649b5b28a3"
x-cache: Hit from cloudfront
x-amz-version-id: 56loA0rb1CwOd.327NfMGIMCmzsUSeeG
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 2984
x-amz-cf-id: qeFcunHhNM8z4gzylAX0t9kOEA1GqJ0IyJXXiav1aRBkrOtWYmdmRg==

GET
H2 200 5ab2595c7b5f41cc73d027dd_VK.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 3 KB
3 KB 26ms
24ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41cc73d027dd_VK.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de31f28497e6d6aaefd7bbdb13bdf7091a4db6e2409adf234ca9b36c43fa1637

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Dec 2019 14:50:31 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:51 GMT
server: AmazonS3
age: 4963065
etag: "3c3a5dedd512a011ad78a8cde600d84a"
x-cache: Hit from cloudfront
x-amz-version-id: qv_ywEShdGe.ubz5GjYafWT0IHwEnLmn
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 3002
x-amz-cf-id: YzaTWQzszzYzjcESJz2eGsPv-ArxHZbCxBuJCwWmFmf5MbnrFBHAkQ==

GET
H2 200 5ab2595c7b5f414cccd027de_INST.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 3 KB
4 KB 27ms
24ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f414cccd027de_INST.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87d46d06b23f22577d8db75c5e772ee69ade2c497ca815f7ae3bc42424d02353

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Jan 2020 23:59:17 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:51 GMT
server: AmazonS3
age: 4757339
etag: "1e6cdd6095ac47f6e8d86cda5ec3cbd7"
x-cache: Hit from cloudfront
x-amz-version-id: WzkDxPb7SKoyA6p_vPBbgDKYDZOQ0ed1
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 3353
x-amz-cf-id: _M4ibM4heAVcVuYnbAHBUS9xw_2aL1uuVq_SHfFsdREdAJZTmVoiUQ==

GET
H2 200 5ab2595c7b5f41781ad026b1_logo.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 3 KB
4 KB 400ms
398ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41781ad026b1_logo.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 765b9b961b160b12b29033b6b6f55e1fa6e707d6dcaa0f2cd89d5d618d0c72b6

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:17 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "a6dc3351f70d6f1c58e5863bca42d7e9"
x-cache: Miss from cloudfront
x-amz-version-id: lbgHjIvIOsWFSYbHRSxC4Y0MG.ySyWRm
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 3345
x-amz-cf-id: d1ijzntlw2ZBdXnVoL0ysR22VR0leExC0HsHQoUmQpL45sE8jcVyVQ==

GET
H2 200 5ab2595c7b5f41d834d02678_ru_as_white.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 30 KB
31 KB 27ms
24ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41d834d02678_ru_as_white.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5c3bd81498d2c2e71f59208be908d299e25831de0ec9de131b0c0687f5ccac4

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 10 Feb 2020 20:59:22 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 1398534
etag: "89cdae3d14c20e5fcce7619828d2f9c8"
x-cache: Hit from cloudfront
x-amz-version-id: noWD4gpDFVHq53e6Ecw6NL4MxwWRKD7p
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 31141
x-amz-cf-id: NvpfxZwghULlO4u4XjybHL9s9OiAKffYZ-Yw45zMYSV5V2AG6juo2w==

GET
H2 200 5ab2595c7b5f4166abd0266a_ru_gp_white.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 37 KB
38 KB 27ms
25ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f4166abd0266a_ru_gp_white.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9756999757df609b75680f9c3902fa09cd026822969a5568bdf7eee876022e2

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 10 Feb 2020 20:59:22 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 1398534
etag: "96a7dec90e65776df15b23ac935b6105"
x-cache: Hit from cloudfront
x-amz-version-id: 7SIOe3XTUeEzL3YgtnBVvfefCuMxWcgq
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 38013
x-amz-cf-id: WcmQc0WHzMiKM9zaK-jUS8b74EUaFdb-85QINKmgbZDJaDvG8D0Oxw==

GET
H2 200 5ab2595c7b5f410c7dd0269a_inst.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 602 B
1004 B 28ms
25ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f410c7dd0269a_inst.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1749c1a4f209e577d605108ff217d4d9e2f41433bb9a233d195c22454f6209a8

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 18 Jan 2020 03:33:49 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 3448467
etag: "4754c189ee871675da29e15ba402a62b"
x-cache: Hit from cloudfront
x-amz-version-id: MXt7_dTDA7paIUWak9FUC4RX_xu3JOys
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 602
x-amz-cf-id: gZitJt_oeXd5hNEsaigRF3WlbCoM0AiTAPVFwRxmacqWIVqvG__l7w==

GET
H2 200 5ab2595c7b5f41a258d02791_f.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 248 B
651 B 27ms
25ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41a258d02791_f.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b9ee4dba2fce67dd20709d4e79141eec3cebaea649252a65ebebd7dc20a0818

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 16 Feb 2020 16:43:47 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:49 GMT
server: AmazonS3
age: 895469
etag: "efdd640a5ed6d8bfe11246ccf3df497d"
x-cache: Hit from cloudfront
x-amz-version-id: lNSDaKE8YfryFMOMeGt9vKjpNcAyouxh
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 248
x-amz-cf-id: opPLhQPtfn-RPb-Ns8VRMuW1vWBgJB9jTCtJb9nC3JpN50J8i4h9KA==

GET
H2 200 5ab2595c7b5f41aa66d02796_twi.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 513 B
917 B 28ms
25ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41aa66d02796_twi.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f541c0ee877aff4684be51f3c1be90617347c27de6b06aa426cad00b5f7fdd9

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Dec 2019 19:04:18 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:49 GMT
server: AmazonS3
age: 4947838
etag: "02fc14d55e62dc0f724a7b82b399b52a"
x-cache: Hit from cloudfront
x-amz-version-id: fjiTKPU_MPQkpANsXEKbmDtpGbpVA2iY
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 513
x-amz-cf-id: qXJUZcHE0cpWT2un5LR8K55qhELGO6X8_FBIzi9_-giyW5FiXRxuNw==

GET
H2 200 5ab2595c7b5f416dd4d0274f_vk.png
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 537 B
940 B 29ms
26ms Image
image/png 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f416dd4d0274f_vk.png
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a0d3cdc751d6612727743b914fd1717d8d72d1be9c4f1602e4c075787dbe24e

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 01 Jan 2020 20:12:07 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:48 GMT
server: AmazonS3
age: 4857369
etag: "c5891ed0d4e7bc664c09b6e2fbfa38fc"
x-cache: Hit from cloudfront
x-amz-version-id: mixuFSVfEC1mnM1NiwlPiw2WCvjWLwV4
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 537
x-amz-cf-id: ddlqEYPYYEoP5RLS5Orv5lWp_XelDshUXhdW02poqHxolTOa9H0Ddw==

GET
H2 200 email-decode.min.js Show response
drimsim.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
833 B 7ms
7ms Script
application/javascript 2606:4700:20::6818:1132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drimsim.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6818:1132 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 19 Feb 2020 10:15:58 GMT
server: cloudflare
etag: W/"5e4d0ade-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 56b6618ac904d6e1-FRA
expires: Sat, 29 Feb 2020 01:28:15 GMT

GET
H2 200 jquery-3.4.1.min.220afd743d.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 86 KB
30 KB 149ms
61ms Script
application/javascript 13.225.84.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.84.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-72.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 05:11:40 GMT
content-encoding: gzip
age: 72996
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jun 2019 18:13:30 GMT
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: BtmNpiIrKQwt3_8yPFRTrEBbA_rGrYIKG-II08VavD1eldWYMcN7lw==

GET
H2 200 drimtest.81f6453be.js Show response
assets.website-files.com/5ab2595c7b5f419d06d0263c/js/ 171 KB
54 KB 6ms
6ms Script
text/javascript 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/js/drimtest.81f6453be.js
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c366a2fbcff722f03d363f9d22005009e6f38db526080b6b57ca872c9a8665a

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: H1uE5HQ5pfKItTAuTSZWtfkdO8.yPsqq
content-encoding: gzip
age: 42688
x-cache: Hit from cloudfront
status: 200
date: Wed, 26 Feb 2020 13:36:48 GMT
content-length: 55200
last-modified: Fri, 21 Feb 2020 13:10:02 GMT
server: AmazonS3
etag: "9136ef480d0a84890642ad68acbfe7ef"
content-type: text/javascript
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: MfAlpc609XNp5dlg2WcpyCX39i5fknHKrBzA724VUEuoupHRvlCI-g==

GET
H2 200 remodal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/remodal/1.1.1/ 8 KB
3 KB 14ms
14ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/remodal/1.1.1/remodal.min.js

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b51edfcf67c27b272a23dfd5f262fd9f24dce25235e24836426eb3647baea711

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 10261117
cf-ray: 56b6618aee88dfef-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:25:29 GMT
server: cloudflare
etag: W/"5afd4a89-1e8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 16 Feb 2021 01:28:15 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.000

GET
H2 200 / Show response
track.adspire.io/code/drimsim.com/ 25 KB
5 KB 207ms
108ms Script
application/javascript 195.181.175.51
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adspire.io/code/drimsim.com/
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.51 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: unn-195-181-175-51.datapacket.com
Software: CDN77-Turbo /
Resource Hash: ea70ddadf76453f0f1c4fbbcb8e71f9fd68b35d27f5b975cb4e6c64607f386a3

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: br
last-modified: Fri, 17 Jan 2020 18:36:56 GMT
server: CDN77-Turbo
x-edge-location: frankfurtDE
etag: W/"5e21fec8-625a"
x-cache: REVALIDATED
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: max-age=7200
x-edge-ip: 195.181.175.50
x-age: 12475
expires: Mon, 03 Feb 2020 15:00:12 GMT

GET
H2 200 main.js Show response
content.drimsim.com/site/js/ 6 KB
2 KB 52ms
52ms Script
application/javascript 23.83.126.132
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.drimsim.com/site/js/main.js
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.83.126.132 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 428cbac419ef6857d3ab1feb1aa75e9e4df842be0f8d4fcc2bdc9a9ab02698d0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: gzip
last-modified: Tue, 02 Jul 2019 09:46:04 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5d1b27dc-182a"
vary: Accept-Encoding
content-type: application/javascript
status: 200

GET
H2 200 css
fonts.googleapis.com/ 9 KB
894 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular,500,700%7CRoboto:300,regular&subset=cyrillic,cyrillic-ext,latin,latin-ext,cyrillic,cyrillic-ext,latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f1dc81498da5df5cc4a4b2730c86480122e1b4a6808621b7d941aaa6e29d824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Feb 2020 01:28:15 GMT
server: ESF
date: Thu, 27 Feb 2020 01:28:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Feb 2020 01:28:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:regular,500,700%7CRoboto:300,regular&subset=cyrillic,cyrillic-ext,latin,latin-ext,cyrillic,cyrillic-ext,latin
Origin: https://drimsim.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 06:20:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 1969653
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6720
x-xss-protection: 0
expires: Wed, 03 Feb 2021 06:20:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:regular,500,700%7CRoboto:300,regular&subset=cyrillic,cyrillic-ext,latin,latin-ext,cyrillic,cyrillic-ext,latin
Origin: https://drimsim.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 23:19:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 180513
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6864
x-xss-protection: 0
expires: Tue, 23 Feb 2021 23:19:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:regular,500,700%7CRoboto:300,regular&subset=cyrillic,cyrillic-ext,latin,latin-ext,cyrillic,cyrillic-ext,latin
Origin: https://drimsim.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 20:15:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:10 GMT
server: sffe
age: 1919547
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6824
x-xss-protection: 0
expires: Wed, 03 Feb 2021 20:15:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fABc4AMP6lbBP.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4398e863ecd066e77ee4180c582e45424471d757666f8541b10c8e95685b5ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:regular,500,700%7CRoboto:300,regular&subset=cyrillic,cyrillic-ext,latin,latin-ext,cyrillic,cyrillic-ext,latin
Origin: https://drimsim.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 09:41:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:34 GMT
server: sffe
age: 1957602
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6720
x-xss-protection: 0
expires: Wed, 03 Feb 2021 09:41:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 144 KB
37 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TW5HKCW

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54aa0124c1eed274a26b40b77cd7ffef08db26472b3af48eb4767c4756bc3234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37904
x-xss-protection: 0
last-modified: Thu, 27 Feb 2020 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Feb 2020 01:28:15 GMT

GET
H2 200 5ab2595c7b5f417f0cd02758_Back.jpg
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 69 KB
69 KB 25ms
25ms Image
image/jpeg 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f417f0cd02758_Back.jpg
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d7df9a187f847f7d8c2aa24611398d11ba284d76d4895c28bd4d232da74f2a4

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 19 Jan 2020 00:21:53 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:48 GMT
server: AmazonS3
age: 3373583
etag: "860d631141be1db422d2735e389ec361"
x-cache: Hit from cloudfront
x-amz-version-id: dRSl0TESCh78N0PTWrSmnE9xmJhRNAbW
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 70406
x-amz-cf-id: aeYjwPwrqa9izEqLT-fcDYUMNDkA9IY9dnH7vhOS1hQZKK75cOC1vQ==

GET
H2 200 5ab2595c7b5f41da44d02663_Spinner.gif
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 20 KB
20 KB 25ms
25ms Image
image/gif 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41da44d02663_Spinner.gif
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c0d98778e6b7f8e4d650e1f8e64598d28329ae868664050805745e144c2d7eb

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 03:17:11 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 79865
etag: "e6ce3b63bb153e4fc424986d0c4baca6"
x-cache: Hit from cloudfront
x-amz-version-id: TztPuFnvcUewxvKxBYwGJblmVqJWZSdV
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/gif
content-length: 20065
x-amz-cf-id: QO0ewh4lOSWi1rFtUDiIvnvglZXTplLkVInGIJoWVHHusOREb0YNuQ==

GET
H2 200 5ab2595c7b5f41a079d0278e_111.jpg
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 93 KB
93 KB 26ms
26ms Image
image/jpeg 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41a079d0278e_111.jpg
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ec01607a5f3b38454680259fe102b3c12060f267f26479f4174ee3b1c6e31b2

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 01:36:28 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:49 GMT
server: AmazonS3
age: 517907
etag: "df1dcf35b83ea23a06449808030cf216"
x-cache: Hit from cloudfront
x-amz-version-id: RlBlf9FgCU4X3lINMBtnlpJVj44Xc1Sp
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 95169
x-amz-cf-id: vYioXPgQ9XUfjB2Qub2d13bqkHWYP0VbsANB_WIoO3Nfdjnql7WkYg==

GET
H2 200 5ce65840d716616816a71303_phone-on-table-ru.jpg
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 417 KB
418 KB 25ms
25ms Image
image/jpeg 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ce65840d716616816a71303_phone-on-table-ru.jpg
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a3938e7ebf04cfc9045bd225e122027ceb3f053bd1f91d858d5e0b50fc056c3

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 24 Feb 2020 22:44:05 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Thu, 23 May 2019 08:22:25 GMT
server: AmazonS3
age: 182651
etag: "d1a3296dd4b90259946764aafd79d556"
x-cache: Hit from cloudfront
x-amz-version-id: xvEy66h6M4dT7NAhej27gc5T4VbJWMvs
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 427049
x-amz-cf-id: jEGNJz0jLFk_ZNsE6wZxgzOIG44BmT7OT09pVP72JQiQDGFe5bmAnw==

GET
H2 200 5ab2595c7b5f410e8fd0268e_PantonSemiBold.woff2
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 51 KB
51 KB 26ms
9ms Font
application/octet-stream 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f410e8fd0268e_PantonSemiBold.woff2
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c2431407dbe2a618f982f5810887dcc4581d302c03331241520ff8f3aaa72cd

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
Origin: https://drimsim.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 16:12:48 GMT
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
age: 2106928
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 51920
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
etag: "3041a2430c584c92e50c7d0a3a114df4"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
x-amz-version-id: eB8jxU9Lhc4gEG.XtfbFYqWIiC4NS3i1
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: eMWZTqPWjF3TxEuTtTyVNByhFz5JPceM3upaCR4YGbnC0LHhBiaQsw==

GET
H2 200 5ab2595c7b5f412d43d0268f_PantonRegular.woff2
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 51 KB
51 KB 25ms
9ms Font
application/octet-stream 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f412d43d0268f_PantonRegular.woff2
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5059e6d322f7258454f6c90077f7535e3ffb55b1ecd81dd15fe65d5e2715b4f

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
Origin: https://drimsim.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 10 Feb 2020 20:59:22 GMT
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
age: 1398534
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 52000
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
etag: "af6ae504d1d598ce19877f2383780f87"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
x-amz-version-id: .AFGwUQjUon8AHBpm7MZL3.UpVe1GZF_
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: xuUKmYI0P9Qzfh3VNOSzeUWL46988tPwqQ4V-xLx2fTS9shGS7-CNg==

GET
H2 200 5bbdf5a6ecf9177f3e9b97e3_PantonBold.woff2
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 32 KB
33 KB 25ms
10ms Font
application/octet-stream 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5bbdf5a6ecf9177f3e9b97e3_PantonBold.woff2
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41b47c87248e2cfb9b6d2a7a238baac843717c7372d0a5e19d84b92afba07e2b

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
Origin: https://drimsim.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 11 Feb 2020 04:03:36 GMT
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
age: 1373080
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 32716
last-modified: Wed, 10 Oct 2018 12:50:51 GMT
server: AmazonS3
etag: "ae2c68d09e4fbe0b3b44dd720a08a1e9"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
x-amz-version-id: NZNUy9HlSGZUFP0RxYLATO7TZZB4E6Fi
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: vPUo8vm3kO6NaDBuOkjsyBkJkG2ZbH4HBsajnHkUdXX3dytv5jUAwg==

GET
H2 200 lib.js Show response
static.drimsim.com/ 789 KB
199 KB 29ms
18ms Script
application/javascript 2606:4700:20::6818:1132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.drimsim.com/lib.js

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6818:1132 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e4bf2a8a0d84f106d1029c0f9c502c30c529ad3b8bfeb4c25ab54f38e2157ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Feb 2020 10:55:03 GMT
server: cloudflare
age: 1581
etag: W/"5e54fd07-c5585"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 56b6618b9a52d6e1-FRA
access-control-allow-origin: *

GET
H2 200 suggest.js Show response
static.drimsim.com/ 16 KB
4 KB 31ms
20ms Script
application/javascript 2606:4700:20::6818:1132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.drimsim.com/suggest.js

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6818:1132 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf13cb70a3c6159f2e8f84333839e0d469a99e1d6298652cf133930c3914e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 25 Feb 2020 10:55:03 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5e54fd07-41b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains
cf-ray: 56b6618b9a4ed6e1-FRA

GET
H2 200 5ab2595c7b5f415306d0267f_58abf723f012106c069211a5_keds.jpg
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 229 KB
230 KB 11ms
9ms Image
image/jpeg 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f415306d0267f_58abf723f012106c069211a5_keds.jpg
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e69edc82b4a40ef8d9c11b3b507d0a8f83fbd090f43757b4019ab77fa5aea4be

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 23 Feb 2020 21:30:28 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 273468
etag: "550a01813603cb58fe6464203c0753ac"
x-cache: Hit from cloudfront
x-amz-version-id: XB5YEYG3ukP6pkat4FmiYxcJTZmcJBK0
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 234962
x-amz-cf-id: QEb_f4OuMS5srPAgvdYyPsi9I9OWJ4sHIP5O3A_jXQUzG-1wZ0fE3g==

GET
H2 200 5ab2595c7b5f416a27d02720_pattern.jpg
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 4 KB
4 KB 9ms
7ms Image
image/jpeg 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f416a27d02720_pattern.jpg
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da69d60611100a2e324bf13fb0be23945bb0db8ab2e4bdbea7459c9752a9064f

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 16 Feb 2020 16:43:47 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:46 GMT
server: AmazonS3
age: 895469
etag: "5c046afa1d76b86515fbba5dbf685339"
x-cache: Hit from cloudfront
x-amz-version-id: 3j458Gz7_blxDEJCQI.bgkRO8.FHxL5E
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3612
x-amz-cf-id: Xso-iwkNsZPqKQE7PMItrPcq2k8KHOaECmmFzckEyNoRLrdXHvcN8Q==

GET
H2 200 5e4123d897f1ef552023e9af_Artemij_Lebedev.jpg
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 32 KB
32 KB 10ms
8ms Image
image/jpeg 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5e4123d897f1ef552023e9af_Artemij_Lebedev.jpg
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15f6132278f60696942ef76ce9a4593bda7535bdfdcb8114d4ce0141e934c706

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 10 Feb 2020 20:59:22 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Mon, 10 Feb 2020 09:35:22 GMT
server: AmazonS3
age: 1398534
etag: "08768dc1a461f7d237a67dae583c4813"
x-cache: Hit from cloudfront
x-amz-version-id: bQ8n3Y9OSAPeLvRG_8yVr61h_1F0rqN4
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 32361
x-amz-cf-id: cF1oeGhM-XEgoGRi2FteDEpCpDCzgpOQK5DClmQ-iBQSyhRKhnhw3A==

GET
H2 200 5ab2595c7b5f413fccd026b3_%D0%A1%D0%B5%D1%80%D0%B3%D0%B5%D0%B8%CC%86%20%D0%90%D0%BD%D0%B0%D1%88%D0%BA%D0%B5%D0%B2%D0%B8%D1%87_.jpg
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 140 KB
141 KB 500ms
498ms Image
image/jpeg 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f413fccd026b3_%D0%A1%D0%B5%D1%80%D0%B3%D0%B5%D0%B8%CC%86%20%D0%90%D0%BD%D0%B0%D1%88%D0%BA%D0%B5%D0%B2%D0%B8%D1%87_.jpg
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8356ae7686fad11d5f4de273e3cf99cb86b7d22610b87291699d0c8c4b68c5ae

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:17 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "6d3f6cd1ccec6b1bda6ebdd59ddd3f5e"
x-cache: Miss from cloudfront
x-amz-version-id: W6JBmL3j3l_LZLLzyUa4Cs_vnXbLuoBl
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 143339
x-amz-cf-id: Fr4xlS7Jxln7ZyypT51PjDPNYNptLUYRsAWvJLQEpTaQPO-eEdGHrA==

GET
H2 200 5ab2595c7b5f41c297d026b4_%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B5%D0%B8%CC%86%20%D0%AD%D0%BA%D1%81%D0%BB%D0%B5%D1%80_.jpg
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 72 KB
73 KB 10ms
8ms Image
image/jpeg 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41c297d026b4_%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B5%D0%B8%CC%86%20%D0%AD%D0%BA%D1%81%D0%BB%D0%B5%D1%80_.jpg
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 539274318db7f53851889cc63ac0e0143154fd18dd94b66e0f807e7ca8c87dce

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 09 Feb 2020 22:44:10 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:46 GMT
server: AmazonS3
age: 1478646
etag: "7b383fc199a47916185ae75e73fc4381"
x-cache: Hit from cloudfront
x-amz-version-id: F_dkD85zK5P5hj3ha25p6T1ggCBmedV6
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 74103
x-amz-cf-id: 0MEDVTlaK-BNGtO4KoWhJJwQGLtTOyJAV86Z7-xSrrh_V_un7u8SEQ==

GET
H2 200 5ab2595c7b5f411ff4d02723_%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%A8%D0%B5%D0%B2%D1%87%D0%B5%D0%BD%D0%BA%D0%BE_.jpg
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 88 KB
89 KB 10ms
8ms Image
image/jpeg 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f411ff4d02723_%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%A8%D0%B5%D0%B2%D1%87%D0%B5%D0%BD%D0%BA%D0%BE_.jpg
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3c46702547e4c1c16fcf14c8d519fdefefae31425089a31b0ac841ce7773c1a

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Jan 2020 00:37:08 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:46 GMT
server: AmazonS3
age: 4841468
etag: "73a3aed5d2e3287f62167521e6f170ac"
x-cache: Hit from cloudfront
x-amz-version-id: D3m8elcYkLf3HHCBxNIcC.HmeAtasrHk
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 90244
x-amz-cf-id: hI5ytolge1kR1k4i2m4xh1X8su5snX3hpxOQ0Y4Wum0ZC9IVql7Dbg==

GET
H2 200 5ab2595c7b5f41ee91d0274a_%D0%90%D0%BD%D1%82%D0%BE%D0%BD%20%D0%92%D0%B5%D1%80%D1%82_.jpg
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 88 KB
88 KB 500ms
498ms Image
image/jpeg 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f41ee91d0274a_%D0%90%D0%BD%D1%82%D0%BE%D0%BD%20%D0%92%D0%B5%D1%80%D1%82_.jpg
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e2f57e904e03ed5a25adc320cf8385fc510b4707c7bf7daef7d60851b5dbc4b

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:17 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "0f1649cdb18165a7ecad1e176293e16b"
x-cache: Miss from cloudfront
x-amz-version-id: Qdid4FOTK8_44hZcg.mPhJb7hc23k2Yn
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 89850
x-amz-cf-id: 1yBqx_pU6vQA0Rv8hsZXRhhDqjNMRJ7s-bT4F2JRv5cIwyFpstuPfw==

GET
H2 200 5ab2595c7b5f411523d0268c_clouds.jpg
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 46 KB
46 KB 10ms
8ms Image
image/jpeg 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5ab2595c7b5f411523d0268c_clouds.jpg
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a568953de633711c620d2d0432d61aa2f0cac166437e814be30ce26e321698b

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 10 Feb 2020 20:59:22 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 13:08:45 GMT
server: AmazonS3
age: 1398534
etag: "97f0e47562dd33fadcd7bc4eee24dc50"
x-cache: Hit from cloudfront
x-amz-version-id: Gnw2Zo4FyJ0Ul5vvfWR6D0tEvujbyP84
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 46640
x-amz-cf-id: QYHLwZXkcc9YvEfQmnMJ5nz3yJuzjuIfl4UirtDeJ0QzpzDxis963Q==

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

Origin: https://drimsim.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 5bbf11c25211f45011f86828_Panton-Light.otf
assets.website-files.com/5ab2595c7b5f419d06d0263c/ 145 KB
146 KB 556ms
556ms Font
application/x-font-otf 2600:9000:20eb:7600:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/5bbf11c25211f45011f86828_Panton-Light.otf
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ab2276dcf53c0ae41925d1dd8df947069bd907812e7e4c9a8852d3f8c3c85a

Request headers

Referer: https://assets.website-files.com/5ab2595c7b5f419d06d0263c/css/drimtest.08cf0a32a.min.css
Origin: https://drimsim.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 01:28:17 GMT
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
status: 200
access-control-max-age: 3000
content-length: 148736
last-modified: Thu, 11 Oct 2018 09:03:02 GMT
server: AmazonS3
etag: "58aa80dc544b7a5a463501eec1e876bd"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
x-amz-version-id: HugfFOLNJmVulDi0c3yWoqq3BB2_qlyT
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: application/x-font-otf
x-amz-cf-id: 3O1kmxYKNId439KS3qYoYHgAfOCvl8NbzqtrTtKfvaxp6KFpD3IeMQ==

GET
H/1.1 200
OK branch-latest.min.js Show response
cdn.branch.io/ 72 KB
22 KB 40ms
39ms Script
text/javascript 13.225.73.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-39.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 734efdef4c4dc106a44b2ee135340b648815f517a8cc15aba680465eefa1ab8a

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: Tink9h0xnYX.1DbNHfctv_Lm6NHqb.AS
Content-Encoding: gzip
Last-Modified: Tue, 04 Feb 2020 18:46:24 GMT
Server: AmazonS3
Age: 46
ETag: "e75bdd800c1e1087e9bf3cd83c55979d"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Date: Thu, 27 Feb 2020 01:27:32 GMT
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
Content-Length: 21969
X-Amz-Cf-Id: oRR-r9zwKXm6RxEusB5BiNcppJKjiDuvyYxGNuLJZzmkbaPuzk0wig==

OPTIONS
H2 204 key_live_efsCoDd3AXVMqitGeVKlzecmBvehYzYW Show response
api.branch.io/v1/url/bulk/ 0
425 B 171ms
154ms XHR
text/plain 2600:9000:20eb:3200:10:557c:b549:ac21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.branch.io/v1/url/bulk/key_live_efsCoDd3AXVMqitGeVKlzecmBvehYzYW

Requested by

Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:3200:10:557c:b549:ac21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty/1.13.6.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://drimsim.com
Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C1
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
status: 204
x-cache: Miss from cloudfront
access-control-allow-origin: *
x-amz-cf-id: hBD6Vs3Gih7C7TOJfHKLb9rOCZwT_qXwXqa4RM7sUQuW4FCVlzPgzA==
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa057323e3b34890f5a4abc19623d8d5624d223ff405e18bdeaaa9eef13d460a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xFCTIPGWKhf3bAD8OXosbA==
status: 200
date: Thu, 27 Feb 2020 01:28:16 GMT, Thu, 27 Feb 2020 01:28:16 GMT
expires: Thu, 27 Feb 2020 01:34:49 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1778
x-fb-debug: 8lypUwKyNhGh7WtBmUtSWhwe0bxGgS40u7bEsnWmjHP2MPjYQDrCY7k0SPSAAWiwY3MHb4Y4ha+TYpFvyW5QfQ==
x-fb-trip-id: 2000377899
x-fb-content-md5: 60aafed617e3118cecef4443adda380d
etag: "e17125447ee60371dc8dcc98ea45c301"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 txsp.js Show response
st.targetix.net/ 6 KB
3 KB 136ms
31ms Script
application/javascript 195.181.175.9
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://st.targetix.net/txsp.js
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.9 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: frankfurt-2.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 9f40a1104cd036c44d466c7f2c97c35d3e0d67c08904305d5966578e52cb3a6d

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: br
last-modified: Tue, 18 Feb 2020 06:32:53 GMT
server: CDN77-Turbo
access-control-allow-origin: *
x-edge-location: frankfurtDE
etag: W/"5e4b8515-19fb"
x-cache: HIT
content-type: application/javascript
status: 200
x-edge-ip: 195.181.175.2
x-age: 759316

GET
H/1.1 200
OK widget-button.css
widgets.mango-office.ru/css/ 1 KB
776 B 369ms
78ms Stylesheet
text/css 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.mango-office.ru/css/widget-button.css
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: 3f917f6756018a04413812bb96b18eea450a0206b8c62842a9fd01b1f4594d6c

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
ETag: W/"5e55854a-5cf"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 27 Feb 2020 02:28:16 GMT

GET
H/1.1 200
OK mango-callback.js Show response
widgets.mango-office.ru/widgets/ 27 KB
8 KB 372ms
81ms Script
application/javascript 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.mango-office.ru/widgets/mango-callback.js
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: 4c7258180c6b66554f903677ebe2acdd415a8be4986b6d44e73735e1a0429add

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
ETag: W/"5e55854a-6b93"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 27 Feb 2020 02:28:16 GMT

GET
H2 200 widget.js Show response
code.jivosite.com/ 18 KB
6 KB 41ms
12ms Script
application/javascript 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/widget.js
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: f36e9050c8f638e1f0396934811a0aec51948fae49f349ec134a6c82498d622c

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-id: nkf-up-gc15, cec-up-gc11
date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: br
x-cached-since: 2020-02-26T14:19:06+00:00, 2020-02-27T00:19:42+00:00
status: 200
x-shard: shieldShard0_80
content-length: 6217
via: 1.1 sharxy
last-modified: Thu, 20 Feb 2020 11:52:05 GMT
server: nginx
etag: "5e4e72e5-1849"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cache: HIT, HIT
accept-ranges: bytes
expires: Wed, 26 Feb 2020 16:19:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TW5HKCW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5765
date: Wed, 26 Feb 2020 23:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Thu, 27 Feb 2020 01:52:11 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 49ms
48ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TW5HKCW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 9478280665056484852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Feb 2020 01:28:16 GMT

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 363 KB
92 KB 179ms
88ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: away.vk.com
URL: https://away.vk.com/away.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

4dab9ed34f74ced7d78bdb6c934a4f3da29b22a481afe408e4a59786fab6dd96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
Content-Encoding: br
Last-Modified: Tue, 25 Feb 2020 15:24:46 GMT
Server: nginx/1.14.2
ETag: "5e553c3e-16ecc"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 93900
Expires: Thu, 27 Feb 2020 02:28:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: away.vk.com
URL: https://away.vk.com/away.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: 2F4COsv9QIPet6xypQhyapNk+dpM5jRH7ippXCcyAd+x20nfUkve+zNfvTOCooix7rg14qnujdqvCB+7z8dDrg==
x-fb-trip-id: 2000377899
date: Thu, 27 Feb 2020 01:28:16 GMT, Thu, 27 Feb 2020 01:28:16 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 99 KB
24 KB 103ms
102ms Script
application/x-javascript 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?162
Requested by: Host: away.vk.com
URL: https://away.vk.com/away.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv78-190-240-87.vk.com
Software: VK /
Resource Hash: 62ffd1b1016c839d22db6b0828c733ee208b39a1bbfc5c777fea155a2ac8f99d

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
x-frontend: front213211
last-modified: Wed, 26 Feb 2020 22:50:04 GMT
server: VK
etag: "5e56f61c-5d72"
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23922
expires: Mon, 02 Mar 2020 01:28:16 GMT

GET
H/1.1 200
OK code.js Show response
top-fwz1.mail.ru/js/ 16 KB
7 KB 275ms
127ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: away.vk.com
URL: https://away.vk.com/away.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

0921a7dc8054b08e4b5dd8e6ca764c72370ef59b7a7bb80be61efdc320d077a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Keep-Alive: timeout=60
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Mon, 10 Feb 2020 15:35:40 GMT
Server: nginx
ETag: W/"5e41784c-4083"
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-control: max-age=7200, private
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Access-Control-Allow-Headers: *

GET
H2 200 geo_json Show response
api.drimsim.com/ 135 B
368 B 120ms
52ms XHR
text/plain 23.83.126.132
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.drimsim.com/geo_json

Requested by

Host: static.drimsim.com
URL: https://static.drimsim.com/lib.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.83.126.132 , Netherlands, ASN7979 (SERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

663fca77d15e56981e4ef71a6280014658b9b8457636393a8dac049a15a0ba20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
server: nginx
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 389 KB
113 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=be9b2414fe36a4bee6f57f003e270cfb&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e520f51969f6e83152f4a3cece8a7c5f588563215bec83071fb0ecc85ccd5e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: D97EGDsDO959Aldk8Q6K3g==
status: 200
date: Thu, 27 Feb 2020 01:28:16 GMT, Thu, 27 Feb 2020 01:28:16 GMT
expires: Fri, 26 Feb 2021 01:14:49 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 115278
x-fb-debug: WNkF9BPdJTtf5QFd8mCEtcrMV1jIfaS2wvxh6ZYZ1Pm+HSdtjm9cPQJGAa0ZAcMa8WVgrL3yYwtLGSd8/5CDXg==
x-fb-trip-id: 1850256238
x-fb-content-md5: 0ae0a137576b2ebabebe15daee18f996
etag: "d8a4ef9f02d536fd6e16fed825debd18"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html
platform.twitter.com/widgets/ Frame ED01 0
0 38ms
37ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html?origin=https%3A%2F%2Fdrimsim.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html?origin=https%3A%2F%2Fdrimsim.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Response headers

status: 200
last-modified: Tue, 25 Feb 2020 00:11:30 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "9fa476ae827f556d5b037fe43632370d+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Thu, 27 Feb 2020 01:28:16 GMT
x-served-by: cache-bwi5146-BWI, cache-fra19165-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 78 KB
27 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MKPQC88&t=gtm2&cid=1483563315.1582766896

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2f48b748639195e971e7d3283b99a1049c2189677de8cb6b8a7bbe9135baa6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 27708
x-xss-protection: 0
expires: Thu, 27 Feb 2020 01:28:16 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1475319943&t=pageview&_s=1&dl=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_con...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76689230-1&cid=1483563315.1582766896&jid=1190438054&_gid=1282111748.1582766896&gjid=1351815810&_v=j81&z=709208563
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76689230-1&cid=1483563315.1582766896&jid=1190438054&_v=j81&z=709208563
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76689230-1&cid=1483563315.1582766896&jid=1190438054&_v=j81&z=709208563&slf_rd=1&random=1094810171

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76689230-1&cid=1483563315.1582766896&jid=1190438054&_v=j81&z=709208563&slf_rd=1&random=1094810171

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76689230-1&cid=1483563315.1582766896&jid=1190438054&_v=j81&z=709208563&slf_rd=1&random=1094810171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
pxl.adspire.io/ 0
255 B 306ms
71ms Script
application/javascript 176.99.6.223
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pxl.adspire.io/?sid=356&v=1&e=cookie&uid=AS.1206709923.1582766896&params=%7B%22params%22%3A%7B%22cookie%22%3A%22%7B%5C%22id%5C%22%3A8916%2C%5C%22mid%5C%22%3A14806%2C%5C%22aid%5C%22%3A%5C%22AS.1206709923.1582766896%5C%22%2C%5C%22cookie_time%5C%22%3A1582766896168%2C%5C%22priority%5C%22%3A0%2C%5C%22uid%5C%22%3A%5C%22489a02f930e891fa04d5c8d8ad66bd27%5C%22%2C%5C%22webid%5C%22%3A%5C%22122107%5C%22%7D%22%2C%22channel%22%3A%22atm_closer%22%7D%7D&s=1600.1200.1600.8853&referrer=https%3A%2F%2Faway.vk.com%2F&r=0.41416123741072086
Requested by: Host: track.adspire.io
URL: https://track.adspire.io/code/drimsim.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.6.223 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
Last-Modified: Mon, 13 Mar 2017 06:56:29 GMT
Server: nginx
ETag: "58c6429d-0"
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H2 200 l
use.typekit.net/af/5beeef/00000000000000003b9af203/27/ 25 KB
25 KB 197ms
48ms Font
application/font-woff2 104.111.215.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5beeef/00000000000000003b9af203/27/l?primer=60eec3361dbbcfb08e79072878aadb06f98c0e2b32ae4f69c2b2786e031d15d1&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wmx6wne.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9d7c29619101d043b7b5e2430a9c733d44eacde25babf52f5b08c6e81ae3c022

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
server: nginx
access-control-allow-origin: *
etag: "4db751546d4c22a61638a3a77099ee95047a6f99"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 25732

GET
H2 200 l
use.typekit.net/af/bd143b/00000000000000003b9af20a/27/ 26 KB
26 KB 222ms
73ms Font
application/font-woff2 104.111.215.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/bd143b/00000000000000003b9af20a/27/l?primer=60eec3361dbbcfb08e79072878aadb06f98c0e2b32ae4f69c2b2786e031d15d1&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/wmx6wne.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bcd8ce423c266439957feab29ae6a7a46b8b78a4a02c1917c58b26bb803564c2

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
server: nginx
access-control-allow-origin: *
etag: "9cb44dc163c6433077ba441f3d9351182ef1590e"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 26448

GET
H2 200 2127585123983100 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2127585123983100?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

180f530d09c47d6f80191cbce611158685010623b3ae4c010107f7448aa3866c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: qjGL+xk8DclgGm/ZLY/pmFS1oWk9Yzbfy6zagQhyw8nWyjDX3B/tixMcEpPA2M3Y8iDhL7UDpZYZ+7i+s/hmfA==
x-fb-trip-id: 2000377899
date: Thu, 27 Feb 2020 01:28:16 GMT, Thu, 27 Feb 2020 01:28:16 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jcPubia1ll Show response
code.jivosite.com/script/widget/config/ 4 KB
2 KB 38ms
12ms XHR
application/x-javascript 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/script/widget/config/jcPubia1ll
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: d7f49d74007e61b9db461b51ff53f381556ac18b10487e19f7014b119f086846

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id: nkf-up-gc12, cec-up-gc10
date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cached-since: 2020-02-26T18:29:55+00:00, 2020-02-26T19:35:55+00:00
status: 200
x-shard: shieldShard0_80
content-length: 1538
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 sharxy
cache-control: max-age=7200
cache: HIT, STALE
accept-ranges: bytes
expires: Wed, 26 Feb 2020 20:29:55 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/802826981/ 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/802826981/?random=1582766896184&cv=9&fst=1582766896184&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997&ref=https%3A%2F%2Faway.vk.com%2F&tiba=%D0%9C%D0%B5%D0%B6%D0%B4%D1%83%D0%BD%D0%B0%D1%80%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B8%D0%BC%D0%BA%D0%B0%D1%80%D1%82%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d19cbfdbb2a4afb6b0e0e7c82c944ae286c515bdc0b4c21bb4af97358cfbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1176
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK _r Show response
app.link/ 90 B
726 B 158ms
156ms Script
text/javascript 2600:9000:20eb:de00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.52.5&branch_key=key_live_efsCoDd3AXVMqitGeVKlzecmBvehYzYW&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:de00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

ed6de5bf0317e4ca9d7af022dd2f9f5144a54b520aeeea6c41ff6481f4ee4ba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
Via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Server: openresty/1.13.6.2
X-Amz-Cf-Pop: FRA2-C1
X-Powered-By: Express
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 90
ETag: W/"5a-YgLLnYFfn5vz9aUJCoO7NWZ6khw"
X-Amz-Cf-Id: _QqV4SxQb3-MiQhCB7APQK7_fn4jISjr5DD6YrIB2mOhnMMd1feGNg==

POST
H2 200 key_live_efsCoDd3AXVMqitGeVKlzecmBvehYzYW Show response
api.branch.io/v1/url/bulk/ 93 B
362 B 201ms
200ms XHR
application/json 2600:9000:20eb:3200:10:557c:b549:ac21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.branch.io/v1/url/bulk/key_live_efsCoDd3AXVMqitGeVKlzecmBvehYzYW
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3200:10:557c:b549:ac21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: f732cbeeb5a211ca8871ef1dae5c665b83feb83bb731a5e063a672ae7c6d6765

Request headers

Accept: */*
Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
content-length: 93
x-amz-cf-id: CIsvLSI-LUz7_OdTS2logRADH2eEFLw7aVy6Ombvfy8vq9qBBLpsNQ==

GET
H2 200 moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js Show response
platform.twitter.com/js/ 24 KB
8 KB 106ms
106ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 438b7b13a6b18c792b2baf25aae2d15cb5ced68a1cf645df0def255dffe299b0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 7876
x-served-by: cache-bwi5131-BWI, cache-fra19165-FRA
last-modified: Tue, 25 Feb 2020 00:11:22 GMT
etag: "11d31148aa60716fb9039c36580956f1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 timeline.f2565d449b4dd797677034caa0d66bf8.js Show response
platform.twitter.com/js/ 21 KB
7 KB 107ms
106ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.f2565d449b4dd797677034caa0d66bf8.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8543c3fa0028a8cefe4008eeb095bee891501b9b5ead7fdec85ccbaa31b70e45

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 6657
x-served-by: cache-bwi5136-BWI, cache-fra19165-FRA
last-modified: Tue, 25 Feb 2020 00:11:22 GMT
etag: "3ac68eedc6c1bce6319c2bc023cdc98d+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 204 Track2
dss.hybrid.ai/Pixel/ 0
314 B 301ms
81ms Image
text/plain 37.18.16.19
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dss.hybrid.ai/Pixel/Track2?pid=5b0d382a7bc72f392c461e35&evt=PageView&cost=&text=&ltm=false&cnt=&url=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997&rf=https%3A%2F%2Faway.vk.com%2F&lng=en-US&tz=-1&sw=1600&sh=1200&cs=&pcs=&vcs=&r=

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.19 Moscow, Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:16 GMT
server: Hybrid Web Server
access-control-allow-origin: *
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
status: 204
cache-control: no-cache, no-store
x-mode: 122
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 rtrg
vk.com/ 49 B
263 B 104ms
104ms Image
image/gif 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-393448-38VlN&metatag_url=https%3A%2F%2Fdrimsim.com

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv78-190-240-87.vk.com

Software

VK / PHP/3.23298

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
x-frontend: front213211
server: VK
x-powered-by: PHP/3.23298
strict-transport-security: max-age=15768000
content-type: image/gif
status: 200
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H/1.1 200
OK jcPubia1ll Show response
node125.jivosite.com/widget/status/1172270/ 59 B
342 B 164ms
31ms XHR
application/json 54.170.179.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://node125.jivosite.com/widget/status/1172270/jcPubia1ll?rnd=0.9549825466655784
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.179.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-179-250.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e2f9bc37b1981efb231afb1328ae1c8050cd73b680df38d74b8afb61ffc3b1a1

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
Server: nginx
X-BotMode: no
X-GeoIP: GB;H9;London
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-geoip, x-botmode
Connection: keep-alive
Content-Length: 59

GET
H2 200 /
www.google.com/pagead/1p-user-list/802826981/ 42 B
122 B 21ms
20ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/802826981/?random=1582766896184&cv=9&fst=1582765200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2j0&sendb=1&frm=0&url=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997&ref=https%3A%2F%2Faway.vk.com%2F&tiba=%D0%9C%D0%B5%D0%B6%D0%B4%D1%83%D0%BD%D0%B0%D1%80%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B8%D0%BC%D0%BA%D0%B0%D1%80%D1%82%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80&async=1&fmt=3&is_vtc=1&random=649783554&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/802826981/ 42 B
110 B 20ms
19ms Image
image/gif 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/802826981/?random=1582766896184&cv=9&fst=1582765200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2j0&sendb=1&frm=0&url=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997&ref=https%3A%2F%2Faway.vk.com%2F&tiba=%D0%9C%D0%B5%D0%B6%D0%B4%D1%83%D0%BD%D0%B0%D1%80%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B8%D0%BC%D0%BA%D0%B0%D1%80%D1%82%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80&async=1&fmt=3&is_vtc=1&random=649783554&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 63 KB
24 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TVVGWPZ&t=gtm3&cid=1483563315.1582766896

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4dda9b7992d6d9612cd46fad55e6597648471ae6ff31466c16479c8ee0f701e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24224
x-xss-protection: 0
last-modified: Thu, 27 Feb 2020 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Feb 2020 01:28:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2127585123983100&ev=PageView&dl=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997&rl=https%3A%2F%2Faway.vk.com%2F&if=false&ts=1582766896270&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582766896270.30460290&it=1582766896178&coo=false&rqm=GET

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT, Thu, 27 Feb 2020 01:28:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Thu, 27 Feb 2020 01:28:16 GMT

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/42879639/
Redirect Chain

https://mc.yandex.ru/watch/42879639?wmode=7&page-ref=https%3A%2F%2Faway.vk.com%2F&page-url=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26ut...
https://mc.yandex.ru/watch/42879639/1?wmode=7&page-ref=https%3A%2F%2Faway.vk.com%2F&page-url=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26...

0
-1 B

45ms
45ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/42879639/1?wmode=7&page-ref=https%3A%2F%2Faway.vk.com%2F&page-url=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997&charset=utf-8&browser-info=ti%3A10%3Ans%3A1582766895239%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200227022816%3Aet%3A1582766896%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A1053933938%3Ahid%3A747788150%3Ads%3A32%2C22%2C259%2C1%2C168%2C0%2C0%2C278%2C1%2C%2C%2C%2C931%3Afp%3A758%3Awn%3A54686%3Ahl%3A2%3Agdpr%3A14%3Av%3A1819%3Awv%3A2%3Ast%3A1582766896%3Au%3A1582766896827813411%3At%3A%D0%9C%D0%B5%D0%B6%D0%B4%D1%83%D0%BD%D0%B0%D1%80%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B8%D0%BC%D0%BA%D0%B0%D1%80%D1%82%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83%20%7C%20%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D0%B0%D1%8F%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9%20%7C%20%D0%92%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%BE%D1%82%D0%BE%D0%B2%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Feb 2020 01:28:16 GMT
Last-Modified: Thu, 27-Feb-2020 01:28:16 GMT
Server: nginx/1.14.2
Location: /watch/42879639/1?wmode=7&page-ref=https%3A%2F%2Faway.vk.com%2F&page-url=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997&charset=utf-8&browser-info=ti%3A10%3Ans%3A1582766895239%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200227022816%3Aet%3A1582766896%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A1053933938%3Ahid%3A747788150%3Ads%3A32%2C22%2C259%2C1%2C168%2C0%2C0%2C278%2C1%2C%2C%2C%2C931%3Afp%3A758%3Awn%3A54686%3Ahl%3A2%3Agdpr%3A14%3Av%3A1819%3Awv%3A2%3Ast%3A1582766896%3Au%3A1582766896827813411%3At%3A%D0%9C%D0%B5%D0%B6%D0%B4%D1%83%D0%BD%D0%B0%D1%80%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B8%D0%BC%D0%BA%D0%B0%D1%80%D1%82%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83%20%7C%20%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D0%B0%D1%8F%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9%20%7C%20%D0%92%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%BE%D1%82%D0%BE%D0%B2%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: https://drimsim.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 27-Feb-2020 01:28:16 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Feb 2020 01:28:16 GMT
Last-Modified: Thu, 27-Feb-2020 01:28:16 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://drimsim.com
Strict-Transport-Security: max-age=31536000
Location: /watch/42879639/1?wmode=7&page-ref=https%3A%2F%2Faway.vk.com%2F&page-url=https%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997&charset=utf-8&browser-info=ti%3A10%3Ans%3A1582766895239%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200227022816%3Aet%3A1582766896%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A1053933938%3Ahid%3A747788150%3Ads%3A32%2C22%2C259%2C1%2C168%2C0%2C0%2C278%2C1%2C%2C%2C%2C931%3Afp%3A758%3Awn%3A54686%3Ahl%3A2%3Agdpr%3A14%3Av%3A1819%3Awv%3A2%3Ast%3A1582766896%3Au%3A1582766896827813411%3At%3A%D0%9C%D0%B5%D0%B6%D0%B4%D1%83%D0%BD%D0%B0%D1%80%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B8%D0%BC%D0%BA%D0%B0%D1%80%D1%82%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83%20%7C%20%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D0%B0%D1%8F%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9%20%7C%20%D0%92%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%BE%D1%82%D0%BE%D0%B2%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 27-Feb-2020 01:28:16 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
425 B 83ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
Last-Modified: Fri, 17 Jan 2020 08:05:01 GMT
Server: nginx/1.14.2
ETag: "5e216aad-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 27 Feb 2020 02:28:16 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 154 KB
14 KB 253ms
232ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_drimsim_old&dnt=false&domain=drimsim.com&lang=en&screen_name=drimsim&suppress_response_codes=true&t=1758629&tz=GMT%2B0100&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

3aefb9c303713f9629c402d4a80012ca1b7e24ffbf7e28c76da270298796fdaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 13581
x-xss-protection: 0
x-response-time: 206
last-modified: Thu, 27 Feb 2020 01:28:16 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 7fb41fc2a4ef0f6cede0a5dd3c024a8f
timing-allow-origin: *
x-transaction: 0038f67e0045e598
expires: Thu, 27 Feb 2020 01:33:16 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
337 B 135ms
135ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1582766896369%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Thu, 27 Feb 2020 01:28:16 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3d503c4c2f83c80b1dac81c238856f4f
x-transaction: 00be16d900473610
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H/1.1 200
OK counter
top-fwz1.mail.ru/ 43 B
1 KB 73ms
73ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3038020;u=https%3A//drimsim.com/%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997;r=https%3A//away.vk.com/;st=1582766896029;pid=USER_ID;title=%D0%9C%D0%B5%D0%B6%D0%B4%D1%83%D0%BD%D0%B0%D1%80%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B8%D0%BC%D0%BA%D0%B0%D1%80%D1%82%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D0%B8%D0%B9%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83%20%7C%20%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D0%B0%D1%8F%20%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9%20%7C%20%D0%92%D1%8B%D0%B3%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F%20%D1%81%D0%BE%D1%82%D0%BE%D0%B2%D0%B0%D1%8F%20%D1%81%D0%B2%D1%8F%D0%B7%D1%8C%20%D0%B7%D0%B0%20%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=a8765a4dab48e871;ver=60.1.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1582766896374%3A1582766896385%3A1%3A0d58453ac6c635d7ee9b7bf126763bc8;opts=dl;_=0.7456979700878557

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Keep-Alive: timeout=60
Pragma: no-cache
AMP-Access-Control-Allow-Source-Origin: https://drimsim.com
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://drimsim.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://drimsim.com
Access-Control-Allow-Headers: *

POST
H2 200 open Show response
api2.branch.io/v1/ 269 B
555 B 190ms
190ms XHR
application/json 2600:9000:21f3:9000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/open
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:9000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: e5e57c289bfa0deaf9c7b8f8b412e1301476930380330d87e4caac35f5d4177d

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C2
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
content-length: 269
x-amz-cf-id: urkavGvBM_QqmRtOgBM9s5FRzeosSNz3E_u70DTFyvviiH76de96HQ==

GET
H/1.1 200
OK vanilla-masker.js Show response
widgets.mango-office.ru/js/ 4 KB
2 KB 79ms
78ms Script
application/javascript 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.mango-office.ru/js/vanilla-masker.js
Requested by: Host: widgets.mango-office.ru
URL: https://widgets.mango-office.ru/widgets/mango-callback.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: 1b00adba65cb57f963d960eece2a6f1112c165e392b07a2b877f2155817d5c42

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
ETag: W/"5e55854d-e23"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 27 Feb 2020 02:28:16 GMT

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/42879639/ 185 B
732 B 86ms
46ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

39892c13cea268d95b42f0439c4af095797788c0ef44b2cc973f8d7e3acd373a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 27 Feb 2020 01:28:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27-Feb-2020 01:28:16 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://drimsim.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 185
X-XSS-Protection: 1; mode=block
Expires: Thu, 27-Feb-2020 01:28:16 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
201 B 41ms
40ms Image
image/gif 104.111.215.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=wmx6wne&ht=tk&h=drimsim.com&f=32897.32904&a=2239514&js=1.19.2&app=typekit&e=js&_=1582766896419
Requested by: Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.74 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
last-modified: Fri, 18 Oct 2019 21:34:09 GMT
server: nginx
access-control-allow-origin: *
etag: "5daa2fd1-23"
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 35
expires: Wed, 30 Oct 2019 03:12:45 GMT

GET
H/1.1 200
OK jquery.storage.js Show response
widgets.mango-office.ru/js/ 986 B
855 B 79ms
78ms Script
application/javascript 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.mango-office.ru/js/jquery.storage.js
Requested by: Host: widgets.mango-office.ru
URL: https://widgets.mango-office.ru/widgets/mango-callback.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: 61f7ee55739a4f5a07d13139b10ff7107cc0f090911bcea55f189337066d0c5a

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
ETag: W/"5e558548-3da"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 27 Feb 2020 02:28:16 GMT

GET
H/1.1 200
OK MTAwMTE3MzM= Show response
widgets.mango-office.ru/widget/get-callback-widget/ 5 KB
2 KB 186ms
185ms Script
text/html 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.mango-office.ru/widget/get-callback-widget/MTAwMTE3MzM=?callback=jQuery341033660772059632293_1582766896009&timeOffset=-60&type=&serv=undefined&type=&id=MTAwMTE3MzM%3D&autoDial=0&lang=ru-ru&host=widgets.mango-office.ru%2F&errorMessage=%D0%92%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BC%D0%BE%D0%BC%D0%B5%D0%BD%D1%82%20%D0%BD%D0%B0%D0%B1%D0%BB%D1%8E%D0%B4%D0%B0%D1%8E%D1%82%D1%81%D1%8F%20%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BB%D0%B5%D0%BC%D1%8B%20%D0%B8%20%D1%81%D0%BE%D0%B2%D0%B5%D1%80%D1%88%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B7%D0%B2%D0%BE%D0%BD%D0%BA%D0%B0%20%D0%BD%D0%B5%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE&_=1582766896010
Requested by: Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 / PHP/7.1.29
Resource Hash: 4beb0b40ca02a919b441fff6bef3229c5f5ede3450c2f9073b16c17f9e1b1a4b

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
X-Powered-By: PHP/7.1.29
Vary: Accept-Encoding
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked

POST
H2 200 logout Show response
api2.branch.io/v1/ 139 B
495 B 184ms
184ms XHR
application/json 2600:9000:21f3:9000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/logout

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:21f3:9000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty/1.13.6.2 / Express

Resource Hash

fb2665afd7b75ed9ba12ae781847a4753086e9d29a0f921efbc83b45c62663da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 139
etag: W/"8b-aj7/BDracFg9MFE4P5+Wl6cxiHs"
x-amz-cf-id: 3Iu2LvbFzI1PoL0BIzfQMNXrL6VjXxgS-rlYV3K6N9Ex6al0n5_vuQ==

GET
H2 200 G_iTOrY_
pbs.twimg.com/card_img/1229680955461267457/ Frame 92DC 68 KB
69 KB 30ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1229680955461267457/G_iTOrY_?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D8) /

Resource Hash

3fc4d8ebc92b111dc2ef5fecaeae98f3c03a7e42690e37e7090676d6a44e8cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 143242
x-cache: HIT
status: 200
content-length: 70005
x-response-time: 158
surrogate-key: card_img card_img/bucket/1 card_img/1229680955461267457
last-modified: Tue, 18 Feb 2020 08:14:00 GMT
server: ECS (fcn/41D8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fedafeda9615194cc57394a58e39150d
accept-ranges: bytes

GET
H2 200 mlmaYcAl
pbs.twimg.com/card_img/1231165506100637698/ Frame 92DC 5 KB
5 KB 42ms
18ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231165506100637698/mlmaYcAl?format=jpg&name=144x144_2

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4198) /

Resource Hash

f921c66d366a779742607011e0fa9afc99ffe4e4db468718506cd122b811c372

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 399180
x-cache: HIT
status: 200
content-length: 5349
x-response-time: 160
surrogate-key: card_img card_img/bucket/4 card_img/1231165506100637698
last-modified: Sat, 22 Feb 2020 10:33:05 GMT
server: ECS (fcn/4198)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 119a0d2d89e3c1ec35de6f8fc3aa78a7
accept-ranges: bytes

GET
H2 200 nPUdjt4v
pbs.twimg.com/card_img/1230878622107537416/ Frame 92DC 35 KB
36 KB 43ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1230878622107537416/nPUdjt4v?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D7) /

Resource Hash

29ddb095eb498330aeb5a4be555a977c2d0b329bfeb55c73b3b8b3bca2aab344

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 467581
x-cache: HIT
status: 200
content-length: 36299
x-response-time: 182
surrogate-key: card_img card_img/bucket/5 card_img/1230878622107537416
last-modified: Fri, 21 Feb 2020 15:33:06 GMT
server: ECS (fcn/40D7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d7d88ea150a9972cd8200a5a1c09216f
accept-ranges: bytes

GET
H2 200 1f1f7-1f1fa.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 246 B
474 B 11ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1f7-1f1fa.png

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

ca8b79adfa2c335f9ffda48e79259a64d39e99afa0407e4a4f06ef46d6fb1e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 25750571
x-ton-expected-size: 246
x-cache: HIT
status: 200
content-length: 246
x-response-time: 24
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:27 GMT
server: ECS (fcn/40DE)
etag: "FWMYqZVaAmXVod1C5LY98Q=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: b3d744084387470902d26a69953a8889
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 1f91d.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 981 B
1 KB 12ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f91d.png

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B2) /

Resource Hash

523266a453f7ae1901cfca6aa27c4ce835603f030befef53fe9d369b6581d9a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 23786958
x-ton-expected-size: 981
x-cache: HIT
status: 200
content-length: 981
x-response-time: 42
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:34 GMT
server: ECS (fcn/40B2)
etag: "TRTCcbd23gOaCh/oBwyzDw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: fff21fbf057770d34157bc1d19c7eb96
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 1f1ef-1f1f5.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 335 B
465 B 12ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1ef-1f1f5.png

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

18055014f2eafc20d5a83b1af0a659b8ff8aa38e9c4aa2996750e9177588f145

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 26302330
x-ton-expected-size: 335
x-cache: HIT
status: 200
content-length: 335
x-response-time: 17
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:26 GMT
server: ECS (fcn/40DE)
etag: "i1up/RvmEhvPjzMdgrv7nw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 5df712fa6d741e5cc654a7055c4bc415
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 2708.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 991 B
1 KB 13ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2708.png

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E8) /

Resource Hash

b6c05e45a7b5b438d1b97115add2344a55d6da83c85ad2de6340f41ec8522a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 19469688
x-ton-expected-size: 991
x-cache: HIT
status: 200
content-length: 991
x-response-time: 26
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:43 GMT
server: ECS (fcn/40E8)
etag: "QJKyOyiF0DDE8/+RNV0LLA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 38322382e1e957b31c0304446a7a957d
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 yzMQnEAi
pbs.twimg.com/card_img/1231120292711366656/ Frame 92DC 16 KB
16 KB 39ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231120292711366656/yzMQnEAi?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D0) /

Resource Hash

dc584675e2aba71117e26441b57a17c0ea150bdbc8a83d7217a67a4a5837968b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 1708
x-cache: HIT
status: 200
content-length: 16003
x-response-time: 142
surrogate-key: card_img card_img/bucket/4 card_img/1231120292711366656
last-modified: Sat, 22 Feb 2020 07:33:25 GMT
server: ECS (fcn/40D0)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e4459856c00c90223f04883f38db2a05
accept-ranges: bytes

GET
H2 200 E2PvBCj8
pbs.twimg.com/card_img/1231932573170925568/ Frame 92DC 57 KB
57 KB 41ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231932573170925568/E2PvBCj8?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

e7fb64cbdbe1ecfe426dce65af188ef1316324ee4d0adb8c0d81be8cc8513719

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 215504
x-cache: HIT
status: 200
content-length: 58182
x-response-time: 185
surrogate-key: card_img card_img/bucket/9 card_img/1231932573170925568
last-modified: Mon, 24 Feb 2020 13:21:08 GMT
server: ECS (fcn/40DE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d44cca95dab747e0bb2687805fea795d
accept-ranges: bytes

GET
H2 200 27LlsPHI
pbs.twimg.com/card_img/1232342938316951552/ Frame 92DC 47 KB
47 KB 27ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232342938316951552/27LlsPHI?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419E) /

Resource Hash

35f024950d1d878bf655f22acac85ac1a291cc63a048b9911e2de02b2ce7b30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 118050
x-cache: HIT
status: 200
content-length: 48438
x-response-time: 158
surrogate-key: card_img card_img/bucket/2 card_img/1232342938316951552
last-modified: Tue, 25 Feb 2020 16:31:46 GMT
server: ECS (fcn/419E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c17dfdec3105a4c1d266812f52633d9f
accept-ranges: bytes

GET
H2 200 PPj-nviB
pbs.twimg.com/card_img/1229258372010201088/ Frame 92DC 69 KB
69 KB 19ms
18ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1229258372010201088/PPj-nviB?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D0) /

Resource Hash

5cac97db71dc596e853db0640cd4cc632f3af8a175d9371f075e167db271de2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 247805
x-cache: HIT
status: 200
content-length: 70844
x-response-time: 163
surrogate-key: card_img card_img/bucket/9 card_img/1229258372010201088
last-modified: Mon, 17 Feb 2020 04:14:49 GMT
server: ECS (fcn/40D0)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2215a04de8985a2e5f5c503ea7243685
accept-ranges: bytes

GET
H2 200 1f929.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 1 KB
1 KB 7ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f929.png

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FD) /

Resource Hash

494a5d33fa83756c26384a2e7a90142bde9d8d0b4f81c7f2721b9527cf5ce684

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 15487794
x-ton-expected-size: 1175
x-cache: HIT
status: 200
content-length: 1175
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:35 GMT
server: ECS (fcn/40FD)
etag: "Eh/kH/F8ACzIcpHrPfWp/w=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: abe2939f9db45eb1cb5d8289a880fb0d
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 6u-nO9Kt
pbs.twimg.com/card_img/1227776186589294592/ Frame 92DC 44 KB
44 KB 20ms
18ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1227776186589294592/6u-nO9Kt?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419C) /

Resource Hash

d65c080d68a3cdf3ec1b752fc6a7c7ae89b9f4f195c47bf29d07b8f2ad9fe53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 574657
x-cache: HIT
status: 200
content-length: 45065
x-response-time: 249
surrogate-key: card_img card_img/bucket/2 card_img/1227776186589294592
last-modified: Thu, 13 Feb 2020 02:05:08 GMT
server: ECS (fcn/419C)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9659718ef892f35d8049db8a0342968a
accept-ranges: bytes

GET
H2 200 1f32a.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 1 KB
1 KB 7ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f32a.png

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419A) /

Resource Hash

c49a778659da9be4289cf71b6e3caa58582a73822d94f14d652258cee721f2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 18051727
x-ton-expected-size: 1184
x-cache: HIT
status: 200
content-length: 1184
x-response-time: 27
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:29 GMT
server: ECS (fcn/419A)
etag: "pD1bfLmyTxDEX0rVX8cxeQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 75ad269f4dc0dc756b4cb787a8fcea79
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 OkQMgghL
pbs.twimg.com/card_img/1232303741174452224/ Frame 92DC 13 KB
14 KB 20ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232303741174452224/OkQMgghL?format=jpg&name=280x280

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419B) /

Resource Hash

a6f7fb351b331475d8f1b6e1243c4edb948e134cb6ca161aed78c218307a2fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 49309
x-cache: HIT
status: 200
content-length: 13748
x-response-time: 147
surrogate-key: card_img card_img/bucket/1 card_img/1232303741174452224
last-modified: Tue, 25 Feb 2020 13:56:01 GMT
server: ECS (fcn/419B)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3b758ca49c6e97abf66c3df3ca00a615
accept-ranges: bytes

GET
H2 200 1f441.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 847 B
991 B 8ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f441.png

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A6) /

Resource Hash

508b26951b2b843ea6bf5e49f9093a55a37580787e1a0624741cde4d1588b9ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 25846139
x-ton-expected-size: 847
x-cache: HIT
status: 200
content-length: 847
x-response-time: 23
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:34 GMT
server: ECS (fcn/41A6)
etag: "2mnGqjlzZHIbVrTtWLGSPg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 188222788bbd6c0466e5c75ccbb1ee11
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 1f36c.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 1 KB
1 KB 7ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f36c.png

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419D) /

Resource Hash

9cfc39ffe5295c4af8ea1e676baf92b4ad150942b123f2fd59eb24613620295b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 27093078
x-ton-expected-size: 1125
x-cache: HIT
status: 200
content-length: 1125
x-response-time: 17
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:30 GMT
server: ECS (fcn/419D)
etag: "B+Lavwpu56bF4RokLyYucg=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: abaf5060d716361dc64a014f80c9610e
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 tlHCUm3T
pbs.twimg.com/card_img/1232717064378421252/ Frame 92DC 56 KB
57 KB 20ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232717064378421252/tlHCUm3T?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

cd196b6f5303c4fabe3a44681d6095096eaa4a8e63c3d0c2b527b1256c32cdbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 29029
x-cache: HIT
status: 200
content-length: 57774
x-response-time: 152
surrogate-key: card_img card_img/bucket/7 card_img/1232717064378421252
last-modified: Wed, 26 Feb 2020 17:18:25 GMT
server: ECS (fcn/41A3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9807094a461d0131e6a073875904125a
accept-ranges: bytes

GET
H2 200 YjTfaRof
pbs.twimg.com/card_img/1228708251723878406/ Frame 92DC 51 KB
51 KB 20ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1228708251723878406/YjTfaRof?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FA) /

Resource Hash

b62321c7ca53990cce73450fcfb36ff2d54d04a4a0eea4bb8e8d9ded7beaac08

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 370406
x-cache: HIT
status: 200
content-length: 51830
x-response-time: 160
surrogate-key: card_img card_img/bucket/1 card_img/1228708251723878406
last-modified: Sat, 15 Feb 2020 15:48:50 GMT
server: ECS (fcn/40FA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4e7dd581e215efa32bb53dc4612c68f9
accept-ranges: bytes

GET
H2 200 2b50.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 494 B
632 B 7ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2b50.png

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A0) /

Resource Hash

427b7f8fbe46ce254c9950b28e5a370353c27d1f67d400c88c333a8f0ac3e599

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 22225929
x-ton-expected-size: 494
x-cache: HIT
status: 200
content-length: 494
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:44 GMT
server: ECS (fcn/41A0)
etag: "fbFwue852oCpgfIc9OMRBA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 5ce09a779b66a06e35478706b64f0be0
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 ybMoeoW6
pbs.twimg.com/card_img/1232333796927651841/ Frame 92DC 51 KB
51 KB 20ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232333796927651841/ybMoeoW6?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4186) /

Resource Hash

01833b92ee7e778e45b1e6689894e7ce1b8f71290348a1f8f078e4cb714745a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 113810
x-cache: HIT
status: 200
content-length: 51913
x-response-time: 144
surrogate-key: card_img card_img/bucket/2 card_img/1232333796927651841
last-modified: Tue, 25 Feb 2020 15:55:27 GMT
server: ECS (fcn/4186)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6e0e16d884e3cf6ec2b41b57a2b58a7e
accept-ranges: bytes

GET
H2 200 lTyccGGC
pbs.twimg.com/card_img/1230506148111015936/ Frame 92DC 5 KB
5 KB 20ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1230506148111015936/lTyccGGC?format=jpg&name=144x144_2

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

8e77b31961944da3ffd63cb5748e694bec4b559327b04a20e5a19e10ea127997

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 556126
x-cache: HIT
status: 200
content-length: 5273
x-response-time: 145
surrogate-key: card_img card_img/bucket/3 card_img/1230506148111015936
last-modified: Thu, 20 Feb 2020 14:53:02 GMT
server: ECS (fcn/419F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: edfdb2d82dc816beae8d872334e4f130
accept-ranges: bytes

GET
H2 200 1f415.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 1 KB
1 KB 7ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f415.png

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B0) /

Resource Hash

f769ae3473ca5563812c9ec379d38aa23549e7fa460080d4bba1790930217489

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 23722493
x-ton-expected-size: 1182
x-cache: HIT
status: 200
content-length: 1182
x-response-time: 26
surrogate-key: twitter-assets
last-modified: Fri, 18 Jan 2019 20:56:44 GMT
server: ECS (fcn/40B0)
etag: "Y18FrIUkBkEzaO7ns6BPrA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 85f87f9d1cc7e24f9f63af3510c52cb4
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 1f408.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 1 KB
1 KB 6ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f408.png

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419B) /

Resource Hash

8d404fb3a6ffd07b3eff705baf8658ffe58d9184c17f0b6bac24202b98706649

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 8899777
x-ton-expected-size: 1119
x-cache: HIT
status: 200
content-length: 1119
x-response-time: 25
surrogate-key: twitter-assets
last-modified: Fri, 18 Jan 2019 20:56:44 GMT
server: ECS (fcn/419B)
etag: "HHp/G5mRp0AiRLBnjFC8rw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9b8e89092634cb80ec73ccdf0f35c5d0
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 AhXv_S28
pbs.twimg.com/card_img/1230445878437126145/ Frame 92DC 29 KB
29 KB 24ms
24ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1230445878437126145/AhXv_S28?format=png&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4195) /

Resource Hash

b078f707bd2f8b3f3ccc2d0014ca7263b61c6ae0202a8cf7219aa00204cc4d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 570261
x-cache: HIT
status: 200
content-length: 29537
x-response-time: 154
surrogate-key: card_img card_img/bucket/5 card_img/1230445878437126145
last-modified: Thu, 20 Feb 2020 10:53:32 GMT
server: ECS (fcn/4195)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a5c837cd5211c2857ce2f5a045d84f56
accept-ranges: bytes

GET
H2 200 timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ Frame 92DC 52 KB
12 KB 40ms
38ms Stylesheet
text/css 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 12155
x-served-by: cache-bwi5125-BWI, cache-fra19165-FRA
last-modified: Tue, 25 Feb 2020 00:11:18 GMT
etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ 52 KB
52 KB 44ms
42ms Image
text/css 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 12155
x-served-by: cache-bwi5125-BWI, cache-fra19165-FRA
last-modified: Tue, 25 Feb 2020 00:11:18 GMT
etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 G_iTOrY_
pbs.twimg.com/card_img/1229680955461267457/ Frame 92DC 68 KB
69 KB 8ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1229680955461267457/G_iTOrY_?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4187) /

Resource Hash

3fc4d8ebc92b111dc2ef5fecaeae98f3c03a7e42690e37e7090676d6a44e8cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 143242
x-cache: HIT
status: 200
content-length: 70005
x-response-time: 158
surrogate-key: card_img card_img/bucket/1 card_img/1229680955461267457
last-modified: Tue, 18 Feb 2020 08:14:00 GMT
server: ECS (fcn/4187)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fedafeda9615194cc57394a58e39150d
accept-ranges: bytes

GET
H2 200 mlmaYcAl
pbs.twimg.com/card_img/1231165506100637698/ Frame 92DC 5 KB
5 KB 9ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231165506100637698/mlmaYcAl?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B6) /

Resource Hash

f921c66d366a779742607011e0fa9afc99ffe4e4db468718506cd122b811c372

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 399180
x-cache: HIT
status: 200
content-length: 5349
x-response-time: 160
surrogate-key: card_img card_img/bucket/4 card_img/1231165506100637698
last-modified: Sat, 22 Feb 2020 10:33:05 GMT
server: ECS (fcn/40B6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 119a0d2d89e3c1ec35de6f8fc3aa78a7
accept-ranges: bytes

GET
H2 200 nPUdjt4v
pbs.twimg.com/card_img/1230878622107537416/ Frame 92DC 35 KB
36 KB 14ms
10ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1230878622107537416/nPUdjt4v?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E6) /

Resource Hash

29ddb095eb498330aeb5a4be555a977c2d0b329bfeb55c73b3b8b3bca2aab344

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 467581
x-cache: HIT
status: 200
content-length: 36299
x-response-time: 182
surrogate-key: card_img card_img/bucket/5 card_img/1230878622107537416
last-modified: Fri, 21 Feb 2020 15:33:06 GMT
server: ECS (fcn/40E6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d7d88ea150a9972cd8200a5a1c09216f
accept-ranges: bytes

GET
H2 200 1f1f7-1f1fa.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 246 B
342 B 10ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1f7-1f1fa.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

ca8b79adfa2c335f9ffda48e79259a64d39e99afa0407e4a4f06ef46d6fb1e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 25750571
x-ton-expected-size: 246
x-cache: HIT
status: 200
content-length: 246
x-response-time: 24
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:27 GMT
server: ECS (fcn/40DE)
etag: "FWMYqZVaAmXVod1C5LY98Q=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: b3d744084387470902d26a69953a8889
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 1f91d.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 981 B
1 KB 11ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f91d.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B2) /

Resource Hash

523266a453f7ae1901cfca6aa27c4ce835603f030befef53fe9d369b6581d9a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 23786958
x-ton-expected-size: 981
x-cache: HIT
status: 200
content-length: 981
x-response-time: 42
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:34 GMT
server: ECS (fcn/40B2)
etag: "TRTCcbd23gOaCh/oBwyzDw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: fff21fbf057770d34157bc1d19c7eb96
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 1f1ef-1f1f5.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 335 B
408 B 11ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1ef-1f1f5.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

18055014f2eafc20d5a83b1af0a659b8ff8aa38e9c4aa2996750e9177588f145

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 26302330
x-ton-expected-size: 335
x-cache: HIT
status: 200
content-length: 335
x-response-time: 17
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:26 GMT
server: ECS (fcn/40DE)
etag: "i1up/RvmEhvPjzMdgrv7nw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 5df712fa6d741e5cc654a7055c4bc415
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 2708.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 991 B
1 KB 12ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2708.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E8) /

Resource Hash

b6c05e45a7b5b438d1b97115add2344a55d6da83c85ad2de6340f41ec8522a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 19469688
x-ton-expected-size: 991
x-cache: HIT
status: 200
content-length: 991
x-response-time: 26
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:43 GMT
server: ECS (fcn/40E8)
etag: "QJKyOyiF0DDE8/+RNV0LLA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 38322382e1e957b31c0304446a7a957d
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 yzMQnEAi
pbs.twimg.com/card_img/1231120292711366656/ Frame 92DC 16 KB
16 KB 25ms
22ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231120292711366656/yzMQnEAi?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

dc584675e2aba71117e26441b57a17c0ea150bdbc8a83d7217a67a4a5837968b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 1708
x-cache: HIT
status: 200
content-length: 16003
x-response-time: 142
surrogate-key: card_img card_img/bucket/4 card_img/1231120292711366656
last-modified: Sat, 22 Feb 2020 07:33:25 GMT
server: ECS (fcn/418C)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e4459856c00c90223f04883f38db2a05
accept-ranges: bytes

GET
H2 200 E2PvBCj8
pbs.twimg.com/card_img/1231932573170925568/ Frame 92DC 57 KB
57 KB 15ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231932573170925568/E2PvBCj8?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F9) /

Resource Hash

e7fb64cbdbe1ecfe426dce65af188ef1316324ee4d0adb8c0d81be8cc8513719

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 215504
x-cache: HIT
status: 200
content-length: 58182
x-response-time: 185
surrogate-key: card_img card_img/bucket/9 card_img/1231932573170925568
last-modified: Mon, 24 Feb 2020 13:21:08 GMT
server: ECS (fcn/40F9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d44cca95dab747e0bb2687805fea795d
accept-ranges: bytes

GET
H2 200 27LlsPHI
pbs.twimg.com/card_img/1232342938316951552/ Frame 92DC 47 KB
47 KB 13ms
10ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232342938316951552/27LlsPHI?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D6) /

Resource Hash

35f024950d1d878bf655f22acac85ac1a291cc63a048b9911e2de02b2ce7b30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 118050
x-cache: HIT
status: 200
content-length: 48438
x-response-time: 158
surrogate-key: card_img card_img/bucket/2 card_img/1232342938316951552
last-modified: Tue, 25 Feb 2020 16:31:46 GMT
server: ECS (fcn/40D6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c17dfdec3105a4c1d266812f52633d9f
accept-ranges: bytes

GET
H2 200 PPj-nviB
pbs.twimg.com/card_img/1229258372010201088/ Frame 92DC 69 KB
69 KB 18ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1229258372010201088/PPj-nviB?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4197) /

Resource Hash

5cac97db71dc596e853db0640cd4cc632f3af8a175d9371f075e167db271de2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 247805
x-cache: HIT
status: 200
content-length: 70844
x-response-time: 163
surrogate-key: card_img card_img/bucket/9 card_img/1229258372010201088
last-modified: Mon, 17 Feb 2020 04:14:49 GMT
server: ECS (fcn/4197)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2215a04de8985a2e5f5c503ea7243685
accept-ranges: bytes

GET
H2 200 1f929.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 1 KB
1 KB 11ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f929.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FD) /

Resource Hash

494a5d33fa83756c26384a2e7a90142bde9d8d0b4f81c7f2721b9527cf5ce684

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 15487794
x-ton-expected-size: 1175
x-cache: HIT
status: 200
content-length: 1175
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:35 GMT
server: ECS (fcn/40FD)
etag: "Eh/kH/F8ACzIcpHrPfWp/w=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: abe2939f9db45eb1cb5d8289a880fb0d
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 6u-nO9Kt
pbs.twimg.com/card_img/1227776186589294592/ Frame 92DC 44 KB
44 KB 16ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1227776186589294592/6u-nO9Kt?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4186) /

Resource Hash

d65c080d68a3cdf3ec1b752fc6a7c7ae89b9f4f195c47bf29d07b8f2ad9fe53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 574657
x-cache: HIT
status: 200
content-length: 45065
x-response-time: 249
surrogate-key: card_img card_img/bucket/2 card_img/1227776186589294592
last-modified: Thu, 13 Feb 2020 02:05:08 GMT
server: ECS (fcn/4186)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9659718ef892f35d8049db8a0342968a
accept-ranges: bytes

GET
H2 200 1f32a.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 1 KB
1 KB 11ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f32a.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419A) /

Resource Hash

c49a778659da9be4289cf71b6e3caa58582a73822d94f14d652258cee721f2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 18051727
x-ton-expected-size: 1184
x-cache: HIT
status: 200
content-length: 1184
x-response-time: 27
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:29 GMT
server: ECS (fcn/419A)
etag: "pD1bfLmyTxDEX0rVX8cxeQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 75ad269f4dc0dc756b4cb787a8fcea79
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 OkQMgghL
pbs.twimg.com/card_img/1232303741174452224/ Frame 92DC 13 KB
13 KB 15ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232303741174452224/OkQMgghL?format=jpg&name=280x280

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B1) /

Resource Hash

a6f7fb351b331475d8f1b6e1243c4edb948e134cb6ca161aed78c218307a2fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 49309
x-cache: HIT
status: 200
content-length: 13748
x-response-time: 147
surrogate-key: card_img card_img/bucket/1 card_img/1232303741174452224
last-modified: Tue, 25 Feb 2020 13:56:01 GMT
server: ECS (fcn/40B1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3b758ca49c6e97abf66c3df3ca00a615
accept-ranges: bytes

GET
H2 200 1f441.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 847 B
921 B 10ms
5ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f441.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A6) /

Resource Hash

508b26951b2b843ea6bf5e49f9093a55a37580787e1a0624741cde4d1588b9ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 25846139
x-ton-expected-size: 847
x-cache: HIT
status: 200
content-length: 847
x-response-time: 23
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:34 GMT
server: ECS (fcn/41A6)
etag: "2mnGqjlzZHIbVrTtWLGSPg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 188222788bbd6c0466e5c75ccbb1ee11
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 1f36c.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 1 KB
1 KB 10ms
5ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f36c.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419D) /

Resource Hash

9cfc39ffe5295c4af8ea1e676baf92b4ad150942b123f2fd59eb24613620295b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 27093078
x-ton-expected-size: 1125
x-cache: HIT
status: 200
content-length: 1125
x-response-time: 17
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:30 GMT
server: ECS (fcn/419D)
etag: "B+Lavwpu56bF4RokLyYucg=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: abaf5060d716361dc64a014f80c9610e
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 tlHCUm3T
pbs.twimg.com/card_img/1232717064378421252/ Frame 92DC 56 KB
57 KB 28ms
26ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232717064378421252/tlHCUm3T?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D8) /

Resource Hash

cd196b6f5303c4fabe3a44681d6095096eaa4a8e63c3d0c2b527b1256c32cdbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 29029
x-cache: MISS
status: 200
content-length: 57774
x-response-time: 152
surrogate-key: card_img card_img/bucket/7 card_img/1232717064378421252
last-modified: Wed, 26 Feb 2020 17:18:25 GMT
server: ECS (fcn/40D8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9807094a461d0131e6a073875904125a
accept-ranges: bytes

GET
H2 200 YjTfaRof
pbs.twimg.com/card_img/1228708251723878406/ Frame 92DC 51 KB
51 KB 15ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1228708251723878406/YjTfaRof?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

b62321c7ca53990cce73450fcfb36ff2d54d04a4a0eea4bb8e8d9ded7beaac08

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 370406
x-cache: HIT
status: 200
content-length: 51830
x-response-time: 160
surrogate-key: card_img card_img/bucket/1 card_img/1228708251723878406
last-modified: Sat, 15 Feb 2020 15:48:50 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4e7dd581e215efa32bb53dc4612c68f9
accept-ranges: bytes

GET
H2 200 2b50.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 494 B
566 B 10ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2b50.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A0) /

Resource Hash

427b7f8fbe46ce254c9950b28e5a370353c27d1f67d400c88c333a8f0ac3e599

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 22225929
x-ton-expected-size: 494
x-cache: HIT
status: 200
content-length: 494
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:44 GMT
server: ECS (fcn/41A0)
etag: "fbFwue852oCpgfIc9OMRBA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 5ce09a779b66a06e35478706b64f0be0
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 ybMoeoW6
pbs.twimg.com/card_img/1232333796927651841/ Frame 92DC 51 KB
51 KB 17ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232333796927651841/ybMoeoW6?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E7) /

Resource Hash

01833b92ee7e778e45b1e6689894e7ce1b8f71290348a1f8f078e4cb714745a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 113810
x-cache: HIT
status: 200
content-length: 51913
x-response-time: 144
surrogate-key: card_img card_img/bucket/2 card_img/1232333796927651841
last-modified: Tue, 25 Feb 2020 15:55:27 GMT
server: ECS (fcn/40E7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6e0e16d884e3cf6ec2b41b57a2b58a7e
accept-ranges: bytes

GET
H2 200 lTyccGGC
pbs.twimg.com/card_img/1230506148111015936/ Frame 92DC 5 KB
5 KB 21ms
19ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1230506148111015936/lTyccGGC?format=jpg&name=144x144_2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D6) /

Resource Hash

8e77b31961944da3ffd63cb5748e694bec4b559327b04a20e5a19e10ea127997

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 556126
x-cache: HIT
status: 200
content-length: 5273
x-response-time: 145
surrogate-key: card_img card_img/bucket/3 card_img/1230506148111015936
last-modified: Thu, 20 Feb 2020 14:53:02 GMT
server: ECS (fcn/40D6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: edfdb2d82dc816beae8d872334e4f130
accept-ranges: bytes

GET
H2 200 1f415.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 1 KB
1 KB 10ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f415.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B0) /

Resource Hash

f769ae3473ca5563812c9ec379d38aa23549e7fa460080d4bba1790930217489

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 23722493
x-ton-expected-size: 1182
x-cache: HIT
status: 200
content-length: 1182
x-response-time: 26
surrogate-key: twitter-assets
last-modified: Fri, 18 Jan 2019 20:56:44 GMT
server: ECS (fcn/40B0)
etag: "Y18FrIUkBkEzaO7ns6BPrA=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 85f87f9d1cc7e24f9f63af3510c52cb4
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 1f408.png
abs.twimg.com/emoji/v2/72x72/ Frame 92DC 1 KB
1 KB 11ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f408.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419B) /

Resource Hash

8d404fb3a6ffd07b3eff705baf8658ffe58d9184c17f0b6bac24202b98706649

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 8899777
x-ton-expected-size: 1119
x-cache: HIT
status: 200
content-length: 1119
x-response-time: 25
surrogate-key: twitter-assets
last-modified: Fri, 18 Jan 2019 20:56:44 GMT
server: ECS (fcn/419B)
etag: "HHp/G5mRp0AiRLBnjFC8rw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 9b8e89092634cb80ec73ccdf0f35c5d0
accept-ranges: bytes
expires: Fri, 26 Feb 2021 01:28:16 GMT

GET
H2 200 AhXv_S28
pbs.twimg.com/card_img/1230445878437126145/ Frame 92DC 29 KB
29 KB 17ms
15ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1230445878437126145/AhXv_S28?format=png&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

b078f707bd2f8b3f3ccc2d0014ca7263b61c6ae0202a8cf7219aa00204cc4d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 570261
x-cache: HIT
status: 200
content-length: 29537
x-response-time: 154
surrogate-key: card_img card_img/bucket/5 card_img/1230445878437126145
last-modified: Thu, 20 Feb 2020 10:53:32 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a5c837cd5211c2857ce2f5a045d84f56
accept-ranges: bytes

GET
H2 200 eOPCPx--_normal.jpg
pbs.twimg.com/profile_images/836628413288968193/ Frame 92DC 2 KB
2 KB 15ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/836628413288968193/eOPCPx--_normal.jpg

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D7) /

Resource Hash

b2c2ca6a3440153eea7ebc5688f9fba6149fd5ba7f3ab12c9672da8ebd8cd806

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 196796
x-cache: HIT
status: 200
content-length: 1883
x-response-time: 123
surrogate-key: profile_images profile_images/bucket/9 profile_images/836628413288968193
last-modified: Tue, 28 Feb 2017 17:23:32 GMT
server: ECS (fcn/40D7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5f71669362eafd798582018e5198fc9f
accept-ranges: bytes

GET
H2 200 HMfypa9Y_normal.jpg
pbs.twimg.com/profile_images/1193828817091145730/ Frame 92DC 2 KB
2 KB 15ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1193828817091145730/HMfypa9Y_normal.jpg

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B4) /

Resource Hash

5546efb7b729fcb37ccaf67ead9b3c839945dea35646991769d3dcd444a6dc8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 186151
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 117
surrogate-key: profile_images profile_images/bucket/4 profile_images/1193828817091145730
last-modified: Mon, 11 Nov 2019 09:50:24 GMT
server: ECS (fcn/40B4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cbc0915290da83761bf2765887a8f351
accept-ranges: bytes

GET
H2 200 ERTWcqaX0Agbyjh
pbs.twimg.com/media/ Frame 92DC 34 KB
35 KB 16ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ERTWcqaX0Agbyjh?format=jpg&name=small

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AF) /

Resource Hash

63475bef916ddcb86abcb4d4ccd64d171fc8a62c4bf07a2a9cb876954fffabed

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 475748
x-cache: HIT
status: 200
content-length: 35304
x-response-time: 114
surrogate-key: media media/bucket/9 media/1230844386088570888
last-modified: Fri, 21 Feb 2020 13:17:04 GMT
server: ECS (fcn/41AF)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 042c2625e650a590f9792881bdad95a9
accept-ranges: bytes

GET
H2 200 ERNnU1YWsAAYOCK
pbs.twimg.com/media/ Frame 92DC 39 KB
39 KB 16ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/ERNnU1YWsAAYOCK?format=jpg&name=small

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D0) /

Resource Hash

609a54d355e7ab71d08a2ba7a8386a12079f0a149fe13891cc0560cd096be280

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 571979
x-cache: HIT
status: 200
content-length: 39702
x-response-time: 123
surrogate-key: media media/bucket/8 media/1230440730826551296
last-modified: Thu, 20 Feb 2020 10:33:05 GMT
server: ECS (fcn/40D0)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3228e6e30881dc8f012ad1e88a8780f4
accept-ranges: bytes

GET
H2 200 EQzqhF2WsAIks1O
pbs.twimg.com/media/ Frame 92DC 70 KB
70 KB 17ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQzqhF2WsAIks1O?format=jpg&name=small

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

439603e1cf2530f43aa3f6818e634491367e3f7e1849c1ef9a1968c185b7ef00

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 402523
x-cache: HIT
status: 200
content-length: 71342
x-response-time: 127
surrogate-key: media media/bucket/1 media/1228614652592041986
last-modified: Sat, 15 Feb 2020 09:36:54 GMT
server: ECS (fcn/4188)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 12447e7356bcdbb543acb2d336db2399
accept-ranges: bytes

GET
H2 200 EQVswaQW4AA-H5t
pbs.twimg.com/media/ Frame 92DC 77 KB
77 KB 16ms
15ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQVswaQW4AA-H5t?format=jpg&name=small

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4195) /

Resource Hash

641cef5164f4c02d21d144f1d8f2dce9d581ce50150f8c171ff89c1061512993

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 300277
x-cache: HIT
status: 200
content-length: 79004
x-response-time: 112
surrogate-key: media media/bucket/0 media/1226506052465778688
last-modified: Sun, 09 Feb 2020 13:58:04 GMT
server: ECS (fcn/4195)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 61f28043fcec83147588a2e26017bc85
accept-ranges: bytes

GET
H2 200 EQLL2ahXUAA-Fiz
pbs.twimg.com/media/ Frame 92DC 91 KB
91 KB 17ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQLL2ahXUAA-Fiz?format=jpg&name=small

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

e84580026198a0d12358800b457c2ebec2ad4fbc6b1b8518d781e6784a014943

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 476731
x-cache: HIT
status: 200
content-length: 93279
x-response-time: 113
surrogate-key: media media/bucket/3 media/1225766184290832384
last-modified: Fri, 07 Feb 2020 12:58:06 GMT
server: ECS (fcn/40DE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7c49da2c2e76a7f54104da23fa8b9e83
accept-ranges: bytes

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
357 B 181ms
175ms XHR
application/json 2600:9000:21f3:9000:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.branch.io/v1/pageview
Requested by: Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:9000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.13.6.2 / Express
Resource Hash: c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
server: openresty/1.13.6.2
x-amz-cf-pop: FRA2-C2
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
status: 200
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 29
x-amz-cf-id: fNTU0mjtIcUeMC82Ezsd7Kmms00M6NefcTTb8B24aje917f27GvFRg==

POST
H2 200 /
www.facebook.com/tr/ 0
45 B 8ms
5ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarySeYvgVAfAbdwAR2D

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://drimsim.com
date: Thu, 27 Feb 2020 01:28:16 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-24=":443"; ma=3600
content-length: 0

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 92DC 44 KB
7 KB 12ms
6ms Stylesheet
text/css 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422294
x-ton-expected-size: 45170
x-cache: HIT
status: 200
strict-transport-security: max-age=631138519
content-length: 6839
x-response-time: 9
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 91e140f50fe01158f53386c82894c9ab
accept-ranges: bytes
expires: Thu, 05 Mar 2020 01:28:16 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 13ms
7ms Image
text/css 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422294
x-ton-expected-size: 45170
x-cache: HIT
status: 200
strict-transport-security: max-age=631138519
content-length: 6839
x-response-time: 9
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 91e140f50fe01158f53386c82894c9ab
accept-ranges: bytes
expires: Thu, 05 Mar 2020 01:28:16 GMT

GET
DATA 200
OK truncated
/ Frame 92DC 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 92DC 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 92DC 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 92DC 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 92DC 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK widget.css
widgets.mango-office.ru/css/ 745 KB
48 KB 89ms
89ms Stylesheet
text/css 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.mango-office.ru/css/widget.css
Requested by: Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: f22e8d2e55bd4a53bdba4ebd9a32776fce42eaa158007f45d152b91cda5ec8da

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
ETag: W/"5e55854a-ba4b1"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 27 Feb 2020 02:28:16 GMT

GET
H/1.1 200
OK flags.css
widgets.mango-office.ru/css/ 63 KB
4 KB 87ms
86ms Stylesheet
text/css 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.mango-office.ru/css/flags.css
Requested by: Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: a9cf25c788651bd796f5302d39bc6408d0e0874738ac00c4bf486a07075aade9

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 27 Feb 2020 01:28:16 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
ETag: W/"5e55854b-fcc0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 27 Feb 2020 02:28:16 GMT

GET
H2 200 G_iTOrY_
pbs.twimg.com/card_img/1229680955461267457/ Frame 92DC 68 KB
69 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1229680955461267457/G_iTOrY_?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4187) /

Resource Hash

3fc4d8ebc92b111dc2ef5fecaeae98f3c03a7e42690e37e7090676d6a44e8cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 143242
x-cache: HIT
status: 200
content-length: 70005
x-response-time: 158
surrogate-key: card_img card_img/bucket/1 card_img/1229680955461267457
last-modified: Tue, 18 Feb 2020 08:14:00 GMT
server: ECS (fcn/4187)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fedafeda9615194cc57394a58e39150d
accept-ranges: bytes

GET
H2 200 mlmaYcAl
pbs.twimg.com/card_img/1231165506100637698/ Frame 92DC 5 KB
5 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231165506100637698/mlmaYcAl?format=jpg&name=144x144_2

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B6) /

Resource Hash

f921c66d366a779742607011e0fa9afc99ffe4e4db468718506cd122b811c372

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 399180
x-cache: HIT
status: 200
content-length: 5349
x-response-time: 160
surrogate-key: card_img card_img/bucket/4 card_img/1231165506100637698
last-modified: Sat, 22 Feb 2020 10:33:05 GMT
server: ECS (fcn/40B6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 119a0d2d89e3c1ec35de6f8fc3aa78a7
accept-ranges: bytes

GET
H2 200 nPUdjt4v
pbs.twimg.com/card_img/1230878622107537416/ Frame 92DC 35 KB
36 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1230878622107537416/nPUdjt4v?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E6) /

Resource Hash

29ddb095eb498330aeb5a4be555a977c2d0b329bfeb55c73b3b8b3bca2aab344

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 467581
x-cache: HIT
status: 200
content-length: 36299
x-response-time: 182
surrogate-key: card_img card_img/bucket/5 card_img/1230878622107537416
last-modified: Fri, 21 Feb 2020 15:33:06 GMT
server: ECS (fcn/40E6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d7d88ea150a9972cd8200a5a1c09216f
accept-ranges: bytes

GET
H2 200 yzMQnEAi
pbs.twimg.com/card_img/1231120292711366656/ Frame 92DC 16 KB
16 KB 23ms
23ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231120292711366656/yzMQnEAi?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

dc584675e2aba71117e26441b57a17c0ea150bdbc8a83d7217a67a4a5837968b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 1708
x-cache: MISS
status: 200
content-length: 16003
x-response-time: 142
surrogate-key: card_img card_img/bucket/4 card_img/1231120292711366656
last-modified: Sat, 22 Feb 2020 07:33:25 GMT
server: ECS (fcn/418C)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e4459856c00c90223f04883f38db2a05
accept-ranges: bytes

GET
H2 200 E2PvBCj8
pbs.twimg.com/card_img/1231932573170925568/ Frame 92DC 57 KB
57 KB 8ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1231932573170925568/E2PvBCj8?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40F9) /

Resource Hash

e7fb64cbdbe1ecfe426dce65af188ef1316324ee4d0adb8c0d81be8cc8513719

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 215504
x-cache: HIT
status: 200
content-length: 58182
x-response-time: 185
surrogate-key: card_img card_img/bucket/9 card_img/1231932573170925568
last-modified: Mon, 24 Feb 2020 13:21:08 GMT
server: ECS (fcn/40F9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d44cca95dab747e0bb2687805fea795d
accept-ranges: bytes

GET
H2 200 27LlsPHI
pbs.twimg.com/card_img/1232342938316951552/ Frame 92DC 47 KB
47 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232342938316951552/27LlsPHI?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D6) /

Resource Hash

35f024950d1d878bf655f22acac85ac1a291cc63a048b9911e2de02b2ce7b30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:16 GMT
x-content-type-options: nosniff
age: 118050
x-cache: HIT
status: 200
content-length: 48438
x-response-time: 158
surrogate-key: card_img card_img/bucket/2 card_img/1232342938316951552
last-modified: Tue, 25 Feb 2020 16:31:46 GMT
server: ECS (fcn/40D6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c17dfdec3105a4c1d266812f52633d9f
accept-ranges: bytes

GET
H2 200 PPj-nviB
pbs.twimg.com/card_img/1229258372010201088/ Frame 92DC 69 KB
69 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1229258372010201088/PPj-nviB?format=jpg&name=600x314

Requested by

Host: drimsim.com
URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4197) /

Resource Hash

5cac97db71dc596e853db0640cd4cc632f3af8a175d9371f075e167db271de2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:17 GMT
x-content-type-options: nosniff
age: 247806
x-cache: HIT
status: 200
content-length: 70844
x-response-time: 163
surrogate-key: card_img card_img/bucket/9 card_img/1229258372010201088
last-modified: Mon, 17 Feb 2020 04:14:49 GMT
server: ECS (fcn/4197)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2215a04de8985a2e5f5c503ea7243685
accept-ranges: bytes

GET
H2 200 page.php
www.facebook.com/v2.8/plugins/ Frame A99A 0
0 74ms
74ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df13d7c6ea61c3f4%26domain%3Ddrimsim.com%26origin%3Dhttps%253A%252F%252Fdrimsim.com%252Ff3b53afd511f81c%26relation%3Dparent.parent&container_width=366&height=400&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fdrimsim%2F&locale=ru_RU&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=400

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=be9b2414fe36a4bee6f57f003e270cfb&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.8/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df13d7c6ea61c3f4%26domain%3Ddrimsim.com%26origin%3Dhttps%253A%252F%252Fdrimsim.com%252Ff3b53afd511f81c%26relation%3Dparent.parent&container_width=366&height=400&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fdrimsim%2F&locale=ru_RU&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=400
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0Rum9rwoFs83iHCKq..BeVxsw...1.0.BeVxsw.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v2.12
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: UsmKQW+l68HIbudglbT5HqmyGLZce+E7pM4aTjcVBPLnx4rVQP36Mew6cXOHYPBxak85RymzKcDc1Xm5CEaMKA==
date: Thu, 27 Feb 2020 01:28:17 GMT Thu, 27 Feb 2020 01:28:17 GMT
alt-svc: h3-24=":443"; ma=3600

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
1 KB 70ms
70ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3038020;u=https%3A//drimsim.com/%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997;r=https%3A//away.vk.com/;st=1582766896029;pid=USER_ID;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=a8765a4dab48e871;ver=60.1.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1582766895239/////168/169/201/201/223/206/223/482/483/512/790/931/932/1786/1786/;ni=10//4g/0/0/;lvid=1582766896374%3A1582766897037%3A2%3A0d58453ac6c635d7ee9b7bf126763bc8;opts=dl;_=0.8077187306633997;e=RT/load;et=1582766897036

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Origin: https://drimsim.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 27 Feb 2020 01:28:17 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Keep-Alive: timeout=60
Pragma: no-cache
AMP-Access-Control-Allow-Source-Origin: https://drimsim.com
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://drimsim.com
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://drimsim.com
Access-Control-Allow-Headers: *

GET
H2 200 bundle_ru_RU.js Show response
code.jivosite.com/js/ 1 MB
247 KB 13ms
12ms Script
application/javascript 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/js/bundle_ru_RU.js?rand=1582213636
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: dfd43cee75de925d9cd2b5ba332c58d4d47a49658a59cec87eba607f8010d969

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-id: nkf-up-gc15, cec-up-gc11
date: Thu, 27 Feb 2020 01:28:17 GMT
content-encoding: br
x-cached-since: 2020-02-26T14:19:06+00:00, 2020-02-26T14:19:10+00:00
status: 200
x-shard: shieldShard0_80
content-length: 252516
via: 1.1 sharxy
last-modified: Thu, 20 Feb 2020 11:53:58 GMT
server: nginx
etag: "5e4e7356-3da64"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes

GET
H2 200 6u-nO9Kt
pbs.twimg.com/card_img/1227776186589294592/ Frame 92DC 44 KB
44 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1227776186589294592/6u-nO9Kt?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4186) /

Resource Hash

d65c080d68a3cdf3ec1b752fc6a7c7ae89b9f4f195c47bf29d07b8f2ad9fe53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:17 GMT
x-content-type-options: nosniff
age: 574658
x-cache: HIT
status: 200
content-length: 45065
x-response-time: 249
surrogate-key: card_img card_img/bucket/2 card_img/1227776186589294592
last-modified: Thu, 13 Feb 2020 02:05:08 GMT
server: ECS (fcn/4186)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9659718ef892f35d8049db8a0342968a
accept-ranges: bytes

GET
H/1.1 200
OK select-arrow.svg
widgets.mango-office.ru/images/ 436 B
716 B 79ms
78ms Image
image/svg+xml 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.mango-office.ru/images/select-arrow.svg
Requested by: Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: c560a5446d9382911aa9403ae3169f658e97560b7aa31136cc27108b7353aefa

Request headers

Referer: https://widgets.mango-office.ru/css/widget.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 01:28:17 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
ETag: W/"5e55854f-1b4"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 27 Feb 2020 02:28:17 GMT

GET
H/1.1 200
OK flags.png
widgets.mango-office.ru/images/ 33 KB
33 KB 136ms
136ms Image
image/png 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.mango-office.ru/images/flags.png
Requested by: Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: 3d8d96fb258ef7f1daffc7a313feea77c7350fc6528720cde2fd94eb00db13e4

Request headers

Referer: https://widgets.mango-office.ru/css/flags.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 01:28:17 GMT
Server: nginx/1.10.1
ETag: "5e55854f-820a"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33290
Expires: Thu, 27 Feb 2020 02:28:17 GMT

GET
H/1.1 200
OK RobotoLight.woff
widgets.mango-office.ru/fonts/ 26 KB
26 KB 357ms
130ms Font
application/font-woff 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.mango-office.ru/fonts/RobotoLight.woff
Requested by: Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: d77f6b319c3c225b5436a023bc5ed1317a39800f1ba158bd5e8db47ea6affa21

Request headers

Referer: https://widgets.mango-office.ru/css/widget-button.css
Origin: https://drimsim.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Feb 2020 01:28:17 GMT
Server: nginx/1.10.1
ETag: "5e55854a-685c"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26716
Expires: Thu, 27 Feb 2020 02:28:17 GMT

GET
H/1.1 200
OK phone.svg
widgets.mango-office.ru/images/ 667 B
836 B 223ms
79ms Image
image/svg+xml 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.mango-office.ru/images/phone.svg
Requested by: Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: 9fca979321f3e93c0dbe1aae65d4d395d1241680d29e02f57f6adbf88f049b6b

Request headers

Referer: https://widgets.mango-office.ru/css/widget.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 01:28:17 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
ETag: W/"5e55854f-29b"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 27 Feb 2020 02:28:17 GMT

GET
H/1.1 200
OK close.svg
widgets.mango-office.ru/images/ 618 B
809 B 225ms
75ms Image
image/svg+xml 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.mango-office.ru/images/close.svg
Requested by: Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: f1f4e707ff1bc54a12082bca5d02ba0e69b50cdd5041e35bcff6c8bc9983f03c

Request headers

Referer: https://widgets.mango-office.ru/css/widget.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 01:28:17 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
ETag: W/"5e55854e-26a"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 27 Feb 2020 02:28:17 GMT

GET
H/1.1 200
OK RobotoRegular.woff
widgets.mango-office.ru/fonts/ 27 KB
28 KB 354ms
128ms Font
application/font-woff 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.mango-office.ru/fonts/RobotoRegular.woff
Requested by: Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: 95591bfa02f99f45e06dbec1462a59813c62bea4f5c5824a05ca7035f5eae78c

Request headers

Referer: https://widgets.mango-office.ru/css/widget-button.css
Origin: https://drimsim.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Feb 2020 01:28:17 GMT
Server: nginx/1.10.1
ETag: "5e55854d-6d10"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27920
Expires: Thu, 27 Feb 2020 02:28:17 GMT

GET
H/1.1 200
OK close-btn.svg
widgets.mango-office.ru/images/multichannel/ 1 KB
985 B 81ms
75ms Image
image/svg+xml 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.mango-office.ru/images/multichannel/close-btn.svg
Requested by: Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: 273fe6bd2d9412d58239e48b43722ca48c398bf6443a8afbc88a18f23e88daa6

Request headers

Referer: https://widgets.mango-office.ru/css/widget.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 01:28:17 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
ETag: W/"5e558550-41f"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 27 Feb 2020 02:28:17 GMT

GET
H/1.1 200
OK button-phone.svg
widgets.mango-office.ru/images/ 1 KB
1 KB 149ms
78ms Image
image/svg+xml 81.88.82.225
BWTELE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.mango-office.ru/images/button-phone.svg
Requested by: Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.88.82.225 Moscow, Russian Federation, ASN39684 (BWTELE-AS, RU),
Reverse DNS: ics-prod-front.ru.mgo.su
Software: nginx/1.10.1 /
Resource Hash: 6e74ce0d8618f92f709ddbcb800ba448b989250e5918d8dc3c0353f282a356dc

Request headers

Referer: https://widgets.mango-office.ru/css/widget.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 01:28:17 GMT
Content-Encoding: gzip
Server: nginx/1.10.1
ETag: W/"5e55854c-4e6"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 27 Feb 2020 02:28:17 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 tlHCUm3T
pbs.twimg.com/card_img/1232717064378421252/ Frame 92DC 56 KB
56 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232717064378421252/tlHCUm3T?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D8) /

Resource Hash

cd196b6f5303c4fabe3a44681d6095096eaa4a8e63c3d0c2b527b1256c32cdbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:17 GMT
x-content-type-options: nosniff
age: 29030
x-cache: HIT
status: 200
content-length: 57774
x-response-time: 152
surrogate-key: card_img card_img/bucket/7 card_img/1232717064378421252
last-modified: Wed, 26 Feb 2020 17:18:25 GMT
server: ECS (fcn/40D8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9807094a461d0131e6a073875904125a
accept-ranges: bytes

GET
H2 200 YjTfaRof
pbs.twimg.com/card_img/1228708251723878406/ Frame 92DC 51 KB
51 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1228708251723878406/YjTfaRof?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

b62321c7ca53990cce73450fcfb36ff2d54d04a4a0eea4bb8e8d9ded7beaac08

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:17 GMT
x-content-type-options: nosniff
age: 370407
x-cache: HIT
status: 200
content-length: 51830
x-response-time: 160
surrogate-key: card_img card_img/bucket/1 card_img/1228708251723878406
last-modified: Sat, 15 Feb 2020 15:48:50 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4e7dd581e215efa32bb53dc4612c68f9
accept-ranges: bytes

GET
H2 200 ybMoeoW6
pbs.twimg.com/card_img/1232333796927651841/ Frame 92DC 51 KB
51 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1232333796927651841/ybMoeoW6?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E7) /

Resource Hash

01833b92ee7e778e45b1e6689894e7ce1b8f71290348a1f8f078e4cb714745a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:17 GMT
x-content-type-options: nosniff
age: 113811
x-cache: HIT
status: 200
content-length: 51913
x-response-time: 144
surrogate-key: card_img card_img/bucket/2 card_img/1232333796927651841
last-modified: Tue, 25 Feb 2020 15:55:27 GMT
server: ECS (fcn/40E7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6e0e16d884e3cf6ec2b41b57a2b58a7e
accept-ranges: bytes

GET
H2 200 lTyccGGC
pbs.twimg.com/card_img/1230506148111015936/ Frame 92DC 5 KB
5 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1230506148111015936/lTyccGGC?format=jpg&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D6) /

Resource Hash

8e77b31961944da3ffd63cb5748e694bec4b559327b04a20e5a19e10ea127997

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:17 GMT
x-content-type-options: nosniff
age: 556127
x-cache: HIT
status: 200
content-length: 5273
x-response-time: 145
surrogate-key: card_img card_img/bucket/3 card_img/1230506148111015936
last-modified: Thu, 20 Feb 2020 14:53:02 GMT
server: ECS (fcn/40D6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: edfdb2d82dc816beae8d872334e4f130
accept-ranges: bytes

GET
H2 200 AhXv_S28
pbs.twimg.com/card_img/1230445878437126145/ Frame 92DC 29 KB
29 KB 6ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1230445878437126145/AhXv_S28?format=png&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

b078f707bd2f8b3f3ccc2d0014ca7263b61c6ae0202a8cf7219aa00204cc4d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:17 GMT
x-content-type-options: nosniff
age: 570262
x-cache: HIT
status: 200
content-length: 29537
x-response-time: 154
surrogate-key: card_img card_img/bucket/5 card_img/1230445878437126145
last-modified: Thu, 20 Feb 2020 10:53:32 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a5c837cd5211c2857ce2f5a045d84f56
accept-ranges: bytes

GET
H2 206 agent_message.mp3
code.jivosite.com/sounds/ 4 KB
4 KB 13ms
13ms Media
audio/mpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/sounds/agent_message.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Sec-Fetch-Dest: audio
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

x-id: nkf-up-gc13, cec-up-gc11
date: Thu, 27 Feb 2020 01:28:17 GMT
via: 1.1 sharxy
x-cached-since: 2020-02-26T14:19:06+00:00, 2020-02-26T14:19:09+00:00
status: 206
x-shard: shieldShard0_80
Content-Length: 3760
Content-Range: bytes 0-3759/3760
last-modified: Thu, 20 Feb 2020 11:51:35 GMT
server: nginx
etag: "5e4e72c7-eb0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=864000
cache: HIT, HIT
expires: Sat, 07 Mar 2020 14:19:06 GMT

GET
H2 206 notification.mp3
code.jivosite.com/sounds/ 6 KB
6 KB 14ms
13ms Media
audio/mpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/sounds/notification.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Sec-Fetch-Dest: audio
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

x-id: nkf-up-gc12, cec-up-gc11
date: Thu, 27 Feb 2020 01:28:17 GMT
via: 1.1 sharxy
x-cached-since: 2020-02-26T14:19:06+00:00, 2020-02-26T14:19:09+00:00
status: 206
x-shard: shieldShard0_80
Content-Length: 5808
Content-Range: bytes 0-5807/5808
last-modified: Thu, 20 Feb 2020 11:51:35 GMT
server: nginx
etag: "5e4e72c7-16b0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=864000
cache: HIT, HIT
expires: Sat, 07 Mar 2020 14:19:06 GMT

GET
H2 206 outgoing_message.mp3
code.jivosite.com/sounds/ 5 KB
5 KB 14ms
13ms Media
audio/mpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/sounds/outgoing_message.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
Sec-Fetch-Dest: audio
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

x-id: nkf-up-gc9, cec-up-gc11
date: Thu, 27 Feb 2020 01:28:17 GMT
via: 1.1 sharxy
x-cached-since: 2020-02-26T14:19:06+00:00, 2020-02-26T14:19:09+00:00
status: 206
x-shard: shieldShard0_80
Content-Length: 5014
Content-Range: bytes 0-5013/5014
last-modified: Thu, 20 Feb 2020 11:51:35 GMT
server: nginx
etag: "5e4e72c7-1396"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=864000
cache: HIT, HIT
expires: Sat, 07 Mar 2020 14:19:06 GMT

GET
H/1.1 200
OK w Show response
telemetry.jivosite.com/ Frame CC07 7 B
242 B 242ms
73ms XHR
application/x-javascript 77.246.156.238
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telemetry.jivosite.com/w?event=jivo_onLoadCallback&widget_id=jcPubia1ll&chat_mode=offline&site_id=1172270&device=desktop&visitor_id=49373efb10154eb1&widget_version=4.7.3&shard=main
Requested by: Host: away.vk.com
URL: https://away.vk.com/away.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.246.156.238 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: telemetry.jivosite.com
Software: nginx /
Resource Hash: 42fafa8a6b3c7b737d1bed92ca4ec0c3c256092b125a265821a760ad3bb457b3

Request headers

Origin: https://drimsim.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 27 Feb 2020 01:28:17 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: x-app-instance-id
Content-Length: 7
Content-Type: application/x-javascript

GET
H2 200 jivo_widget_offline.png
content.drimsim.com/site/jivosite/images/ 3 KB
3 KB 53ms
53ms Image
image/png 23.83.126.132
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.drimsim.com/site/jivosite/images/jivo_widget_offline.png
Requested by: Host: content.drimsim.com
URL: https://content.drimsim.com/site/js/check.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.83.126.132 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9bf93289914d56e943ea742105b33cfdbacd9bb3614b969d92bb4fc11f6e5f66

Request headers

Referer: https://content.drimsim.com/site/jivosite/jivosite.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:17 GMT
last-modified: Wed, 23 Oct 2019 11:54:45 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5db03f85-a74"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 2676

GET
H2

200

jot.html
platform.twitter.com/ Frame 4EC4
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

39ms
38ms

Document
text/html

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /jot.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://drimsim.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe

Response headers

status: 200
last-modified: Wed, 05 Feb 2020 23:55:53 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "d9592a6c704736fa4da218d4357976dd+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Thu, 27 Feb 2020 01:28:18 GMT
x-served-by: cache-bwi5128-BWI, cache-fra19165-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 95

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Thu, 27 Feb 2020 01:28:18 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Thu, 27 Feb 2020 01:28:17 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_f
strict-transport-security: max-age=631138519
x-connection-hash: 3d503c4c2f83c80b1dac81c238856f4f
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 118
x-transaction: 003e539100d9f0f6
x-tsa-request-body-time: 20
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 rcmp.js Show response
dm.hybrid.ai/ 2 KB
1 KB 235ms
79ms Script
application/javascript 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dm.hybrid.ai/rcmp.js?cs=&pcs=&vcs=

Requested by

Host: st.targetix.net
URL: https://st.targetix.net/txsp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 Moscow, Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

09786c081dd8eb883a21d8dd4fb8cde2b4b19746bf3527e51b99789e1595e7f1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
content-encoding: gzip
server: Hybrid Web Server
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
status: 200
cache-control: no-cache, no-store
x-mode: 123
content-type: application/javascript; charset=utf-8
content-length: 832
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 fpm.js Show response
dm.hybrid.ai/ 76 B
385 B 236ms
79ms Script
application/javascript 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dm.hybrid.ai/fpm.js?pid=5b0d382a7bc72f392c461e35&cs=&pcs=&vcs=

Requested by

Host: st.targetix.net
URL: https://st.targetix.net/txsp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 Moscow, Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

ab1555b090408d9d37857149ca05b4a0baddb6d277e4a3409ba61caf9c3934b1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
content-encoding: gzip
server: Hybrid Web Server
vary: Accept-Encoding
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
status: 200
cache-control: no-cache, no-store
x-mode: 124
content-type: application/javascript; charset=utf-8
content-length: 95
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 smp.js Show response
dm.hybrid.ai/ 0
295 B 236ms
80ms Script
text/plain 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dm.hybrid.ai/smp.js?cs=&pcs=&vcs=

Requested by

Host: st.targetix.net
URL: https://st.targetix.net/txsp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 Moscow, Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
status: 204
cache-control: no-cache, no-store
x-mode: 125
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

supersync
sync.1dmp.io/ Frame 74C2
Redirect Chain

https://sync.1dmp.io/supersync?cid=7914e435-a562-48a5-aa01-6c28a47b11e9&pid=507f302c-a8c7-4ee3-b337-3e41b395da3d&uid=2ae3be95231d75b89647
https://sync.1dmp.io/supersync?t=6f063011-5900-11ea-9e92-901b0e934d81

0
0

41ms
40ms

Document
text/html

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.1dmp.io/supersync?t=6f063011-5900-11ea-9e92-901b0e934d81
Requested by: Host: dm.hybrid.ai
URL: https://dm.hybrid.ai/rcmp.js?cs=&pcs=&vcs=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.46.100.125 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: sync.1dmp.io
:scheme: https
:path: /supersync?t=6f063011-5900-11ea-9e92-901b0e934d81
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: 6f063011-5900-11ea-9e92-901b0e934d81=Y2lkPTc5MTRlNDM1LWE1NjItNDhhNS1hYTAxLTZjMjhhNDdiMTFlOSZwaWQ9NTA3ZjMwMmMtYThjNy00ZWUzLWIzMzctM2U0MWIzOTVkYTNkJnVpZD0yYWUzYmU5NTIzMWQ3NWI4OTY0Nw==; 6f063011-5900-11ea-9e92-901b0e934d81-legacy=Y2lkPTc5MTRlNDM1LWE1NjItNDhhNS1hYTAxLTZjMjhhNDdiMTFlOSZwaWQ9NTA3ZjMwMmMtYThjNy00ZWUzLWIzMzctM2U0MWIzOTVkYTNkJnVpZD0yYWUzYmU5NTIzMWQ3NWI4OTY0Nw==; uid=6f063012-5900-11ea-9e92-901b0e934d81; uid-legacy=6f063012-5900-11ea-9e92-901b0e934d81
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997

Response headers

status: 200
server: nginx
date: Thu, 27 Feb 2020 01:28:18 GMT
content-type: text/html
content-length: 492
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=6f063012-5900-11ea-9e92-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 26 Feb 2021 01:28:18 GMT; SameSite=None; Secure uid-legacy=6f063012-5900-11ea-9e92-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 26 Feb 2021 01:28:18 GMT

Redirect headers

status: 302
server: nginx
date: Thu, 27 Feb 2020 01:28:18 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=6f063010-5900-11ea-9e92-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 26 Feb 2021 01:28:18 GMT; SameSite=None; Secure 6f063011-5900-11ea-9e92-901b0e934d81=Y2lkPTc5MTRlNDM1LWE1NjItNDhhNS1hYTAxLTZjMjhhNDdiMTFlOSZwaWQ9NTA3ZjMwMmMtYThjNy00ZWUzLWIzMzctM2U0MWIzOTVkYTNkJnVpZD0yYWUzYmU5NTIzMWQ3NWI4OTY0Nw==; Version=1; Path=/; Domain=.1dmp.io; Max-Age=10; SameSite=None; Secure 6f063011-5900-11ea-9e92-901b0e934d81-legacy=Y2lkPTc5MTRlNDM1LWE1NjItNDhhNS1hYTAxLTZjMjhhNDdiMTFlOSZwaWQ9NTA3ZjMwMmMtYThjNy00ZWUzLWIzMzctM2U0MWIzOTVkYTNkJnVpZD0yYWUzYmU5NTIzMWQ3NWI4OTY0Nw==; Version=1; Path=/; Domain=.1dmp.io; Max-Age=10 uid-legacy=6f063010-5900-11ea-9e92-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 26 Feb 2021 01:28:18 GMT
location: /supersync?t=6f063011-5900-11ea-9e92-901b0e934d81

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=10&external_user_id=2ae3be95231d75b89647
https://ads.betweendigital.com/match?bidder_id=10&external_user_id=2ae3be95231d75b89647&crf=1

68 B
150 B

70ms
70ms

Image
image/png

188.42.29.196
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=10&external_user_id=2ae3be95231d75b89647&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: /match?bidder_id=10&external_user_id=2ae3be95231d75b89647&crf=1

GET
H/1.1 200
OK setuid
ib.adnxs.com/ 43 B
861 B 86ms
28ms Image
image/gif 185.33.223.197
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=385&code=2ae3be95231d75b89647

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Thu, 27 Feb 2020 01:28:20 GMT
AN-X-Request-Uuid: 8ed7dd25-89e5-4a16-a471-75f5f75d23ee
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.141.207.244; 185.141.207.244; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.84:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ 42 B
201 B 301ms
73ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=100&external_id=2ae3be95231d75b89647
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 01:28:18 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ 43 B
323 B 137ms
43ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=28&id=2ae3be95231d75b89647
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 27 Feb 2020 01:28:18 GMT
Last-Modified: Thu, 27 Feb 2020 01:28:18 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Thu, 27 Feb 2020 07:28:18 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=258&user_id=2ae3be95231d75b89647&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=258&user_id=2ae3be95231d75b89647&expires=30
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f82df690-c888-42d5-bbfa-e18a654ca05a
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f82df690-c888-42d5-bbfa-e18a654ca05a&C=1

43 B
995 B

82ms
79ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f82df690-c888-42d5-bbfa-e18a654ca05a&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Feb 2020 01:28:18 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 27 Feb 2020 01:28:18 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Feb 2020 01:28:18 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=f82df690-c888-42d5-bbfa-e18a654ca05a&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Thu, 27 Feb 2020 01:28:18 GMT

GET
H2

204

match
dm.hybrid.ai/
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fdm.hybrid.ai%2Fmatch%3Fid%3D124%26vid%3D2ae3be95231d75b89647%26r%3D
https://dm.hybrid.ai/match?id=124&vid=2ae3be95231d75b89647&r=SMOHUYPJ

0
237 B

80ms
80ms

Image
text/plain

37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=124&vid=2ae3be95231d75b89647&r=SMOHUYPJ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 Moscow, Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
server: Hybrid Web Server
access-control-allow-origin: *
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
status: 204
cache-control: no-cache, no-store
x-mode: 131
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

Location: https://dm.hybrid.ai/match?id=124&vid=2ae3be95231d75b89647&r=SMOHUYPJ
Date: Thu, 27 Feb 2020 01:28:18 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

204

match
dm.hybrid.ai/
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=54304E4F-1356-44C1-9BA1-411FA7BAD4FD&rurl=https%3A%2F%2Fdm.hybrid.ai%2Fmatch%3Fid%3D128%26vid%3D%24%24visitor_cookie%24%24
https://dm.hybrid.ai/match?id=128&vid=a922ef381a5e47f09e54840e4a178990

0
237 B

80ms
80ms

Image
text/plain

37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=128&vid=a922ef381a5e47f09e54840e4a178990

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 Moscow, Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
server: Hybrid Web Server
access-control-allow-origin: *
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
status: 204
cache-control: no-cache, no-store
x-mode: 123
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

Date: Thu, 27 Feb 2020 01:28:18 GMT
Server: nginx
Location: https://dm.hybrid.ai/match?id=128&vid=a922ef381a5e47f09e54840e4a178990
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H2

204

google-match
dm.hybrid.ai/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=hybrid&google_cm&google_sc
https://dm.hybrid.ai/google-match?google_gid=CAESEOqhyD85MmHXAar9ftoFGSM&google_cver=1

0
237 B

80ms
79ms

Image
text/plain

37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/google-match?google_gid=CAESEOqhyD85MmHXAar9ftoFGSM&google_cver=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 Moscow, Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
server: Hybrid Web Server
access-control-allow-origin: *
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
status: 204
cache-control: no-cache, no-store
x-mode: 110
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
server: HTTP server (unknown)
location: https://dm.hybrid.ai/google-match?google_gid=CAESEOqhyD85MmHXAar9ftoFGSM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

match
dm.hybrid.ai/
Redirect Chain

https://x01.aidata.io/0.gif?pid=TARGETIX
https://x01.aidata.io/0.gif?pid=TARGETIX&bounce=1
https://dm.hybrid.ai/match?id=8&vid=e4YHVSFGMnjZYS%2BCJwiuVQ

0
237 B

79ms
79ms

Image
text/plain

37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=8&vid=e4YHVSFGMnjZYS%2BCJwiuVQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 Moscow, Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
server: Hybrid Web Server
access-control-allow-origin: *
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
status: 204
cache-control: no-cache, no-store
x-mode: 130
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 27 Feb 2020 01:28:18 GMT
Last-Modified: Thu, 27 Feb 2020 01:28:17 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: https://dm.hybrid.ai/match?id=8&vid=e4YHVSFGMnjZYS%2BCJwiuVQ
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 27 Feb 2020 01:28:17 GMT

GET
H2

404

4207979237538519746
an.yandex.ru/setud/targetix/
Redirect Chain

https://dm.hybrid.ai/yandex-match
https://an.yandex.ru/setud/targetix/4207979237538519746?sign=1089399078

43 B
290 B

150ms
65ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/targetix/4207979237538519746?sign=1089399078
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
last-modified: Thu, 27 Feb 2020 01:28:18 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
status: 404
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Thu, 27 Feb 2020 01:28:18 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
server: Hybrid Web Server
access-control-allow-origin: *
location: https://an.yandex.ru/setud/targetix/4207979237538519746?sign=1089399078
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
status: 302
cache-control: no-cache, no-store
x-mode: 130
content-length: 0
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

pixel.gif
sync.1dmp.io/
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=7914e435-a562-48a5-aa01-6c28a47b11e9&pid=f684b536-8c82-4e99-97ca-d892a75859ca&uid=2ae3be95231d75b89647
https://sync.1dmp.io/pixel.gif?cid=7914e435-a562-48a5-aa01-6c28a47b11e9&pid=f684b536-8c82-4e99-97ca-d892a75859ca&uid=2ae3be95231d75b89647&cs=1

35 B
376 B

40ms
40ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=7914e435-a562-48a5-aa01-6c28a47b11e9&pid=f684b536-8c82-4e99-97ca-d892a75859ca&uid=2ae3be95231d75b89647&cs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 78.46.100.125 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 27 Feb 2020 01:28:18 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
expires: 0
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

status: 302
date: Thu, 27 Feb 2020 01:28:18 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
location: /pixel.gif?cid=7914e435-a562-48a5-aa01-6c28a47b11e9&pid=f684b536-8c82-4e99-97ca-d892a75859ca&uid=2ae3be95231d75b89647&cs=1
expires: 0

GET
H2

204

match
dm.hybrid.ai/
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdm.hybrid.ai%2Fmatch%3Fid%3D206%26vid%3D{WEBO_CID}
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdm.hybrid.ai%2Fmatch%3Fid%3D206%26vid%3D%7BWEBO_CID%7D&bounce=1&random=2759658428
https://dm.hybrid.ai/match?id=206&vid=yOwvU7x1BV35lDFYHwPR2O

0
237 B

79ms
78ms

Image
text/plain

37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=206&vid=yOwvU7x1BV35lDFYHwPR2O

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 Moscow, Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
server: Hybrid Web Server
access-control-allow-origin: *
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
status: 204
cache-control: no-cache, no-store
x-mode: 107
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
via: 1.1 google
last-modified: Thu, 27 Feb 2020 01:28:18 GMT
server: nginx/1.12.0
access-control-allow-origin: *
location: https://dm.hybrid.ai/match?id=206&vid=yOwvU7x1BV35lDFYHwPR2O
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
status: 302
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

2ae3be95231d75b89647
an.yandex.ru/mapuid/dmphybridai/
Redirect Chain

https://dm.hybrid.ai/yandexdmp-match
https://an.yandex.ru/mapuid/dmphybridai/2ae3be95231d75b89647?sign=22094209

43 B
328 B

163ms
77ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmphybridai/2ae3be95231d75b89647?sign=22094209

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
last-modified: Thu, 27 Feb 2020 01:28:18 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
status: 200
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 27 Feb 2020 01:28:18 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Feb 2020 01:28:18 GMT
server: Hybrid Web Server
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/dmphybridai/2ae3be95231d75b89647?sign=22094209
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
status: 302
cache-control: no-cache, no-store
x-mode: 131
content-length: 0
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK /
pixel.onaudience.com/ 35 B
248 B 208ms
47ms Image
image/gif 85.194.243.23
ECO-ATMAN-PL ECO-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=207&mapped=2ae3be95231d75b89647&noredirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 85.194.243.23 , Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS: ip-2.85-194-243-22.net.eco.atman.pl
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 tr
www.facebook.com/ 44 B
129 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=0&ev=PageView&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 01:28:18 GMT, Thu, 27 Feb 2020 01:28:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Thu, 27 Feb 2020 01:28:18 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.drimsim.com/	1970-01-19 15:38:58	Name: tmr_reqNum Value: 2
.drimsim.com/	1970-01-19 07:39:28	Name: _ym_visorc_42879639 Value: w
.drimsim.com/	1970-01-19 07:40:38	Name: _ym_isad Value: 2
.drimsim.com/	1970-01-19 15:38:58	Name: tmr_lvidTS Value: 1582766896374
.drimsim.com/	1970-01-19 15:38:58	Name: tmr_lvid Value: 0d58453ac6c635d7ee9b7bf126763bc8
.drimsim.com/	1970-01-19 16:25:02	Name: _ym_d Value: 1582766896
.drimsim.com/	1970-01-19 16:25:02	Name: _ym_uid Value: 1582766896827813411
.drimsim.com/	1970-01-19 09:49:02	Name: _fbp Value: fb.1.1582766896270.30460290
.drimsim.com/	1970-01-19 09:48:59	Name: atm_closer Value: %7B%22id%22%3A8916%2C%22mid%22%3A14806%2C%22aid%22%3A%22AS.1206709923.1582766896%22%2C%22cookie_time%22%3A1582766896168%2C%22priority%22%3A0%2C%22uid%22%3A%22489a02f930e891fa04d5c8d8ad66bd27%22%2C%22webid%22%3A%22122107%22%7D
.drimsim.com/	1970-01-20 01:10:38	Name: adspire_uid Value: AS.1206709923.1582766896
.drimsim.com/	1970-01-19 07:39:26	Name: _gat_UA-76689230-1 Value: 1
.drimsim.com/	1970-01-19 07:40:53	Name: _gid Value: GA1.2.1282111748.1582766896
.drimsim.com/	1970-01-20 01:10:38	Name: _ga Value: GA1.2.1483563315.1582766896
.drimsim.com/	1970-01-19 11:58:38	Name: sbjs_migrations Value: 1418474375998%3D1
.drimsim.com/	1970-01-19 07:39:28	Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997
.drimsim.com/	1970-01-19 08:22:38	Name: __cfduid Value: dbde60195e48b1ade5ba7362d79a7a33a1582766895
.drimsim.com/	1970-01-19 11:58:38	Name: sbjs_first Value: typ%3Dutm%7C%7C%7Csrc%3Dadmitad%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3D122107%7C%7C%7Ccnt%3Dcloser%7C%7C%7Ctrm%3D1137997
.drimsim.com/	1970-01-19 11:58:38	Name: sbjs_first_add Value: fd%3D2020-02-27%2002%3A28%3A15%7C%7C%7Cep%3Dhttps%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997%7C%7C%7Crf%3Dhttps%3A%2F%2Faway.vk.com%2F
.drimsim.com/	1970-01-19 11:58:38	Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36
.drimsim.com/	1970-01-19 09:49:02	Name: _gcl_au Value: 1.1.1908699588.1582766896
.drimsim.com/	1970-01-19 11:58:38	Name: sbjs_current Value: typ%3Dutm%7C%7C%7Csrc%3Dadmitad%7C%7C%7Cmdm%3Dcpa%7C%7C%7Ccmp%3D122107%7C%7C%7Ccnt%3Dcloser%7C%7C%7Ctrm%3D1137997
.drimsim.com/	1970-01-19 11:58:38	Name: sbjs_current_add Value: fd%3D2020-02-27%2002%3A28%3A15%7C%7C%7Cep%3Dhttps%3A%2F%2Fdrimsim.com%2F%3Fadmitad_uid%3D489a02f930e891fa04d5c8d8ad66bd27%26utm_campaign%3D122107%26utm_content%3Dcloser%26utm_medium%3Dcpa%26utm_source%3Dadmitad%26utm_term%3D1137997%7C%7C%7Crf%3Dhttps%3A%2F%2Faway.vk.com%2F

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://drimsim.com/?admitad_uid=489a02f930e891fa04d5c8d8ad66bd27&utm_campaign=122107&utm_content=closer&utm_medium=cpa&utm_source=admitad&utm_term=1137997(Line 292) Message: New branch links

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
ad.admitad.com
ad.mail.ru
ads.betweendigital.com
ajax.googleapis.com
an.yandex.ru
api.branch.io
api.drimsim.com
api2.branch.io
app.link
assets.website-files.com
away.vk.com
cdn.branch.io
cdn.syndication.twimg.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jivosite.com
connect.facebook.net
content.drimsim.com
d3e54v103j8qbb.cloudfront.net
dm.hybrid.ai
dreamsims.com
drimsim.com
dss.hybrid.ai
dsum.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
inv-nets.admixer.net
mc.yandex.ru
node125.jivosite.com
p.typekit.net
pbs.twimg.com
pixel.onaudience.com
platform.twitter.com
pxl.adspire.io
redirect.frontend.weborama.fr
ssp.adriver.ru
ssp.bestssp.com
st.targetix.net
static.drimsim.com
stats.g.doubleclick.net
sync.1dmp.io
syndication.twitter.com
telemetry.jivosite.com
ton.twimg.com
top-fwz1.mail.ru
track.adspire.io
use.typekit.net
vk.cc
vk.com
widgets.mango-office.ru
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
x01.aidata.io
104.111.215.74
104.244.42.136
13.225.73.39
13.225.84.72
146.0.227.110
151.101.12.157
176.99.6.223
185.162.92.2
185.33.223.197
188.42.29.196
195.181.175.51
195.181.175.9
2.18.234.21
212.224.118.36
216.58.207.34
217.69.133.145
23.83.126.132
2600:9000:20eb:3200:10:557c:b549:ac21
2600:9000:20eb:7600:11:3b84:d200:93a1
2600:9000:20eb:de00:19:9934:6a80:93a1
2600:9000:21f3:9000:11:f728:3040:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700:20::6818:1132
2606:4700::6811:4104
2a00:1148:db00::17
2a00:1450:4001:800::2002
2a00:1450:4001:800::200e
2a00:1450:4001:808::2004
2a00:1450:4001:816::200a
2a00:1450:4001:81f::2008
2a00:1450:4001:820::2003
2a00:1450:4001:821::2003
2a00:1450:4001:821::200a
2a00:1450:400c:c04::9c
2a00:f940:4::9
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:9997::9997
35.190.16.14
37.18.16.16
37.18.16.19
52.29.126.123
54.170.179.250
77.246.156.238
78.46.100.125
81.222.128.216
81.88.82.225
85.194.243.23
87.240.129.187
87.240.190.78
93.186.225.208
94.130.112.156
01833b92ee7e778e45b1e6689894e7ce1b8f71290348a1f8f078e4cb714745a5
03e0f8424f5c77ca07546c05bdfea99f3e3714e76d7fc64d74900fbecf3f5a59
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
0921a7dc8054b08e4b5dd8e6ca764c72370ef59b7a7bb80be61efdc320d077a8
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09786c081dd8eb883a21d8dd4fb8cde2b4b19746bf3527e51b99789e1595e7f1
0a0d3cdc751d6612727743b914fd1717d8d72d1be9c4f1602e4c075787dbe24e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33
15f6132278f60696942ef76ce9a4593bda7535bdfdcb8114d4ce0141e934c706
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1684d8677bdba8614107dbc2121a9c4fe21778e5b7fab6eda7ec7611b390b421
1749c1a4f209e577d605108ff217d4d9e2f41433bb9a233d195c22454f6209a8
18055014f2eafc20d5a83b1af0a659b8ff8aa38e9c4aa2996750e9177588f145
180f530d09c47d6f80191cbce611158685010623b3ae4c010107f7448aa3866c
1b00adba65cb57f963d960eece2a6f1112c165e392b07a2b877f2155817d5c42
1b80a381cdbf6bbf850611dac9232b1b05c0f33920a50b8d15936239a069127f
1c1a674e3e8c9f5e5d6590a9ff185f2c6ea01d6c466370266546181920187830
1d726b50af36ac62a6b4a2c756f465f9e02992a814d3a5660636034f97c9c4ce
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
273fe6bd2d9412d58239e48b43722ca48c398bf6443a8afbc88a18f23e88daa6
27f35c64f2a984ecb4546982889d5514a46666b7aba55909d052e4036862e725
29ddb095eb498330aeb5a4be555a977c2d0b329bfeb55c73b3b8b3bca2aab344
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c2431407dbe2a618f982f5810887dcc4581d302c03331241520ff8f3aaa72cd
2e2f57e904e03ed5a25adc320cf8385fc510b4707c7bf7daef7d60851b5dbc4b
2e4bf2a8a0d84f106d1029c0f9c502c30c529ad3b8bfeb4c25ab54f38e2157ef
2efe8390188e30c59bfcd64ab4d4e17dfc8fb9658182e5f33ccac77534b87ba9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
332ee6cc095fecc13f488523f308b8241dfd2d5c1809cfd90e8deaa4ce941ce4
348b24387ede3488f2245a547a1dc3944f67d5a99c1bf6f354a6d6c6e220887e
35f024950d1d878bf655f22acac85ac1a291cc63a048b9911e2de02b2ce7b30f
37a3fb7e0591b6f4d54499b245bd54da36c5b65ce9a65339e78e23eea984e3b2
38ad6225b0db73465d79e90067a0485364959e82beed247389c7828c7c26f458
39892c13cea268d95b42f0439c4af095797788c0ef44b2cc973f8d7e3acd373a
3aefb9c303713f9629c402d4a80012ca1b7e24ffbf7e28c76da270298796fdaf
3b9ee4dba2fce67dd20709d4e79141eec3cebaea649252a65ebebd7dc20a0818
3d8d96fb258ef7f1daffc7a313feea77c7350fc6528720cde2fd94eb00db13e4
3f917f6756018a04413812bb96b18eea450a0206b8c62842a9fd01b1f4594d6c
3fc4d8ebc92b111dc2ef5fecaeae98f3c03a7e42690e37e7090676d6a44e8cd2
4101ef8c113c49ccf1fe62e77f5f08dbddb9ab70cd3acde4af21b90d8ee1bdc9
41b47c87248e2cfb9b6d2a7a238baac843717c7372d0a5e19d84b92afba07e2b
427b7f8fbe46ce254c9950b28e5a370353c27d1f67d400c88c333a8f0ac3e599
428cbac419ef6857d3ab1feb1aa75e9e4df842be0f8d4fcc2bdc9a9ab02698d0
42fafa8a6b3c7b737d1bed92ca4ec0c3c256092b125a265821a760ad3bb457b3
438b7b13a6b18c792b2baf25aae2d15cb5ced68a1cf645df0def255dffe299b0
439603e1cf2530f43aa3f6818e634491367e3f7e1849c1ef9a1968c185b7ef00
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
494a5d33fa83756c26384a2e7a90142bde9d8d0b4f81c7f2721b9527cf5ce684
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4beb0b40ca02a919b441fff6bef3229c5f5ede3450c2f9073b16c17f9e1b1a4b
4c0d98778e6b7f8e4d650e1f8e64598d28329ae868664050805745e144c2d7eb
4c7258180c6b66554f903677ebe2acdd415a8be4986b6d44e73735e1a0429add
4dab9ed34f74ced7d78bdb6c934a4f3da29b22a481afe408e4a59786fab6dd96
4ec01607a5f3b38454680259fe102b3c12060f267f26479f4174ee3b1c6e31b2
508b26951b2b843ea6bf5e49f9093a55a37580787e1a0624741cde4d1588b9ee
523266a453f7ae1901cfca6aa27c4ce835603f030befef53fe9d369b6581d9a6
539274318db7f53851889cc63ac0e0143154fd18dd94b66e0f807e7ca8c87dce
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54aa0124c1eed274a26b40b77cd7ffef08db26472b3af48eb4767c4756bc3234
5546efb7b729fcb37ccaf67ead9b3c839945dea35646991769d3dcd444a6dc8e
5a3938e7ebf04cfc9045bd225e122027ceb3f053bd1f91d858d5e0b50fc056c3
5a568953de633711c620d2d0432d61aa2f0cac166437e814be30ce26e321698b
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5bce3c74c6fd81d7fec99f87a905c8226d5754969d481f2b999d460660925606
5cac97db71dc596e853db0640cd4cc632f3af8a175d9371f075e167db271de2f
5e436e1bf11cfa02b38b3163130bb9d4ad490001bfd3514917072b69c2a28b0a
5fc178b2064b27f1608dd5f8642ab3c21a7f80ae36b853d62077faecceb1feee
609a54d355e7ab71d08a2ba7a8386a12079f0a149fe13891cc0560cd096be280
61f7ee55739a4f5a07d13139b10ff7107cc0f090911bcea55f189337066d0c5a
62c8512b27ff9cbb23f96fd433e159b270bf3a75571a76b8428a4effc21effe0
62ffd1b1016c839d22db6b0828c733ee208b39a1bbfc5c777fea155a2ac8f99d
63475bef916ddcb86abcb4d4ccd64d171fc8a62c4bf07a2a9cb876954fffabed
641cef5164f4c02d21d144f1d8f2dce9d581ce50150f8c171ff89c1061512993
663fca77d15e56981e4ef71a6280014658b9b8457636393a8dac049a15a0ba20
69ff56d9c030edd37c2375fddbe6bcec3b08db681957225fad8dcc110eb6efd2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cf13cb70a3c6159f2e8f84333839e0d469a99e1d6298652cf133930c3914e8b
6e74ce0d8618f92f709ddbcb800ba448b989250e5918d8dc3c0353f282a356dc
6f1dc81498da5df5cc4a4b2730c86480122e1b4a6808621b7d941aaa6e29d824
734efdef4c4dc106a44b2ee135340b648815f517a8cc15aba680465eefa1ab8a
765b9b961b160b12b29033b6b6f55e1fa6e707d6dcaa0f2cd89d5d618d0c72b6
7b8b4de6fa64a0f06b5e65487e600a21a5c863a70429ffd18c31306cdf0cf4aa
7c366a2fbcff722f03d363f9d22005009e6f38db526080b6b57ca872c9a8665a
7dad72fd77caabbbc90839af97bb3b33634987a8506ea47634281b26f3b39011
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8356ae7686fad11d5f4de273e3cf99cb86b7d22610b87291699d0c8c4b68c5ae
8543c3fa0028a8cefe4008eeb095bee891501b9b5ead7fdec85ccbaa31b70e45
87d46d06b23f22577d8db75c5e772ee69ade2c497ca815f7ae3bc42424d02353
88996f95016fdf5db7db323fcebb0bfe36eeb9b2d65abfc1bfdf5df977da0bb6
8938fc1c96571a209db41f707bf8f1400e6a69944c4b5030e09f7828a1331eb2
8d404fb3a6ffd07b3eff705baf8658ffe58d9184c17f0b6bac24202b98706649
8e77b31961944da3ffd63cb5748e694bec4b559327b04a20e5a19e10ea127997
95591bfa02f99f45e06dbec1462a59813c62bea4f5c5824a05ca7035f5eae78c
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9bf93289914d56e943ea742105b33cfdbacd9bb3614b969d92bb4fc11f6e5f66
9c28ead6ce7e425f63a0165a0db91e338c3461dddc9a0652b077f59337ebca8e
9c9745f706d799b80a96b76acb3087d855dbc7a625dd84ebc638041d86371f88
9cfc39ffe5295c4af8ea1e676baf92b4ad150942b123f2fd59eb24613620295b
9d7c29619101d043b7b5e2430a9c733d44eacde25babf52f5b08c6e81ae3c022
9d7df9a187f847f7d8c2aa24611398d11ba284d76d4895c28bd4d232da74f2a4
9f40a1104cd036c44d466c7f2c97c35d3e0d67c08904305d5966578e52cb3a6d
9f541c0ee877aff4684be51f3c1be90617347c27de6b06aa426cad00b5f7fdd9
9fca979321f3e93c0dbe1aae65d4d395d1241680d29e02f57f6adbf88f049b6b
a119d337e1cd12b6da7b4b06c1e96e88902ae84e8f7778ec9f58aa64432f6666
a2f48b748639195e971e7d3283b99a1049c2189677de8cb6b8a7bbe9135baa6d
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a6f7fb351b331475d8f1b6e1243c4edb948e134cb6ca161aed78c218307a2fca
a73a2bc1fa3a96566f05986b6538c11c95d69a705e39b7a3db9c7862e2faebb9
a7d19cbfdbb2a4afb6b0e0e7c82c944ae286c515bdc0b4c21bb4af97358cfbdb
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
a9cf25c788651bd796f5302d39bc6408d0e0874738ac00c4bf486a07075aade9
aa057323e3b34890f5a4abc19623d8d5624d223ff405e18bdeaaa9eef13d460a
ab1555b090408d9d37857149ca05b4a0baddb6d277e4a3409ba61caf9c3934b1
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
b078f707bd2f8b3f3ccc2d0014ca7263b61c6ae0202a8cf7219aa00204cc4d0b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c2ca6a3440153eea7ebc5688f9fba6149fd5ba7f3ab12c9672da8ebd8cd806
b51edfcf67c27b272a23dfd5f262fd9f24dce25235e24836426eb3647baea711
b62321c7ca53990cce73450fcfb36ff2d54d04a4a0eea4bb8e8d9ded7beaac08
b6c05e45a7b5b438d1b97115add2344a55d6da83c85ad2de6340f41ec8522a5e
ba8871d13ea602fdc98d20925532b5c8fa1311e1e84baf38e735d7dd8e4eaf44
bcd8ce423c266439957feab29ae6a7a46b8b78a4a02c1917c58b26bb803564c2
bf37f335e5c3bcfe7cc258c0d5f2bdbfed511f7f46da84e8ff6d27938b4b52a8
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c49a778659da9be4289cf71b6e3caa58582a73822d94f14d652258cee721f2ef
c4dda9b7992d6d9612cd46fad55e6597648471ae6ff31466c16479c8ee0f701e
c560a5446d9382911aa9403ae3169f658e97560b7aa31136cc27108b7353aefa
c5c3bd81498d2c2e71f59208be908d299e25831de0ec9de131b0c0687f5ccac4
c9756999757df609b75680f9c3902fa09cd026822969a5568bdf7eee876022e2
ca8b79adfa2c335f9ffda48e79259a64d39e99afa0407e4a4f06ef46d6fb1e0b
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cd196b6f5303c4fabe3a44681d6095096eaa4a8e63c3d0c2b527b1256c32cdbc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfee4a0f3c42e6691a4d32ff581eb055895c3da6118bf9178bbd88b3cac70783
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d65c080d68a3cdf3ec1b752fc6a7c7ae89b9f4f195c47bf29d07b8f2ad9fe53e
d77f6b319c3c225b5436a023bc5ed1317a39800f1ba158bd5e8db47ea6affa21
d7f49d74007e61b9db461b51ff53f381556ac18b10487e19f7014b119f086846
da07a283b7577522112a0bee5bdfcd0bfcdab256d93356ec39b33471c8cbe462
da69d60611100a2e324bf13fb0be23945bb0db8ab2e4bdbea7459c9752a9064f
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
dc584675e2aba71117e26441b57a17c0ea150bdbc8a83d7217a67a4a5837968b
dd6b81aa0348fd1df6b000a2fb309f505214049a4f0217d6fea963a7c85685f0
de31f28497e6d6aaefd7bbdb13bdf7091a4db6e2409adf234ca9b36c43fa1637
dfd43cee75de925d9cd2b5ba332c58d4d47a49658a59cec87eba607f8010d969
e2f9bc37b1981efb231afb1328ae1c8050cd73b680df38d74b8afb61ffc3b1a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4398e863ecd066e77ee4180c582e45424471d757666f8541b10c8e95685b5ea
e5059e6d322f7258454f6c90077f7535e3ffb55b1ecd81dd15fe65d5e2715b4f
e520f51969f6e83152f4a3cece8a7c5f588563215bec83071fb0ecc85ccd5e65
e5e57c289bfa0deaf9c7b8f8b412e1301476930380330d87e4caac35f5d4177d
e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a
e69edc82b4a40ef8d9c11b3b507d0a8f83fbd090f43757b4019ab77fa5aea4be
e6e999d1102978f8191c522b8c91564bd748df49ffefd9a5ffe9c3353ae9cde1
e7fb64cbdbe1ecfe426dce65af188ef1316324ee4d0adb8c0d81be8cc8513719
e84580026198a0d12358800b457c2ebec2ad4fbc6b1b8518d781e6784a014943
ea70ddadf76453f0f1c4fbbcb8e71f9fd68b35d27f5b975cb4e6c64607f386a3
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed6de5bf0317e4ca9d7af022dd2f9f5144a54b520aeeea6c41ff6481f4ee4ba6
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f4e707ff1bc54a12082bca5d02ba0e69b50cdd5041e35bcff6c8bc9983f03c
f22e8d2e55bd4a53bdba4ebd9a32776fce42eaa158007f45d152b91cda5ec8da
f36e9050c8f638e1f0396934811a0aec51948fae49f349ec134a6c82498d622c
f3c46702547e4c1c16fcf14c8d519fdefefae31425089a31b0ac841ce7773c1a
f4ab2276dcf53c0ae41925d1dd8df947069bd907812e7e4c9a8852d3f8c3c85a
f6edcbbc56144f9c0bb5d26641f2436c7913b620f44f2f657d28ed53f5417443
f732cbeeb5a211ca8871ef1dae5c665b83feb83bb731a5e063a672ae7c6d6765
f769ae3473ca5563812c9ec379d38aa23549e7fa460080d4bba1790930217489
f921c66d366a779742607011e0fa9afc99ffe4e4db468718506cd122b811c372
fb2665afd7b75ed9ba12ae781847a4753086e9d29a0f921efbc83b45c62663da
fec0875f9172c58cf464d2a4197db852ca46448f2156e2c0cb67e00853f0eb86
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

drimsim.com Open in urlscan Pro 2606:4700:20::6818:1132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

235 Requests

100 %HTTPS

44 %IPv6

41 Domains

61 Subdomains

47 IPs

9 Countries

5938 kBTransfer

10490 kBSize

22 Cookies

16 Outgoing links

Page URL History

Redirected requests

235 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

drimsim.com Open in urlscan Pro
2606:4700:20::6818:1132 Public Scan

Screenshot
Live screenshot

Full Image

235
Requests

100 %
HTTPS

44 %
IPv6

41
Domains

61
Subdomains

47
IPs

9
Countries

5938 kB
Transfer

10490 kB
Size

22
Cookies

235 HTTP transactions
7 data transactions