hs-manacost.ru Open in urlscan Pro
172.67.72.65 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hs-manacost.ru/
Submission: On October 18 via api (October 18th 2023, 5:19:43 pm UTC) from US — Scanned from DE

Summary HTTP 134 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 134 HTTP transactions. The main IP is 172.67.72.65, located in United States and belongs to CLOUDFLARENET, US. The main domain is hs-manacost.ru.

This is the only time hs-manacost.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
67	172.67.72.65 172.67.72.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3 6	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 2	154.47.36.219 154.47.36.219	174 (COGENT-174) (COGENT-174)
9	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
134	20

67 172.67.72.65 (United States)

ASN13335 (CLOUDFLARENET, US)

hs-manacost.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.47.36.219 (United States) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	hs-manacost.ru hs-manacost.ru	3 MB
25	gstatic.com fonts.gstatic.com www.gstatic.com	514 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	295 KB
6	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 3539	4 KB
6	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	49 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	22 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 10154	1 KB
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 19741	857 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	148 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	4 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	59 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	603 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	69 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	2 KB
134	15

	Domain	Requested by
67	hs-manacost.ru	hs-manacost.ru
24	fonts.gstatic.com	fonts.googleapis.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	hs-manacost.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	mc.yandex.ru	3 redirects hs-manacost.ru
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com hs-manacost.ru
4	www.google-analytics.com	hs-manacost.ru www.google-analytics.com
3	counter.yadro.ru	2 redirects hs-manacost.ru
2	mc.webvisor.org	1 redirects hs-manacost.ru
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googletagmanager.com	hs-manacost.ru www.google-analytics.com
2	fonts.googleapis.com	hs-manacost.ru googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.jsdelivr.net	hs-manacost.ru
1	cdnjs.cloudflare.com	hs-manacost.ru
134	19

This site contains links to these domains. Also see Links.

Domain
vk.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://hs-manacost.ru/
Frame ID: CD0F56831D85CFC82D9E3812075877C3
Requests: 114 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: B37854B88D7A5BDA4125CF5849735888
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9551927933108581&output=html&h=90&slotname=1924852777&adk=2677332262&adf=1183505835&pi=t.ma~as.1924852777&w=728&lmt=1697636880&format=728x90&url=http%3A%2F%2Fhs-manacost.ru%2F&wgl=1&dt=1697649576036&bpp=4&bdt=453&idt=317&shv=r20231011&mjsv=m202310160304&ptt=9&saldr=aa&abxe=1&correlator=4062311888962&frm=20&pv=2&ga_vid=1826415403.1697649576&ga_sid=1697649576&ga_hid=2089401953&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44801484%2C44805112%2C44805533%2C44805681%2C44805920%2C31078297%2C31078897&oid=2&pvsid=3254572191663811&tmod=1240361447&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=fyPNRNyozI&p=http%3A//hs-manacost.ru&dtd=334
Frame ID: F265FB29923DF845DA132E71A6A44DEA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9551927933108581&output=html&adk=1812271804&adf=3025194257&lmt=1697636880&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=http%3A%2F%2Fhs-manacost.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1697649576101&bpp=3&bdt=518&idt=277&shv=r20231011&mjsv=m202310160304&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4062311888962&frm=20&pv=1&ga_vid=1826415403.1697649576&ga_sid=1697649576&ga_hid=2089401953&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44801484%2C44805112%2C44805533%2C44805681%2C44805920%2C31078297%2C31078897&oid=2&pvsid=3254572191663811&tmod=1240361447&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=292
Frame ID: 42A036CA430260A7BB13D19247A33E1D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js
Frame ID: 5A2B865843E65E970838469AE98F2FAC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A834FB5F3A1FB89A4902E08AD829B356
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 858B8E6631C7A567C50002752AC5FA87
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Манакост Hearthstone | Runeterra

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

134
Requests

29 %
HTTPS

80 %
IPv6

15
Domains

19
Subdomains

20
IPs

4
Countries

4285 kB
Transfer

7423 kB
Size

25
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/manacost

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

http://counter.yadro.ru/hit?t50.6;r;s1600*1200*24;uhttp%3A//hs-manacost.ru/;0.5232107526900189 HTTP 302
https://counter.yadro.ru/hit?t50.6;r;s1600*1200*24;uhttp%3A//hs-manacost.ru/;0.5232107526900189 HTTP 302
https://counter.yadro.ru/hit?q;t50.6;r;s1600*1200*24;uhttp%3A//hs-manacost.ru/;0.5232107526900189

Request Chain 106

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fhs-manacost.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A3wcjej5logadum7fiken3xb%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A2%3Adp%3A0%3Als%3A1438300368028%3Ahid%3A509534275%3Az%3A120%3Ai%3A20231018191936%3Aet%3A1697649576%3Ac%3A1%3Arn%3A533913996%3Arqn%3A1%3Au%3A1697649576508224647%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A28%2C6%2C118%2C75%2C0%2C0%2C%2C440%2C8%2C%2C%2C%2C668%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697649575428%3Ast%3A1697649576&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fhs-manacost.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A3wcjej5logadum7fiken3xb%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A2%3Adp%3A0%3Als%3A1438300368028%3Ahid%3A509534275%3Az%3A120%3Ai%3A20231018191936%3Aet%3A1697649576%3Ac%3A1%3Arn%3A533913996%3Arqn%3A1%3Au%3A1697649576508224647%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A28%2C6%2C118%2C75%2C0%2C0%2C%2C440%2C8%2C%2C%2C%2C668%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697649575428%3Ast%3A1697649576&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Request Chain 107

https://mc.yandex.ru/watch/28175484?wmode=7&page-url=http%3A%2F%2Fhs-manacost.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3wcjej5logadum7fiken3xb%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1312199185%3Ahid%3A509534275%3Az%3A120%3Ai%3A20231018191936%3Aet%3A1697649576%3Ac%3A1%3Arn%3A444319861%3Arqn%3A1%3Au%3A1697649576508224647%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A28%2C6%2C118%2C75%2C0%2C0%2C%2C440%2C8%2C%2C%2C%2C668%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697649575428%3Arqnl%3A1%3Ast%3A1697649576%3At%3A%D0%9C%D0%B0%D0%BD%D0%B0%D0%BA%D0%BE%D1%81%D1%82%20Hearthstone%20%7C%20Runeterra&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/28175484/1?wmode=7&page-url=http%3A%2F%2Fhs-manacost.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3wcjej5logadum7fiken3xb%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1312199185%3Ahid%3A509534275%3Az%3A120%3Ai%3A20231018191936%3Aet%3A1697649576%3Ac%3A1%3Arn%3A444319861%3Arqn%3A1%3Au%3A1697649576508224647%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A28%2C6%2C118%2C75%2C0%2C0%2C%2C440%2C8%2C%2C%2C%2C668%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697649575428%3Arqnl%3A1%3Ast%3A1697649576%3At%3A%D0%9C%D0%B0%D0%BD%D0%B0%D0%BA%D0%BE%D1%81%D1%82%20Hearthstone%20%7C%20Runeterra&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Request Chain 112

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10160.Zp-q-LYYzZTHv-sigKfXmSsQCzqjUYSBFthdrFJ04oemkgu-qW_AC82dPd-u9vlf.Dn14LY1z3LrwyMMkkxUmI_3p-lE%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=10160.br2DGSP_vgMCxjm3a75lSiYo8wkpjwlGLAeKwXWHCGFaJF01xLf64YUjAKm4f2bkDN3rPZT6xF4-BRuqfbY-fBPq-P0-HSnSmlHtNWSjqpy0Q00N9YjlP89pWydM3a7IXN6D-m1-3Wg-rFh5b408E3LyWR7hixkCGGTAV1M-IsdVwHYoksXgCvaeP87H3qSsenkEyuV-r4pFs5JIudjAdz6mP3oP_6LMxW4vwl58Ijo%2C.kzDrdTK3Lzdy2JBmOKJhAxMJiZE%2C

134 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
hs-manacost.ru/ 445 KB
52 KB 152ms
118ms Document
text/html 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c16eb3f435b203865c52cb6323a2403812ad9da781b73862c2e1653e0c061d34

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 81827276ac38bb7d-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 18 Oct 2023 17:19:35 GMT
Last-Modified: Wed, 18 Oct 2023 15:48:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Referrer-Policy: no-referrer-when-downgrade
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVyw0WcAomGdy3vbUE0v4dZNOYozny1LNT5Sis9tftnGI3N2g8KG2J746i5x%2BiR8fcxn1t1wxiE8987gbi4XX4rdS1ZPL2NR7GKIaFBK1F21lmVLw3wSWGOe6heDoRuX"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
7ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hs-manacost.ru
URL: http://hs-manacost.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Oct 2023 15:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5282
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 18 Oct 2023 17:51:33 GMT

GET
H/1.1 200
OK autotrack-dd5c63d1.js Show response
hs-manacost.ru/wp-content/plugins/all-in-one-seo-pack/dist/Lite/assets/ 24 KB
9 KB 86ms
19ms Script
application/javascript 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/all-in-one-seo-pack/dist/Lite/assets/autotrack-dd5c63d1.js?ver=4.3.8
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a4a22e1470a4ff84582efc40118c4954d74fc12cb5147eb40fb1675ce396896

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 33280
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 22:18:45 GMT
Server: cloudflare
ETag: W/"647fb0c5-6029"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECrsVcMCN3saMXg%2FTl4W%2BejvP%2FgV2WDaxcGEAad5Pt2GTeWDdZGigtH4jB%2Fg7VhuJTM6pmuBclFssFFAfZ%2BBhs0xzj36I97DFCUr%2BGqfifmlxVESjizYZGLEZkn5h7b7"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 81827277d86e9bd0-FRA
Expires: Sun, 22 Oct 2023 08:04:55 GMT

GET
H/1.1 200
OK style.min.css
hs-manacost.ru/wp-includes/css/dist/block-library/ 79 KB
11 KB 38ms
28ms Stylesheet
text/css 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 281458
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Jan 2022 21:02:08 GMT
Server: cloudflare
ETag: W/"61e87c50-13abe"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lqp90QmzI9P9qMrD%2Fq0v4qcl1nlYqcsNetf0NJ93g3yvGDy%2FVmkfQF4NRiHXm5h%2B%2FBltQwkGtf7FDCUH0D3X7hbsQjD8tZsj9Yimk%2BCxx7clCisD2uC6eCL8tOCXwOdd"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=345600
CF-RAY: 8182727779ad3804-FRA
Expires: Thu, 19 Oct 2023 11:08:37 GMT

GET
H/1.1 200
OK tamlier-css.css
hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/ 11 KB
3 KB 37ms
27ms Stylesheet
text/css 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/tamlier-css.css?ver=1.6.2
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25b213093105b60e543caea2a694ef1cad8a48ee9ea1d6b6df6ddf9830d3b55b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 330196
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 09:52:34 GMT
Server: cloudflare
ETag: W/"5f8578e2-2d0f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FSBB8E8kiBwjpAvojvHETxJxRjbCpXxpjXl1F3iJ9z8xVF70sr84ACWycM%2FuQQgNC%2BTYwVFwW77ylEb0HXq68vMkp5bfenvo55bH2xqtVSkyR1Jp6W%2FSlG2KTgV7Lsh"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=345600
CF-RAY: 818272777a795c20-FRA
Expires: Wed, 18 Oct 2023 21:36:19 GMT

GET
H/1.1 200
OK lightbox.css
hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/ 4 KB
2 KB 44ms
35ms Stylesheet
text/css 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/lightbox.css?ver=1.0
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ba3761638802c2c87ec7d2955577952dfbda09f42276b7fdb96842db756db18

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 273342
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 09:52:33 GMT
Server: cloudflare
ETag: W/"5f8578e1-e82"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzMeo2aMAc%2F5hB9vJRle%2Fzsko7XUZFgku9u6MAULq%2FZhQnwj2jaTG03aEO0oFKbUhCFDBA%2ByBHHuIwyXHt37cxHqYzZlZQQscK9sgQpx%2FS72UgVn1rGjoDzap7qpBFVi"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=345600
CF-RAY: 818272777c841e32-FRA
Expires: Thu, 19 Oct 2023 13:23:53 GMT

GET
H/1.1 200
OK tooltipster.bundle.min.css
hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/tooltipster/ 6 KB
2 KB 37ms
28ms Stylesheet
text/css 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/tooltipster/tooltipster.bundle.min.css?ver=1.0
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 696caf59faebf1ccd16126758a91f6ea232bf9650291498c129c1e0e2018d2cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5759
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 09:52:35 GMT
Server: cloudflare
ETag: W/"5f8578e3-195f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCKaSU13ppUHPqH%2FbjQBjgNeraaeo7pdk6KAl%2FSEvswHHpIY9rp1FwBkx7gRB0I%2B5RGHak9Vmotem88%2FVhuwpjkw0KCVUu20de%2BMKqkJ8t5aGnlidg0VWr6gi4d%2FyLpw"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=345600
CF-RAY: 8182727778281d90-FRA
Expires: Sun, 22 Oct 2023 15:43:36 GMT

GET
H/1.1 200
OK style.css
hs-manacost.ru/wp-content/plugins/td-composer/td-multi-purpose/ 68 KB
10 KB 38ms
29ms Stylesheet
text/css 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=1a221c8450bc290d78da968c50c142a1
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b4bc698d80481f8afd66930489c95d85e50f7a28a540483e485b82cc718f54

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 380
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 08:52:52 GMT
Server: cloudflare
ETag: W/"5f856ae4-10e72"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHC0M9kTPBIRjLoXET5ZFrGPJvPdxvsU9CT0ACt7ibvz8QOoJe%2FRzT55gXW4IIxKrp63CVofdwXFgsSB9PMx1beMq7MEafpsuITbpGV0EVAdop61g1WBSbKSUhTFpwgP"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=345600
CF-RAY: 818272777fbe9bd0-FRA
Expires: Sun, 22 Oct 2023 17:13:15 GMT

GET
H/1.1 200
OK td-multipurpose.css
hs-manacost.ru/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/ 11 KB
3 KB 81ms
40ms Stylesheet
text/css 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=1a221c8450bc290d78da968c50c142a1
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7626d7455b1748d1ab49d01e8034a4aa414f2ddb6c2feb221fc806ea075e6cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 109669
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 08:53:42 GMT
Server: cloudflare
ETag: W/"5f856b16-2c43"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BCY0fLw4vnyOUf6hJhhdAqP4SfgpHEL%2Be4Mx5WpU3fYEpZs9kKHFxSxADK38zlRrGoe0RXU614yoxGSp44uwv%2B%2BNkA8QEnONV8JGj%2BfgYuE5npeYgLGrMgcE3PG0sE3"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=345600
CF-RAY: 81827277bac45c20-FRA
Expires: Sat, 21 Oct 2023 10:51:46 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 39 KB
3 KB 29ms
21ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=PT+Sans%3A400%7CUbuntu%3A400%7CSue+Ellen+Francisco%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7COswald%3A500%2C600%7CMontserrat%3A400%2C700%7CFira+Sans%3A800%2C400%7CMerriweather%3A300%7CRubik%3A600%2C500%2C400%7COxygen%3A400&display=swap&ver=10.3.6.1

Requested by

Host: hs-manacost.ru
URL: http://hs-manacost.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bba625a9dd96edd0e013e82a6f44ccd3f11ebe4ed4248b8c8f666326b370c9c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Wed, 18 Oct 2023 17:19:35 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 18 Oct 2023 17:19:35 GMT

GET
H/1.1 200
OK style.css
hs-manacost.ru/wp-content/themes/Newspaper/ 152 KB
27 KB 56ms
16ms Stylesheet
text/css 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/themes/Newspaper/style.css?ver=10.3.6.1
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10e9c4e84392a52b537a947a5f73e38c67e27370c146a556a14a2d498c3f7757

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 288651
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 08:52:13 GMT
Server: cloudflare
ETag: W/"5f856abd-26091"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsdI1%2BaSPqOLwYQBXhpcd2jQhP1Zd8WZmc4%2FUa2y5WN9YYLE3mQkhCzaW%2Fpfx6OqaVpAedbVmtJIvOj23PEQ8Qncn7dszh2p3fjhVy5txdoZ6EQDoNRvo9rXUYpikHW0"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=345600
CF-RAY: 81827277b8701d90-FRA
Expires: Thu, 19 Oct 2023 09:08:44 GMT

GET
H/1.1 200
OK td_legacy_main.css
hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 359 KB
45 KB 79ms
39ms Stylesheet
text/css 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=1a221c8450bc290d78da968c50c142a1
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c55dec8b0816c5cf9afae9fabc358af3a0bce6ff5bcd49b6837820bcaaada2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 56835
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 08:54:04 GMT
Server: cloudflare
ETag: W/"5f856b2c-59c42"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2c%2B2RAFXZkGsqp54eyHzMW9vHwD07B5g%2FqQidKapMEwsDnKqDF9laph03a2Xo%2Ff4d%2FhHA5dBhP%2BGKr%2BA7AcrU%2BBjM9n7054XtD4g8NareGJfoPrX6vZ6DvELs6zGHzH"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=345600
CF-RAY: 81827277ba1e3804-FRA
Expires: Sun, 22 Oct 2023 01:32:20 GMT

GET
H/1.1 200
OK td_standard_pack_main.css
hs-manacost.ru/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 621 KB
55 KB 61ms
22ms Stylesheet
text/css 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=f0bb15f19d923f80d074525b9859334c
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86ab4c2b16af92602679b9ddf7aaf92e0d9ddc5111b8d869690474a7c453aefd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 10075
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 08:53:58 GMT
Server: cloudflare
ETag: W/"5f856b26-9b2fc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mc%2BMLuoSITfGiFQQbr0jrCXKPh0oY%2B58TqHwYKh7pDpTSzw1TDiZQ5nhrnToCWbKSBjXqnrSFmBRzALIKOwpdOP9GHoGlU48GXUi3gZTVJzd5xUpvzhan3%2FioYBQvr58"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=345600
CF-RAY: 81827277b81d9bd0-FRA
Expires: Sun, 22 Oct 2023 14:31:40 GMT

GET
H/1.1 200
OK tdb_less_front.css
hs-manacost.ru/wp-content/plugins/td-cloud-library/assets/css/ 106 KB
14 KB 58ms
16ms Stylesheet
text/css 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=a336a33b491e4d82f056f6bf77847b68
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6c9bc8ce916928662b05533df7f5b0eb11d7c3c2b5dc577738d43c4be6e41d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 273796
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 08:53:04 GMT
Server: cloudflare
ETag: W/"5f856af0-1a741"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWkct%2BfNaYxiZEM69vme7ANrwEAqImmLgXv3rzPsiA8mHmB3evTrr8oEn91F6ATEMkc8UAR2KUpYxBuFVVaVaRLE6hp6bKVCucwsEWpKX0Ygrc0eGLTln%2FlPGsVBSRzD"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=345600
CF-RAY: 81827277bce21e32-FRA
Expires: Thu, 19 Oct 2023 13:16:19 GMT

GET
H/1.1 200
OK jquery.min.js Show response
hs-manacost.ru/wp-includes/js/jquery/ 87 KB
31 KB 84ms
26ms Script
application/javascript 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 279055
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Jan 2022 21:02:08 GMT
Server: cloudflare
ETag: W/"61e87c50-15db1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJQx7soWjvk%2FP4aX2AnDyX5%2BKb6jxSkBlSCY6CLVUEUPzNnW6OQYi5MGRhNx%2Fok3%2BRUn%2FOFdI%2Fq8WVQZtY6ge174%2BlCOObXI2f9EPoj8JOSO%2B%2BihHpvphjATlQHQYn99"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 81827277d8a31d90-FRA
Expires: Thu, 19 Oct 2023 11:48:40 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
hs-manacost.ru/wp-includes/js/jquery/ 11 KB
5 KB 83ms
24ms Script
application/javascript 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 268692
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 08 Feb 2021 21:42:22 GMT
Server: cloudflare
ETag: W/"6021b03e-2bd8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCLtoMnLf0LvTyklW8Enftuk4msuUrTtHEhjZg1PT9gfQLgRhJYKV199Vcsxb23ygM1XH81fTdRowQimPDV0enPsQjaOT7WM8y7s9X%2F%2BjbkH7Fo7O4u4EDMI5H15MrFh"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 81827277dd121e32-FRA
Expires: Thu, 19 Oct 2023 14:41:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 49ms
22ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-47337854-2

Requested by

Host: hs-manacost.ru
URL: http://hs-manacost.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bac771de6a1dce46befc512cc0a0d73018814c19b7e2fccc07faaeb9fd5dafbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:19:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68422
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 16:15:53 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Oct 2023 17:19:35 GMT

GET
H/1.1 200
OK new-logo-20.png
hs-manacost.ru/wp-content/uploads/2020/03/ 14 KB
15 KB 19ms
19ms Image
image/webp 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2020/03/new-logo-20.png
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8961ea71db593737bc0b7f83547c95212e6b4bf94fac2b9b208d6a04d13b4d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 83539
Cf-Polished: origFmt=png, origSize=22272
Content-Disposition: inline; filename="new-logo-20.webp"
Connection: keep-alive
Content-Length: 14628
Cf-Bgj: imgq:100,h2pri
Last-Modified: Sat, 10 Oct 2020 14:10:32 GMT
Server: cloudflare
ETag: "5f81c0d8-5700"
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3FhjkW4Eq4cHM3jrE6N2eVIHUxPFOil4tPpqikcdmkYJxXcieiksy1lBBE1KEnCe97qjBRiR9873BuMTsbHuzO0j4YC0hoFKHHICfu%2FZhKXybB4OvOd9i905yfpVqNu"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827277de1abb7d-FRA
Expires: Sat, 21 Oct 2023 18:07:16 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
54 KB 65ms
57ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hs-manacost.ru
URL: http://hs-manacost.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfa8f5b4aea0641af77cda1aaab7e4c9b8db8a0543c88e40c899ae440ee6c139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54417
X-XSS-Protection: 0
Server: cafe
ETag: 8773306896724339292
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Wed, 18 Oct 2023 17:19:35 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
hs-manacost.ru/wp-includes/js/ 18 KB
6 KB 19ms
19ms Script
application/javascript 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 307904
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Jan 2022 21:02:08 GMT
Server: cloudflare
ETag: W/"61e87c50-4705"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EBbphgb71JbzaN6DPcWrfsj08Fd9uq00GJtDkBLcbskNgBPqsSWEh3haqkWMRtLtJo5wumQUD2Xj%2B%2F72pqk54AG4hIMoYpp%2F9en0EdfNTBLez%2FbxKrXdn46LActqokN"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 818272787bc35c20-FRA
Expires: Thu, 19 Oct 2023 03:47:51 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 8ms
7ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Oct 2023 17:21:43 GMT

GET
H2 200 lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vanilla-lazyload/10.5.2/ 4 KB
2 KB 49ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vanilla-lazyload/10.5.2/lazyload.min.js?ver=1.0

Requested by

Host: hs-manacost.ru
URL: http://hs-manacost.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

974b373aafebb2098c590c7ec80e9538cdd824d365234f7df5a101e47a98003c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:19:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7348619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1306
last-modified: Thu, 22 Jun 2023 11:21:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942ec5-51a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DY0p5A6YhtS4osk2TZCkFTmLalgHs9t6qb0bRXdPQG4Ozsw40Q6O1H7qFwrrT4RfcB502CLIkiJ0ruOnM8%2FLDH75ayfJdoP63UonxVXiggHoqWVv4v9Iv%2BMCd7v8QVINXJfiLIvgHT0IMG4MnEO29iKj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8182727828c11da8-FRA
expires: Mon, 07 Oct 2024 17:19:35 GMT

GET
H/1.1 200
OK lightbox.js Show response
hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/ 18 KB
6 KB 22ms
15ms Script
application/javascript 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/lightbox.js?ver=1.0
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8c206d37dcc271038a24b1833fa07afdc2f5c36c9b40c00090e5c07e2c7cea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 218321
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 09:52:33 GMT
Server: cloudflare
ETag: W/"5f8578e1-47ea"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VP08Oy7C1SwCaQFrEDyjGjfwf8DT328WZpZ8V1OblVRf7Pzz%2BPGoG3A%2BdUgkViS%2FMQbi8DUODNDC5dTNAak5IEk2zXWw8mbz%2FWUOnhAikj56v%2FLvjSQ0m7Jd6dI5%2Bhzx"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 8182727819081d90-FRA
Expires: Fri, 20 Oct 2023 04:40:54 GMT

GET
H/1.1 200
OK tooltipster.bundle.min.js Show response
hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/tooltipster/ 39 KB
11 KB 20ms
19ms Script
application/javascript 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/tooltipster/tooltipster.bundle.min.js?ver=1.0
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c8d5acbd3f03f921b6cd2da42ce3c396e1c7bfb4dc12d34fd2db196d9c5104

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 9680
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 09:52:35 GMT
Server: cloudflare
ETag: W/"5f8578e3-9bdc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlYhQPm6m6T%2FIsmOPLmaK3i%2BWErG6qQh4Ch8%2BfERkRQm3h%2BntOgCSNykMIeGcHDgBFTc7xofXcelj5w3wTdXCcfRsxOLy6nDbW8ctsvFdNpKHMQ18k1ehWTvy9piR0vx"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 81827278496e1d90-FRA
Expires: Sun, 22 Oct 2023 14:38:15 GMT

GET
H/1.1 200
OK tamlier-js.js Show response
hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/ 5 KB
2 KB 39ms
36ms Script
application/javascript 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/tamlier-js.js?ver=1.6.2
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e645ed07ede63f6548eb4a0106f61c6169aea5f06729605aa124fc073b12cf5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 94608
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 09:52:34 GMT
Server: cloudflare
ETag: W/"5f8578e2-131e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1ykwAo82jyqX0IOOlSWijLv3IODp67hGjiJztIdJrbuanOlgRzJgp2JsGHvEk%2BfjmbsjXvT5iTLY45Rkoe9nKBP73gVNi0BbhPqPmgjoOc4wqI%2FvBpOM8Gv3yUNqbqu"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 818272785b1f3804-FRA
Expires: Sat, 21 Oct 2023 15:02:47 GMT

GET
H/1.1 200
OK underscore.min.js Show response
hs-manacost.ru/wp-includes/js/ 19 KB
8 KB 48ms
45ms Script
application/javascript 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 92375
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Jan 2022 21:02:08 GMT
Server: cloudflare
ETag: W/"61e87c50-4a84"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zsj2W2%2BXf6%2BJmEP2ZhboJMWRuwNkFkdd0%2BJLj6f12c8yuACFtI1tBhF%2F%2BAXhA2Wm6F0PrN6dpypxg8YAtKfHBiaZ7O6t9kp%2FiKXg4ZNhoGGTylzuFmnXs4QWUF5HC16%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 818272785ec2bb7d-FRA
Expires: Sat, 21 Oct 2023 15:40:00 GMT

GET
H/1.1 200
OK js_posts_autoload.min.js Show response
hs-manacost.ru/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
3 KB 21ms
18ms Script
application/javascript 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=a336a33b491e4d82f056f6bf77847b68
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cabe179908a07a82354ff1cbfddcf460eef2cbc13b5e1fadce27b8cf02f653a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 275583
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 08:53:05 GMT
Server: cloudflare
ETag: W/"5f856af1-13f5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDCU7OfMJcLyU6euJlcM1VIlzPY0672zQ81eb0VOKWC1Z1Y5VeW1cVd0vFxgTtF%2F6AeeSTpVeJkCY9DN6rJnpkjzAEkqPuSpa79MFbgAvm8NLfnlO8kUU3%2FqZpAL9cCj"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 8182727849509bd0-FRA
Expires: Thu, 19 Oct 2023 12:46:32 GMT

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/js/ 223 KB
53 KB 25ms
22ms Script
application/javascript 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.6.1
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b29b2b93b8083ce2836033f1d911f2aa6dab2438463d9b27d31c8dae947f2e0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 271339
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 09:52:54 GMT
Server: cloudflare
ETag: W/"5f8578f6-37d7a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwLJyLyiqgSqj6Fz3rYRWsxy2vwfgxHlcGRny%2FIb2LhgAWZs%2B3%2Bmd2gA%2B78eeQ7kbYf3leofrXAh9GUppPGa02pEGrzbjFq0aSu3wc9QzGAxf%2F4kZgzy4eucvWRCSumQ"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 818272785def1e32-FRA
Expires: Thu, 19 Oct 2023 13:57:16 GMT

GET
H/1.1 200
OK comment-reply.min.js Show response
hs-manacost.ru/wp-includes/js/ 3 KB
2 KB 29ms
26ms Script
application/javascript 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-includes/js/comment-reply.min.js?ver=5.8.3
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 197895
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Jan 2022 21:02:08 GMT
Server: cloudflare
ETag: W/"61e87c50-ba8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oqH0WztBXvh8SZEIA%2BBdnDlC0v9dasjYfPMG3gq%2BxrAnZMzaZ4keUwlOlnWhUJHV1ca%2FqZFKaG21A30PLljlBRpPFZwwJXaPFVLDvkR%2BbGXJwC1Fh9%2Fburr4MwHoSNz"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 818272784b925c20-FRA
Expires: Fri, 20 Oct 2023 10:21:20 GMT

GET
H/1.1 200
OK js_files_for_front.min.js Show response
hs-manacost.ru/wp-content/plugins/td-cloud-library/assets/js/ 24 KB
7 KB 19ms
18ms Script
application/javascript 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=a336a33b491e4d82f056f6bf77847b68
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9004ebb7f009e6bd5a717c9a86956a099ae98f4baa38c773eee3ccb22ef0f353

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 282797
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 08:53:05 GMT
Server: cloudflare
ETag: W/"5f856af1-60c5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mn3VkqlP5ptSZYD9wHUn0zDO54yKFcFuV2741%2BziuTHRSpSz6xYn%2Bhur6YK0SQMID4U7s3o8WwR5%2BcU8kWStAHo6BImtN40DvJnlP50CYGPGoy%2BohIjutl8rGqdlLIbk"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 8182727879859bd0-FRA
Expires: Thu, 19 Oct 2023 10:46:18 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
hs-manacost.ru/wp-includes/js/ 1 KB
1 KB 22ms
22ms Script
application/javascript 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-includes/js/wp-embed.min.js?ver=5.8.3
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 138954
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 08 Feb 2021 21:42:22 GMT
Server: cloudflare
ETag: W/"6021b03e-592"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEybGmg%2FYaevUq9kDfwkk3o9Xny32%2BHOVUrD%2F39Ui0k6sAFZD19nA24a1PHXs69xbyAFV7IMJudqddBP%2F3m%2BYiO60545H7CHk3Oe2GsuHnRiKYNC6cqsz8z24%2BSqqzl2"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 818272787e331e32-FRA
Expires: Sat, 21 Oct 2023 02:43:41 GMT

GET
H/1.1 200
OK walls-2023-08.jpg
hs-manacost.ru/wp-content/uploads/2023/08/ 122 KB
123 KB 34ms
23ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/08/walls-2023-08.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6bc7d2487b880830db5f6f7bf7bcda27504278a177e17a34d58013a436d85be

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 34710
Cf-Polished: origSize=128615
Connection: keep-alive
Content-Length: 125198
Cf-Bgj: imgq:100,h2pri
Last-Modified: Tue, 01 Aug 2023 20:36:59 GMT
Server: cloudflare
ETag: "64c96ceb-1f667"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RUhX7zlfc2fDvmgpIe5G4HHnMcKJFd8t5%2BVT%2FDdI46iLp8CbWmD4VsyTLYU77elaex2pCAoPr5fCu36fplOK4t%2Ft1%2FpC6KmypTMrosAYamww2pHu28HOEkmKsEcnee%2B"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 8182727869ad1d90-FRA
Expires: Sun, 22 Oct 2023 07:41:05 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ungoro-buffs-cover-1068x542.jpg
hs-manacost.ru/wp-content/uploads/2023/10/ 108 KB
108 KB 186ms
185ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/10/ungoro-buffs-cover-1068x542.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0a284d1e17384555e1e0c4fdf0a793bdd1aa5a24c0a95a77bf8599713dea3ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 18 Oct 2023 15:42:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "652ffcce-1ae80"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U61y7wYJQJX6OYzM4HPFs4MJenPWlLiLfMa6snrA0DvseHue7UJHWAUUryHXQr2H%2BIngFDrmhLewUs2w76BEwRKSAIv%2BXWwy4LSC2NrrUdfqiDrTdwjFZpJ%2FuBYI6%2BVL"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 818272788b813804-FRA
Content-Length: 110208
Expires: Sun, 22 Oct 2023 17:19:35 GMT

GET
H/1.1 200
OK titan-voin-1068x542.jpg
hs-manacost.ru/wp-content/uploads/2023/08/ 108 KB
108 KB 31ms
30ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/08/titan-voin-1068x542.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f6b26827d6ae9973e1941b4235a28dac3ea919780c0d85900e8535dd3c9043

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 31606
Cf-Polished: origSize=110812
Connection: keep-alive
Content-Length: 110196
Cf-Bgj: imgq:100,h2pri
Last-Modified: Thu, 24 Aug 2023 15:19:56 GMT
Server: cloudflare
ETag: "64e7751c-1b0dc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baOaBI6%2BvrfbEER%2FxFtbp4l7N9oOwUn3mrLX%2BfGo%2F6emM2pMEHFuKmwUqgon48NR%2BSkmrQ4m8No5TktJgS6idIA2af5wuyHkCKAz5YiCzqp3okbEQiCSvRYts425Ndko"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 8182727899ba9bd0-FRA
Expires: Sun, 22 Oct 2023 08:32:49 GMT

GET
H/1.1 200
OK badlands-expansion-1068x542.jpg
hs-manacost.ru/wp-content/uploads/2023/10/ 112 KB
112 KB 18ms
18ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/10/badlands-expansion-1068x542.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e931aa67638e25af700eab2819353caf70c40e704d520988ddbcd642e5c1a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 78652
Cf-Polished: origSize=114870
Connection: keep-alive
Content-Length: 114240
Cf-Bgj: imgq:100,h2pri
Last-Modified: Tue, 17 Oct 2023 18:24:40 GMT
Server: cloudflare
ETag: "652ed168-1c0b6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPA1934jsKTnIJYqlKl3aPHU2J2RiRuXy8XNIyRyezFCikomwXHM5TZOdazrPvLDMwGl5U7vX8A9fmHjBMAzPP9yxpMmT9fvONby6hX7MnovRRl19FgLJf4mMtr%2BDTZP"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272789a021d90-FRA
Expires: Sat, 21 Oct 2023 19:28:43 GMT

GET
H/1.1 200
OK patch-cover-1068x542.jpg
hs-manacost.ru/wp-content/uploads/2023/10/ 104 KB
104 KB 21ms
19ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/10/patch-cover-1068x542.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a55bf8a57166d8406812e6da2d0f58eae4bb63abc11850ac2f7fc809df9d4135

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 69706
Cf-Polished: origSize=106834
Connection: keep-alive
Content-Length: 106195
Cf-Bgj: imgq:100,h2pri
Last-Modified: Tue, 17 Oct 2023 21:12:34 GMT
Server: cloudflare
ETag: "652ef8c2-1a152"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiA4B%2Bx13us1XE31n2Yr87Snz7Er%2Fzf9zG9pGdxdmkR1%2BJxhwEju7WygEJ5BccSkYZw2aAOHjGI%2BoMzpsiyFIMIO3zlv29qUUks1b9oZaiVQ%2FNycVgTtSd%2F0yz4TIaum"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272789bf05c20-FRA
Expires: Sat, 21 Oct 2023 21:57:49 GMT

GET
H/1.1 200
OK badlands-cover-1068x542.jpg
hs-manacost.ru/wp-content/uploads/2023/10/ 65 KB
66 KB 20ms
19ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/10/badlands-cover-1068x542.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ef8428d088835a0cb912c174920542986853088f2bf6d6cb8c7804c2e3d2ca8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 99027
Cf-Polished: origSize=67847
Connection: keep-alive
Content-Length: 66862
Cf-Bgj: imgq:100,h2pri
Last-Modified: Tue, 17 Oct 2023 13:42:46 GMT
Server: cloudflare
ETag: "652e8f56-10907"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fp5Hc7TNsIuVtEIDf0CiD8Ut8EF2isj1AfNqzNw3Sxh2lahD5IvCYXKJqw3RYVjXwmiiBj5LKGSKmYzGajMWGvwZC6pouZHQXdtd4hDbfynVnXfpbDMsXqVXYAoiU%2Fql"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827278ae811e32-FRA
Expires: Sat, 21 Oct 2023 13:49:08 GMT

GET
H/1.1 200
OK enrage-warrior-cover-1068x542.jpg
hs-manacost.ru/wp-content/uploads/2023/10/ 128 KB
129 KB 31ms
29ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/10/enrage-warrior-cover-1068x542.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89cf01806cd6d6d20c9bcd3d4d25293d8638aeb80f87ccdc7e04dd0ccd45a7c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 172735
Cf-Polished: origSize=132260
Connection: keep-alive
Content-Length: 131533
Cf-Bgj: imgq:100,h2pri
Last-Modified: Mon, 16 Oct 2023 16:00:41 GMT
Server: cloudflare
ETag: "652d5e29-204a4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPPMWhvQT18MW5xsvvi6Ons7ANjAYf5HypQpseOQRKHTI3EfUgbqORq8IWxyAX2%2BClbtIb2hNIjchmI6L4z6wHIIe%2B5pAiwfudpS8eF9uznGZ9ZHUCY4%2BnMBMnsU7VZ5"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827278af37bb7d-FRA
Expires: Fri, 20 Oct 2023 17:20:40 GMT

GET
H/1.1 200
OK badlands-expansion-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/10/ 56 KB
57 KB 19ms
19ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/10/badlands-expansion-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96320c0da3e53648c563f8decc57aba83007ce0328a172ff6bbf32c5ec9531ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 57182
Cf-Polished: origSize=58096
Connection: keep-alive
Content-Length: 57844
Cf-Bgj: imgq:100,h2pri
Last-Modified: Tue, 17 Oct 2023 18:24:40 GMT
Server: cloudflare
ETag: "652ed168-e2f0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y05JQJDsEF1OkF9gNk9Xqwc5aPvkKrBmML%2F4yJkNTxFaQWHytYguW2aYHrbNa48Q2kspyF%2BymUm6Qj4S%2BvEy2uYv1rRsFvZXBOhr5duyD9c54R2YSIu1B5cyLNX%2BtvAP"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827278cead1e32-FRA
Expires: Sun, 22 Oct 2023 01:26:33 GMT

GET
H/1.1 200
OK %D0%9D%D0%B5%D1%87%D0%B5%D1%81%D1%82%D0%BD%D1%8B%D0%B5-%D1%88%D0%B0%D1%85%D0%BC%D0%B0%D1%82%D1%8B-%D1%84%D0%B5%D0%B2%D1%80%D0%B0%D0%BB%D1%8C-2022-696x353.jpg
hs-manacost.ru/wp-content/uploads/2021/01/ 36 KB
36 KB 22ms
21ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2021/01/%D0%9D%D0%B5%D1%87%D0%B5%D1%81%D1%82%D0%BD%D1%8B%D0%B5-%D1%88%D0%B0%D1%85%D0%BC%D0%B0%D1%82%D1%8B-%D1%84%D0%B5%D0%B2%D1%80%D0%B0%D0%BB%D1%8C-2022-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9390605b9d30588396ffdf940cdb1c67a6499cb0605e1cf423bff43971fa005

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 261882
Cf-Polished: origSize=36843
Connection: keep-alive
Content-Length: 36537
Cf-Bgj: imgq:100,h2pri
Last-Modified: Wed, 16 Feb 2022 18:28:56 GMT
Server: cloudflare
ETag: "620d4268-8feb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5MChqUXO%2Fh%2FN%2BR6RIiX0hiRNNnz%2FcpATgD1SFyiNwTOm5gq2Mrx2OvC4SMGagXPEqfUGjQlPSJpe8cOHzclbhRcQORcYjz4rKxInCoqmKC2EYR6b4Ihono1cS9z9126"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827278da2b9bd0-FRA
Expires: Thu, 19 Oct 2023 16:34:53 GMT

GET
H/1.1 200
OK vs-276-cover-1068x542.jpg
hs-manacost.ru/wp-content/uploads/2023/08/ 109 KB
110 KB 20ms
19ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/08/vs-276-cover-1068x542.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9112d28c886a6ffb88906db6b74cf1fc6d91e6bb6c14c2658c85a6fdfc596e88

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 21738
Cf-Polished: origSize=112284
Connection: keep-alive
Content-Length: 111691
Cf-Bgj: imgq:100,h2pri
Last-Modified: Fri, 13 Oct 2023 17:46:52 GMT
Server: cloudflare
ETag: "6529828c-1b69c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7SbanZFQAoyv4%2FYocLMTu4T3rCzvWWECK6bSEOqq2nv5TlNLEqkdaxGiDg8XAbqr2HqiMGRh9UHq04l2JDO0yx3sTCbw7ssSzIQw5QMePM%2F2v27%2FHNhioh5FCFfuwTX"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827278dc455c20-FRA
Expires: Sun, 22 Oct 2023 11:17:17 GMT

GET
H/1.1 200
OK etc_Zveri_Bg-1068x542.jpg
hs-manacost.ru/wp-content/uploads/2023/06/ 115 KB
116 KB 21ms
20ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/06/etc_Zveri_Bg-1068x542.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 556cba26c52776d732b7f3e0545dfd3490d43db92705f7f6046b42a706272c71

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 220068
Cf-Polished: origSize=118173
Connection: keep-alive
Content-Length: 117729
Cf-Bgj: imgq:100,h2pri
Last-Modified: Thu, 01 Jun 2023 14:26:05 GMT
Server: cloudflare
ETag: "6478aa7d-1cd9d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqByxld4e2keqyHFpyBLRoER665sMjD21mn6xIB%2BxJEHWERZ%2BHM3NJBGiWB2K3lREgmokcUu%2BjEUeDo4rwtGc9JlYOhiol2NhV%2BNchyQdWbOfuWzerIkznUTViBgs1fb"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827278df76bb7d-FRA
Expires: Fri, 20 Oct 2023 04:11:47 GMT

GET
H/1.1 200
OK titan-bg-anomaly-1068x542.jpg
hs-manacost.ru/wp-content/uploads/2023/08/ 120 KB
120 KB 23ms
20ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/08/titan-bg-anomaly-1068x542.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67e6a99ab83ddaf7354c4f3dffbbe0c274322306e2bc5e2b134ae5e46e45dc71

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 108232
Cf-Polished: origSize=123283
Connection: keep-alive
Content-Length: 122533
Cf-Bgj: imgq:100,h2pri
Last-Modified: Mon, 28 Aug 2023 14:10:06 GMT
Server: cloudflare
ETag: "64ecaabe-1e193"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwJr3EXw6BAQKZ1VdIED7LArTQgiZAF5fXgqTpwTubGPnsmox6eYNeZ7qdK8ZefIEAt8hJ5cnNZWDdXqP8X9HWHhKXwzNBkN5bITTEouQzIam6uHQmWsgLtOu9tAY0ra"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827278feef1e32-FRA
Expires: Sat, 21 Oct 2023 11:15:43 GMT

GET
H/1.1 200
OK budget-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/08/ 68 KB
69 KB 20ms
19ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/08/budget-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24dc9091915123031e1eb5b97b09249ac3a9f9a1c07926ecfc40a874f4526648

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 133431
Cf-Polished: origSize=70300
Connection: keep-alive
Content-Length: 70114
Cf-Bgj: imgq:100,h2pri
Last-Modified: Sun, 20 Aug 2023 12:36:26 GMT
Server: cloudflare
ETag: "64e208ca-1129c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reqkk%2BMjBOdQnb3zuhJVHt%2B%2BrhEOX2cLeUK5xphA2thOnxNiiPlOHWaaXGhsoiJ%2BMlLc5HzqgT140EI7GRHHVWGAnrEsMJ7kkWe3gDmBBuu0PHOh6RcLh6m90kjZwQDI"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827278fa8b1d90-FRA
Expires: Sat, 21 Oct 2023 04:15:44 GMT

GET
H/1.1 200
OK duels-cover-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/10/ 76 KB
76 KB 195ms
195ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/10/duels-cover-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad4af6b233ddb2f8080e7ae46eb66d026308ea7dc08df2944d119e147cf38e55

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:36 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 11 Oct 2023 13:29:10 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "6526a326-12ef6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCM1So3OzC6LDP3b%2FJGU97Sw2j64dz1RzYONl6rg1Pfd%2Bw7spRNCrad41XofgCAEnxTFRdWcBEoSdfG73uTvbZvHSwCrMoBBdqhfmcPAx83HhTEC4mHUZnL4HYtXr%2BrS"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 81827278fa519bd0-FRA
Content-Length: 77558
Expires: Sun, 22 Oct 2023 17:19:35 GMT

GET
H/1.1 200
OK kolody-cover-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/09/ 74 KB
75 KB 32ms
27ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/09/kolody-cover-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6defdf3a39eebbb568c505087de9214fde2c0c203bf62be38b3018d65f862ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 112088
Cf-Polished: origSize=76221
Connection: keep-alive
Content-Length: 75982
Cf-Bgj: imgq:100,h2pri
Last-Modified: Fri, 29 Sep 2023 12:23:47 GMT
Server: cloudflare
ETag: "6516c1d3-129bd"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FmyNf7XxJXf02qGxKS4wnyl6qo5Y%2BIA3FxzS%2BbINV3pEGdIh%2FzOiMbBl7xuarfy%2BkJeVlRqxOcAycUNDudAJy%2F%2BKMhCzjT4GI7nrFfWPfNyUQWpYtyhNBDZIU1QCrd%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272790cb65c20-FRA
Expires: Sat, 21 Oct 2023 10:11:27 GMT

GET
H/1.1 200
OK %D0%A2%D0%BE%D0%BF-7-%D0%9A%D0%B0%D1%80%D1%82-%D0%9F%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F-%D0%A3%D0%BB%D1%8C%D0%B4%D1%83%D0%BC%D0%B0%D1%80%D0%B0-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/09/ 48 KB
49 KB 20ms
19ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/09/%D0%A2%D0%BE%D0%BF-7-%D0%9A%D0%B0%D1%80%D1%82-%D0%9F%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F-%D0%A3%D0%BB%D1%8C%D0%B4%D1%83%D0%BC%D0%B0%D1%80%D0%B0-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b96afd49383f3577a231dbd970e90067d058357c53347cd89d76fcd23886c444

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 21618
Cf-Polished: origSize=49343
Connection: keep-alive
Content-Length: 48959
Cf-Bgj: imgq:100,h2pri
Last-Modified: Sat, 23 Sep 2023 10:48:30 GMT
Server: cloudflare
ETag: "650ec27e-c0bf"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PQOTW%2BXbGHRXxBgHaqHLWjZ%2BMX0Wvq%2B3jxdzxrVuLx7fk%2BO7kMyjntk0QvJWQrrAiOAS8EfLgUbDmK6DdI1gJbuuy48DImId0jXyQOsl8Yte6IlbLh3ffcTI7YVpmE%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272790fafbb7d-FRA
Expires: Sun, 22 Oct 2023 11:19:17 GMT

GET
H/1.1 200
OK obzor-padenie-ulduara-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/09/ 64 KB
65 KB 19ms
19ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/09/obzor-padenie-ulduara-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cdd8ddabb77ec078802845fb7784d95acf41f7a219c7ff92473ba1af8a62a44

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 261413
Cf-Polished: origSize=65500
Connection: keep-alive
Content-Length: 65286
Cf-Bgj: imgq:100,h2pri
Last-Modified: Tue, 19 Sep 2023 14:00:41 GMT
Server: cloudflare
ETag: "6509a989-ffdc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z44Oa0hh23k1cFbGuwgm%2FVcPAE37aWp2a8rxkwITIWtMZe90dMM5%2FRPNmCN6g%2F%2BFdK9kg86Z4%2FzEtmwi5IQcTJMZlvcULWgddnXpPu%2Fx3cQ%2FYfjG3W63PK1dP4%2Blwrat"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272791ac41d90-FRA
Expires: Thu, 19 Oct 2023 16:42:42 GMT

GET
H/1.1 200
OK %D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B5-%D1%81%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%B0-%D0%9F%D0%A1-%D1%81%D0%B5%D0%BD%D1%82%D1%8F%D0%B1%D1%80%D1%8C-2023-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/09/ 59 KB
59 KB 21ms
21ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/09/%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B5-%D1%81%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%B0-%D0%9F%D0%A1-%D1%81%D0%B5%D0%BD%D1%82%D1%8F%D0%B1%D1%80%D1%8C-2023-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1b70c9cd1a3d6dd444588fe022d21a6de7a102ede8e4b4f6a2401d0efeba8cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 82595
Cf-Polished: origSize=60292
Connection: keep-alive
Content-Length: 60007
Cf-Bgj: imgq:100,h2pri
Last-Modified: Sat, 16 Sep 2023 10:28:02 GMT
Server: cloudflare
ETag: "65058332-eb84"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkOaSJw4YGwIfjRH%2F%2FcTYIcv%2Fn%2BhRVWFJAHTu%2FK%2B6DT4mWKK1Zq2o5qXlng%2BdWpF8XDBA%2Bzjfg0%2B2y%2FDwTVl1JjZ38wzCOjLepIEjQQciyINOB9zzlmngSFldlSdS%2F0q"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272791f261e32-FRA
Expires: Sat, 21 Oct 2023 18:23:00 GMT

GET
H/1.1 200
OK %D0%A2%D0%BE%D0%BF-10-%D0%BB%D0%B5%D0%B3%D0%B5%D0%BD%D0%B4%D0%B0%D1%80%D0%BE%D0%BA-%D0%A2%D0%98%D0%A2%D0%90%D0%9D%D0%AB-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/08/ 58 KB
59 KB 18ms
18ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/08/%D0%A2%D0%BE%D0%BF-10-%D0%BB%D0%B5%D0%B3%D0%B5%D0%BD%D0%B4%D0%B0%D1%80%D0%BE%D0%BA-%D0%A2%D0%98%D0%A2%D0%90%D0%9D%D0%AB-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cc9df6d2c5167afbcd0bb3ec6a037e51dea066690bca93a1b5b5e92f7a692f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 375
Cf-Polished: origSize=59614
Connection: keep-alive
Content-Length: 59406
Cf-Bgj: imgq:100,h2pri
Last-Modified: Sat, 05 Aug 2023 10:36:01 GMT
Server: cloudflare
ETag: "64ce2611-e8de"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4P8qHQm3L8xZaIpfytSgnOAmNBoOZpHUlRq3Xzva%2FavUkeDqwswO5oaG6f9dpkxp%2ByLjPND%2FGckVP4JTa7jbvzlWiD5R0bjSp6rDBP6dYiyWnI6CtEuSndxFzxuMMc1"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272792fe1bb7d-FRA
Expires: Sun, 22 Oct 2023 17:13:20 GMT

GET
H/1.1 200
OK minka-1-485x360.jpg
hs-manacost.ru/wp-content/uploads/2020/08/ 57 KB
57 KB 22ms
21ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2020/08/minka-1-485x360.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7f9ac1ec91ffec3e3529000201e42fe8c3a3ee64de8a1c6f1f7a589ad1814a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 72560
Cf-Polished: origSize=9130392
Connection: keep-alive
Content-Length: 57952
Cf-Bgj: imgq:100,h2pri
Last-Modified: Sat, 10 Oct 2020 14:10:32 GMT
Server: cloudflare
ETag: "5f81c0d8-8b5198"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyYGNQ0lrwertU%2BE4bfcudPGHpbDDl30XCxuS3xrEgrqmnJchb204SQ17oTlwOBKxnQOHWf6PWgkoHcFtGYEXtWrqK2wfDUH5IkQX5Z6fs8X3dIQaHDuZcWn4OttHF98"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272793cfb5c20-FRA
Expires: Sat, 21 Oct 2023 21:10:15 GMT

GET
H/1.1 200
OK %D0%BC%D0%B8%D0%BD%D1%8C%D0%BA%D0%B0-%D0%B0%D1%85%D0%B0%D0%BB%D0%B0%D0%B9-485x360.jpg
hs-manacost.ru/wp-content/uploads/2021/01/ 59 KB
60 KB 20ms
19ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2021/01/%D0%BC%D0%B8%D0%BD%D1%8C%D0%BA%D0%B0-%D0%B0%D1%85%D0%B0%D0%BB%D0%B0%D0%B9-485x360.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd37b7fbbdcd051bb6c25428855a661026d01a10749deedf617f89fcaf71fac4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 112732
Cf-Polished: origSize=61017
Connection: keep-alive
Content-Length: 60577
Cf-Bgj: imgq:100,h2pri
Last-Modified: Mon, 18 Jan 2021 08:30:36 GMT
Server: cloudflare
ETag: "6005472c-ee59"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXTlDVcHstkPvkbzrw0NXclzHzOpeathY7kZL68jDn4F6c1pXpKdE9KtO5xQgy5D5A%2B7h4SQhUqRW18gbtlFEFZEHDKBJMi7woRKvzLcmrbPWb%2Bcnos5Ig4yW%2B2yDjXM"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272793af91d90-FRA
Expires: Sat, 21 Oct 2023 10:00:43 GMT

GET
H/1.1 200
OK Navila-BG-guide-485x360.jpg
hs-manacost.ru/wp-content/uploads/2023/10/ 47 KB
47 KB 21ms
21ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/10/Navila-BG-guide-485x360.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d0e20d9b3815236e5bab2bbe7c89ebc1a36db698432641632230928a9232465

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 170523
Cf-Polished: origSize=48044
Connection: keep-alive
Content-Length: 47688
Cf-Bgj: imgq:100,h2pri
Last-Modified: Sun, 08 Oct 2023 06:41:01 GMT
Server: cloudflare
ETag: "65224efd-bbac"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiJ3I9lzhBCKOjb2GkmdPgAGfBZHc08DykT0ErqzJH8GqTLPPdDBnSsEnEPDkeDifjFn4l7%2FYcVU%2Bm%2FG5qu4P9l4m6f%2F3ygW7Ie%2FXmEZ8aVrwVZE5Zqu%2FEn5zzWJ%2F2X9"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272793f641e32-FRA
Expires: Fri, 20 Oct 2023 17:57:32 GMT

GET
H/1.1 200
OK etc_Zveri_Bg-485x360.jpg
hs-manacost.ru/wp-content/uploads/2023/06/ 44 KB
44 KB 22ms
22ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/06/etc_Zveri_Bg-485x360.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 574e82692321e554bc0786be6586c760f036dc1e177c768e0030d4e081745a6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 108232
Cf-Polished: origSize=44769
Connection: keep-alive
Content-Length: 44573
Cf-Bgj: imgq:100,h2pri
Last-Modified: Thu, 01 Jun 2023 14:26:00 GMT
Server: cloudflare
ETag: "6478aa78-aee1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMCMknnfE1zypiapcWdgnG9BhxWpJpLdUCr7V1fvl073%2F4VFDXlv6zWPHecwfpimdHkGdW7uaV%2B2XFOlmFJ95l6DDZtOipgiUxbX4WaT0B1kAI4LpLXn6ihVslaAJmw%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827279480abb7d-FRA
Expires: Sat, 21 Oct 2023 11:15:43 GMT

GET
H/1.1 200
OK titan-bg-anomaly-485x360.jpg
hs-manacost.ru/wp-content/uploads/2023/08/ 48 KB
49 KB 24ms
24ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/08/titan-bg-anomaly-485x360.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f17aba5dec1493506b18e3eddb13b473e74aea389721f7c5d3ff20a688320c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 57182
Cf-Polished: origSize=49635
Connection: keep-alive
Content-Length: 49309
Cf-Bgj: imgq:100,h2pri
Last-Modified: Mon, 28 Aug 2023 14:10:05 GMT
Server: cloudflare
ETag: "64ecaabd-c1e3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdHotq1lGtxkTrpobREbANGr2z5ep3KzV%2BR6hOkyFcoNdNw5GJktf5U0UFryRsxEL4IjpTsLMmsl%2FSURko7Jdy9%2FBCfL0y2vSikq59u47MJW6hYdhcpN1kX3Sn04wauS"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272795d325c20-FRA
Expires: Sun, 22 Oct 2023 01:26:33 GMT

GET
H/1.1 200
OK rylak-cover-485x360.jpg
hs-manacost.ru/wp-content/uploads/2023/06/ 51 KB
52 KB 20ms
20ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/06/rylak-cover-485x360.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e30ff813ae5703978b06a4c7bafd9e41494123b8d6fdf746de05d9777a620963

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 136500
Cf-Polished: origSize=52272
Connection: keep-alive
Content-Length: 52036
Cf-Bgj: imgq:100,h2pri
Last-Modified: Fri, 09 Jun 2023 12:19:55 GMT
Server: cloudflare
ETag: "648318eb-cc30"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vNxiZaOKCyZCwGjsieGkRRQIWU7ZDkGqVG8zX9w2IV0nmGhMByGHTIse3BVJECYpe5j5kXJaRMGMAg7uNLECrq011xrTnPImFdNV0PQvz1Rtn9DK5EyLlMJ6o4%2BslQq"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272795b2a1d90-FRA
Expires: Sat, 21 Oct 2023 03:24:35 GMT

GET
H/1.1 200
OK universalnye-pervye-khody-polei_774_-srazhenii_774-485x360.jpg
hs-manacost.ru/wp-content/uploads/2019/11/ 28 KB
28 KB 22ms
22ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2019/11/universalnye-pervye-khody-polei_774_-srazhenii_774-485x360.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 765228dfe8a6a989d4bba8e836bb935be2713fdfc31de9dd8183af97d74cba44

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 202091
Cf-Polished: origSize=28670
Connection: keep-alive
Content-Length: 28329
Cf-Bgj: imgq:100,h2pri
Last-Modified: Sat, 10 Oct 2020 14:10:32 GMT
Server: cloudflare
ETag: "5f81c0d8-6ffe"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BU6hgWy5eMHwJpbkxpUoMHGIpfqp3DKyPbepN5vj806LTXc0DHvMA4VjhhtW97vkFlfOx90BJ5BE15S7fTl%2Fg5DfXZtvMJJMgr66otZNdDWLVgRWtXDlV24dJI5%2BtdFT"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272796fa11e32-FRA
Expires: Fri, 20 Oct 2023 09:11:24 GMT

GET
H/1.1 200
OK tir_list_geroev_polei_774_srazhenii_774-485x360.jpg
hs-manacost.ru/wp-content/uploads/2021/09/ 48 KB
49 KB 17ms
16ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2021/09/tir_list_geroev_polei_774_srazhenii_774-485x360.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d829d2df5daa4d52955f9c24b78709ffdc0e0f3baaef83897a75adb9a27fbc2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 107869
Cf-Polished: origSize=49435
Connection: keep-alive
Content-Length: 49022
Cf-Bgj: imgq:100,h2pri
Last-Modified: Sat, 25 Sep 2021 09:06:55 GMT
Server: cloudflare
ETag: "614ee6af-c11b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNSHK%2FJ%2F3qcUCYNwcirgAjFHp6cZQ4m5%2Bf5SyxGNIeY2cro88zlVSLnTqThdc1snLAgnkJ2PXSzfhXIhV26eItc9XJNa53QBe%2B1WjNgTJQFuuilUq%2B7RAkCoiMHQmXyo"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827279784dbb7d-FRA
Expires: Sat, 21 Oct 2023 11:21:46 GMT

GET
H/1.1 200
OK %D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B5-%D1%81%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%B0-%D0%9F%D0%A1-%D1%81%D0%B5%D0%BD%D1%82%D1%8F%D0%B1%D1%80%D1%8C-2023-485x360.jpg
hs-manacost.ru/wp-content/uploads/2023/09/ 41 KB
41 KB 35ms
34ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/09/%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B5-%D1%81%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%B0-%D0%9F%D0%A1-%D1%81%D0%B5%D0%BD%D1%82%D1%8F%D0%B1%D1%80%D1%8C-2023-485x360.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52bf5f128982937c5a6829348e74eebb82284c4018ec1dd2880d140bf5392dba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 178451
Cf-Polished: origSize=41763
Connection: keep-alive
Content-Length: 41511
Cf-Bgj: imgq:100,h2pri
Last-Modified: Sat, 16 Sep 2023 10:28:02 GMT
Server: cloudflare
ETag: "65058332-a323"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sToj42YSR6UzAGCb32q6GoZ4HAyJQLzBUib9mKzkw144wG9BDJ2FsNffoNCvv3L%2Ft0Opy%2BX3bpj899O3rIVSUgo4sDEyuu5%2BhqzTEOmRDu4tpMCyBsaYFtfrh0DB0EH%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272798b5d1d90-FRA
Expires: Fri, 20 Oct 2023 15:45:24 GMT

GET
H/1.1 200
OK titan-voin-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/08/ 55 KB
56 KB 30ms
30ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/08/titan-voin-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9dc3563f6c40da5e62da2b5bd009a1687c2afac35b82745c8bc35cb563c203

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 27178
Cf-Polished: origSize=56737
Connection: keep-alive
Content-Length: 56529
Cf-Bgj: imgq:100,h2pri
Last-Modified: Thu, 24 Aug 2023 15:19:57 GMT
Server: cloudflare
ETag: "64e7751d-dda1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZI4b2n5IJj6qnErSpWsvknRwGPyX8yAz2SVdYPi2joHq2X2iLj90L5oBsiIBFsFtkpOsVpcvDG70LAaW2jQW6ZVJi7v4dR1kco5RgaDzg%2Bvk7iee700TyPEdVL9L%2BJuf"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272798d985c20-FRA
Expires: Sun, 22 Oct 2023 09:46:37 GMT

GET
H/1.1 200
OK enrage-warrior-cover-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/10/ 66 KB
67 KB 18ms
17ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/10/enrage-warrior-cover-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbcc8c870439624901c7eff2dc36b56fe65a677763cd65824f3135df3bafa970

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 163035
Cf-Polished: origSize=67999
Connection: keep-alive
Content-Length: 67672
Cf-Bgj: imgq:100,h2pri
Last-Modified: Mon, 16 Oct 2023 16:00:40 GMT
Server: cloudflare
ETag: "652d5e28-1099f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTEL3W1o3HU%2FRF1A%2Bpajo9DFGGeu9VMNXm2RnrdqV%2FdBkZqBhnp88JQq%2BANGZJlN4qkNHh9kUL3zUdrCopLmUqnNhBVPffdoQj5WyN25KauzM9JVUfH6jas9o4K8RfzI"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272798fde1e32-FRA
Expires: Fri, 20 Oct 2023 20:02:20 GMT

GET
H/1.1 200
OK meta-rogue-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/10/ 59 KB
59 KB 24ms
24ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/10/meta-rogue-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4381e2371a426394a7a88628c4ee19e7d2f4bd8a6d71c9e88fdf34b4884cc1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 276988
Cf-Polished: origSize=60292
Connection: keep-alive
Content-Length: 59978
Cf-Bgj: imgq:100,h2pri
Last-Modified: Sun, 15 Oct 2023 10:48:28 GMT
Server: cloudflare
ETag: "652bc37c-eb84"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMkTiGlzrjWoCFvzc8pqEDe5En6z59GpVco1osKJJuZ59doIDmsGjpjOZXdhsPCvSPE4ciSlDHnyfnggyycna6mScM99lcr5mOy2Gp6Vt%2BGQtQpYa1VBQ1thE9O7pkrt"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 818272798878bb7d-FRA
Expires: Thu, 19 Oct 2023 12:23:07 GMT

GET
H/1.1 200
OK token-druid-cover-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/08/ 68 KB
69 KB 17ms
17ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/08/token-druid-cover-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0a06e689324d49c5831e58f851f11e69d66d729168727f83f05628bcc9b0a51

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 21738
Cf-Polished: origSize=69579
Connection: keep-alive
Content-Length: 69397
Cf-Bgj: imgq:100,h2pri
Last-Modified: Thu, 10 Aug 2023 12:32:02 GMT
Server: cloudflare
ETag: "64d4d8c2-10fcb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BD%2FcaE9Z6pTxm%2FRsIYkyhj8wiEpil8RGy6HcVi1C215bBdt83bSNJN7LhMu%2FjcfUExheLrBDc4pj0Eq9XLp59zDxQv8Ps1NG0vCmAIkw01IX%2F04jy91iHYbAXAegEmxk"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827279a8031e32-FRA
Expires: Sun, 22 Oct 2023 11:17:17 GMT

GET
H/1.1 200
OK vip-sifmag-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/08/ 61 KB
61 KB 17ms
17ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/08/vip-sifmag-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd43c3611544ba7ede3039aad72f4ebf423e249d49e40311bef910e196cd0efa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 77471
Cf-Polished: origSize=62580
Connection: keep-alive
Content-Length: 62111
Cf-Bgj: imgq:100,h2pri
Last-Modified: Wed, 16 Aug 2023 13:37:02 GMT
Server: cloudflare
ETag: "64dcd0fe-f474"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfgG%2FZunOcLn7oZGjfmS9Lfntxii688O0Nb795fnwzezLb5h3qAZBYBQpZrva%2FmRAbFRLP39i6bqxpPnh3ChIs0%2FSt0lMSR07%2BNoDMBtj%2Bz7vU6Ge9XrRwthqgwDPrXc"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827279bbae1d90-FRA
Expires: Sat, 21 Oct 2023 19:48:23 GMT

GET
H/1.1 200
OK ignis-druid-cover-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/10/ 71 KB
72 KB 26ms
25ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/10/ignis-druid-cover-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d070cf4a8dd9de233b6f408be6c8433b258951f6466010214e97f3529ba387a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 171891
Cf-Polished: origSize=72998
Connection: keep-alive
Content-Length: 72690
Cf-Bgj: imgq:100,h2pri
Last-Modified: Thu, 05 Oct 2023 16:11:57 GMT
Server: cloudflare
ETag: "651ee04d-11d26"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acAScI9nfWOrZZXJKzuXa0MHl7%2F%2FwTQRLZGcC2gnDBvJRg%2FN57Nunj11Cdt0rQneKbI5vwmfBWBSyuzP4ScTX9RrxbODKQDffMLMQpRDnB4EHiz9k2%2FkGwf0hXd6Q7dk"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827279bdc15c20-FRA
Expires: Fri, 20 Oct 2023 17:34:44 GMT

GET
H/1.1 200
OK farm_monet_naemnikov_v_hearthstone_2-696x353.jpg
hs-manacost.ru/wp-content/uploads/2021/10/ 77 KB
77 KB 21ms
21ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2021/10/farm_monet_naemnikov_v_hearthstone_2-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae2ed8c8a557a6bf9923f25369ab50928622a304bdfcd3fcdb3a84125f0a2220

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 96575
Cf-Polished: origSize=79024, status=webp_bigger
Connection: keep-alive
Content-Length: 78525
Cf-Bgj: imgq:100,h2pri
Last-Modified: Sun, 17 Oct 2021 13:49:33 GMT
Server: cloudflare
ETag: "616c29ed-134b0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BtTL5oZ9VwzElB2IuZKVl8KMKKY4nboKw6N1o2no7KVYQn9F%2B5jHfbaRPGH%2BNQ7aquxZVShUpsDFJ8wyPOCxCkHcI4Sh45HU%2BI75E9LHzYZB7g0kdi4DwqTigDrDAIO"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827279b8b8bb7d-FRA
Expires: Sat, 21 Oct 2023 14:30:00 GMT

GET
H/1.1 200
OK patch-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/10/ 67 KB
68 KB 17ms
17ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/10/patch-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f32bf90cc2a7fbb13c9cf8c0151b9ad16e63f10934a9909cb7e1fec830cd43b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 158769
Cf-Polished: origSize=68826
Connection: keep-alive
Content-Length: 68599
Cf-Bgj: imgq:100,h2pri
Last-Modified: Tue, 03 Oct 2023 17:58:09 GMT
Server: cloudflare
ETag: "651c5631-10cda"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRDr6Gejr2XdQshO2qy7Du6rKqwRgGZWHg0MyCMCoAEoCHPQrvAVsjkeK8f8Kj0lppMOCr4URpUqMfrCQjeRT6p%2BE4RBbE%2BlN3IHMOA%2FJV8gA692ffT0QY2RFmcPtWUv"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827279c8211e32-FRA
Expires: Fri, 20 Oct 2023 21:13:26 GMT

GET
H/1.1 200
OK patch-cover-696x353.jpg
hs-manacost.ru/wp-content/uploads/2023/09/ 55 KB
56 KB 19ms
19ms Image
image/jpeg 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/uploads/2023/09/patch-cover-696x353.jpg
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e90c4a9c29b91912da988ddd353ba52f0c52616446bddd540d28dec39d329ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 204680
Cf-Polished: origSize=56425
Connection: keep-alive
Content-Length: 56165
Cf-Bgj: imgq:100,h2pri
Last-Modified: Thu, 28 Sep 2023 19:53:48 GMT
Server: cloudflare
ETag: "6515d9cc-dc69"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tia9%2Bcmxn2Do9vN2pS10crs8dHwhJkQmYc7E1H7Hl4F6ubWX7fKi837ImCZB%2FU%2BRgBwUMdrnomfp%2BON7fk1ITa899T0LwHiB3UXGKK%2FMzN3Xa67462La7ltX1VIr5hf9"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 81827279dbd81d90-FRA
Expires: Fri, 20 Oct 2023 08:28:15 GMT

GET
H/1.1 200
OK newspaper.woff
hs-manacost.ru/wp-content/themes/Newspaper/images/icons/ 122 KB
68 KB 34ms
25ms Font
application/font-woff 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hs-manacost.ru/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/wp-content/themes/Newspaper/style.css?ver=10.3.6.1
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bb258d73ecad75c45400527fb94b8f2ca96da8831e8056302711565cc9f2aa7

Request headers

Referer: http://hs-manacost.ru/wp-content/themes/Newspaper/style.css?ver=10.3.6.1
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:35 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4249774
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Oct 2020 08:52:17 GMT
Server: cloudflare
ETag: "1e6b4-5b189882f7240-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijeQ7r%2BiEQQqm6LmItCaOrXtzKMhrmF8FcqrU%2FZZql%2BIiYfwrURGDL6Q7HM3L1V0WSvxsg58ammIwAztmGsF8gDXpFUx0sqQi8PJSng31uUzPpI47KUBh%2BrN645ys2Ou"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff
Cache-Control: max-age=31536000
CF-RAY: 81827278ca411d90-FRA
Expires: Thu, 29 Aug 2024 12:50:01 GMT

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 16ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=PT+Sans%3A400%7CUbuntu%3A400%7CSue+Ellen+Francisco%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7COswald%3A500%2C600%7CMontserrat%3A400%2C700%7CFira+Sans%3A800%2C400%7CMerriweather%3A300%7CRubik%3A600%2C500%2C400%7COxygen%3A400&display=swap&ver=10.3.6.1

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 19:24:57 GMT
X-Content-Type-Options: nosniff
Age: 424478
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 9628
X-XSS-Protection: 0
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 12 Oct 2024 19:24:57 GMT

GET
H/1.1 200
OK jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 28 KB
29 KB 16ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 03:57:53 GMT
X-Content-Type-Options: nosniff
Age: 480102
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 28444
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:45:23 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 12 Oct 2024 03:57:53 GMT

GET
H/1.1 200
OK jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 15ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 19:23:55 GMT
X-Content-Type-Options: nosniff
Age: 424540
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 45300
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:11:08 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 12 Oct 2024 19:23:55 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 16ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 07:01:00 GMT
X-Content-Type-Options: nosniff
Age: 555515
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 9840
X-XSS-Protection: 0
Last-Modified: Wed, 11 May 2022 19:24:39 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 11 Oct 2024 07:01:00 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 17ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 06:39:07 GMT
X-Content-Type-Options: nosniff
Age: 556828
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15920
X-XSS-Protection: 0
Last-Modified: Wed, 11 May 2022 19:24:45 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 11 Oct 2024 06:39:07 GMT

GET
H/1.1 200
OK TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlSHYjedg.woff2
fonts.gstatic.com/s/oswald/v53/ 11 KB
12 KB 17ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlSHYjedg.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa1528f70e93cd39f3836bca5e41a251024396c53ebbc515d5a9e76d9ef32ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 21:29:22 GMT
X-Content-Type-Options: nosniff
Age: 503413
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 11720
X-XSS-Protection: 0
Last-Modified: Tue, 15 Aug 2023 18:56:38 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 11 Oct 2024 21:29:22 GMT

GET
H/1.1 200
OK 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
35 KB 25ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 05:05:12 GMT
X-Content-Type-Options: nosniff
Age: 389663
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 34852
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:31:23 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 13 Oct 2024 05:05:12 GMT

GET
H/1.1 200
OK va9B4kDNxMZdWfMOD5VnMK7eQhf6TF0.woff2
fonts.gstatic.com/s/firasans/v17/ 11 KB
12 KB 25ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnMK7eQhf6TF0.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53265b04360771d78f3192b50c369d782ee63bae2a7603b40abcd4842b4d134a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 00:38:27 GMT
X-Content-Type-Options: nosniff
Age: 319268
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 11512
X-XSS-Protection: 0
Last-Modified: Tue, 02 May 2023 14:50:15 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Mon, 14 Oct 2024 00:38:27 GMT

GET
H/1.1 200
OK u-4n0qyriQwlOrhSvowK_l521wRZXMf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ 15 KB
15 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZXMf6lvg.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99321551755755b9312c2026e4603deadf65b6b51b5c746b6a5b54576390fa0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 10:37:01 GMT
X-Content-Type-Options: nosniff
Age: 456154
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15084
X-XSS-Protection: 0
Last-Modified: Tue, 26 Apr 2022 15:44:46 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 12 Oct 2024 10:37:01 GMT

GET
H/1.1 200
OK va9E4kDNxMZdWfMOD5Vvk4jLeTY.woff2
fonts.gstatic.com/s/firasans/v17/ 11 KB
11 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvk4jLeTY.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be5cf1e8ed609c752deeec348b79d89a0950ef5e0455518755ba0506507fb4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 05:34:42 GMT
X-Content-Type-Options: nosniff
Age: 560693
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 10768
X-XSS-Protection: 0
Last-Modified: Tue, 02 May 2023 14:50:02 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 11 Oct 2024 05:34:42 GMT

GET
H/1.1 200
OK va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
24 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 22:58:41 GMT
X-Content-Type-Options: nosniff
Age: 498054
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 23880
X-XSS-Protection: 0
Last-Modified: Tue, 02 May 2023 14:50:07 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 11 Oct 2024 22:58:41 GMT

GET
H/1.1 200
OK iJWKBXyIfDnIV7nFrXyi0A.woff2
fonts.gstatic.com/s/rubik/v28/ 15 KB
15 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nFrXyi0A.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7ad9db12275b6bcaa57a392d98122c99c0f7a80416da0edde9897e4330af8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 05:20:08 GMT
X-Content-Type-Options: nosniff
Age: 388767
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15076
X-XSS-Protection: 0
Last-Modified: Thu, 29 Jun 2023 16:30:05 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 13 Oct 2024 05:20:08 GMT

GET
H/1.1 200
OK 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
17 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 23:03:35 GMT
X-Content-Type-Options: nosniff
Age: 497760
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 16348
X-XSS-Protection: 0
Last-Modified: Mon, 09 May 2022 18:31:32 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 11 Oct 2024 23:03:35 GMT

GET
H/1.1 200
OK iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 43ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 16:23:45 GMT
X-Content-Type-Options: nosniff
Age: 435350
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 35448
X-XSS-Protection: 0
Last-Modified: Thu, 29 Jun 2023 16:14:39 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 12 Oct 2024 16:23:45 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 26 KB
27 KB 43ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 19:17:55 GMT
X-Content-Type-Options: nosniff
Age: 511300
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 26640
X-XSS-Protection: 0
Last-Modified: Thu, 14 Sep 2023 01:00:59 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 11 Oct 2024 19:17:55 GMT

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 44ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 18:24:14 GMT
X-Content-Type-Options: nosniff
Age: 514521
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 48432
X-XSS-Protection: 0
Last-Modified: Thu, 14 Sep 2023 00:40:31 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 11 Oct 2024 18:24:14 GMT

GET
H/1.1 200
OK KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 14ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Tue, 17 Oct 2023 04:30:04 GMT
X-Content-Type-Options: nosniff
Age: 132571
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15744
X-XSS-Protection: 0
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 16 Oct 2024 04:30:04 GMT

GET
H/1.1 200
OK TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v53/ 21 KB
22 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 07:38:51 GMT
X-Content-Type-Options: nosniff
Age: 466844
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 21444
X-XSS-Protection: 0
Last-Modified: Tue, 15 Aug 2023 18:38:40 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 12 Oct 2024 07:38:51 GMT

GET
H/1.1 200
OK 4iCs6KVjbNBYlgoKew72j00.woff2
fonts.gstatic.com/s/ubuntu/v20/ 20 KB
21 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 01:10:26 GMT
X-Content-Type-Options: nosniff
Age: 403749
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 20860
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:15:59 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 13 Oct 2024 01:10:26 GMT

GET
H/1.1 200
OK u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 12ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Tue, 17 Oct 2023 11:56:22 GMT
X-Content-Type-Options: nosniff
Age: 105793
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 19752
X-XSS-Protection: 0
Last-Modified: Tue, 26 Apr 2022 15:46:46 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 16 Oct 2024 11:56:22 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Fri, 13 Oct 2023 05:12:48 GMT
X-Content-Type-Options: nosniff
Age: 475607
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15860
X-XSS-Protection: 0
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 12 Oct 2024 05:12:48 GMT

GET
H/1.1 200
OK KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://hs-manacost.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 21:59:23 GMT
X-Content-Type-Options: nosniff
Age: 501612
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 9644
X-XSS-Protection: 0
Last-Modified: Wed, 11 May 2022 19:24:50 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 11 Oct 2024 21:59:23 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 15ms
15ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2089401953&t=pageview&_s=1&dl=http%3A%2F%2Fhs-manacost.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9C%D0%B0%D0%BD%D0%B0%D0%BA%D0%BE%D1%81%D1%82%20Hearthstone%20%7C%20Runeterra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAAAACAAI~&jid=356938148&gjid=143753037&cid=1826415403.1697649576&tid=UA-47337854-2&_gid=546377159.1697649576&_slc=1&_av=2.4.0&_au=20&did=i5iSjo&z=1921870488

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

87a7366a5817b199cb491d88aca167ff76e5cae207c119dfac7b1f4afffdf84f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://hs-manacost.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 17:19:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hs-manacost.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 54ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-47337854-2&cid=1826415403.1697649576&jid=356938148&gjid=143753037&_gid=546377159.1697649576&_u=aGBAgEAjAAAAAGAAI~&z=1258651565

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://hs-manacost.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:19:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hs-manacost.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZF3BFKKS3S&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92c1c8f3ac26075aa436548afad2878fc7d7b0c89ad8efc7bb310721c34cfabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:19:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82096
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 18 Oct 2023 17:19:36 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160304/ 394 KB
134 KB 99ms
77ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160304/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9551927933108581&plah=hs-manacost.ru&bust=31078897

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49c779a926bc24d48d3878868404bc514b3cb8b2b80bb5b9056a6938445a991b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:19:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137137
x-xss-protection: 0
server: cafe
etag: 12215575861759592058
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:19:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame B378 10 KB
5 KB 28ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hs-manacost.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 12:56:15 GMT
etag: 2603938475786422795
expires: Wed, 01 Nov 2023 12:56:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 168 KB
69 KB 61ms
44ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: hs-manacost.ru
URL: http://hs-manacost.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e673bbc4f8fe8225feb8053080a8abdf86d154a9b6e161fc4651bcdffee3ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:19:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14523
x-jsd-version: 1.295.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230070-FRA, cache-yyz4555-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"29feb-LSdFqOQxPKsWXNYifeXw7ydlsy4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wry%2BhGfnLDMn40mvXVKexCa%2BDIAZHTpW3qi6Zh55UbTivYUdBGvmp1a3okpqauG9WipwW3OoMwwhgXIBmrZVSdiE0xOi%2BZrEq0H0QWNbPy%2BJt7fuNvJNzPBv40srvDXqxQ6BKq%2B%2BfEk9AegxTRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8182727a986592b4-FRA

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t50.6;r;s1600*1200*24;uhttp%3A//hs-manacost.ru/;0.5232107526900189
https://counter.yadro.ru/hit?t50.6;r;s1600*1200*24;uhttp%3A//hs-manacost.ru/;0.5232107526900189
https://counter.yadro.ru/hit?q;t50.6;r;s1600*1200*24;uhttp%3A//hs-manacost.ru/;0.5232107526900189

132 B
618 B

46ms
46ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t50.6;r;s1600*1200*24;uhttp%3A//hs-manacost.ru/;0.5232107526900189

Requested by

Host: hs-manacost.ru
URL: http://hs-manacost.ru/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

eb03d5c88046cd6bf4bf958b581f783cc1f6b1f21f91af45c3e0ce5cf137bd0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 17:19:36 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 132
Expires: Mon, 17 Oct 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 17:19:36 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t50.6;r;s1600*1200*24;uhttp%3A//hs-manacost.ru/;0.5232107526900189
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 17 Oct 2022 21:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2089401953&t=pageview&_s=1&dl=http%3A%2F%2Fhs-manacost.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9C%D0%B0%D0%BD%D0%B0%D0%BA%D0%BE%D1%81%D1%82%20Hearthstone%20%7C%20Runeterra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUAjAAAAAGAAI~&jid=1127268943&gjid=1107651207&cid=1826415403.1697649576&tid=UA-47337854-2&_gid=546377159.1697649576&_r=1&gtm=457e3ag0&did=i5iSjo&jsscut=1&z=944470192

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://hs-manacost.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 17:19:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hs-manacost.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK prev.png
hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/images/ 898 B
2 KB 21ms
21ms Image
image/webp 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/images/prev.png
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/lightbox.css?ver=1.0
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bc096703ef1dfacb1f4b237d04ef92e2241d49a94c30638864b941ec576be71

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/lightbox.css?ver=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:36 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 190955
Cf-Polished: origFmt=png, origSize=1360
Content-Disposition: inline; filename="prev.webp"
Connection: keep-alive
Content-Length: 898
Cf-Bgj: imgq:100,h2pri
Last-Modified: Tue, 13 Oct 2020 09:52:43 GMT
Server: cloudflare
ETag: "5f8578eb-550"
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ficm5jl4VElERm%2Fkgscp82%2BMxSKvyKC4abc95AIFEgpj%2ByMoLxYVJDLSwtdJCCk9PhqfeP%2F1Q79CBGAQI5Mr7Bd4I2H%2BxS1%2BwvyXaWzWym6R6HEFPxn%2BaJyUlSFhP%2FtU"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 8182727abd329bd0-FRA
Expires: Fri, 20 Oct 2023 12:17:01 GMT

GET
H/1.1 200
OK next.png
hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/images/ 896 B
2 KB 18ms
18ms Image
image/webp 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/images/next.png
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/lightbox.css?ver=1.0
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd4cdde1fc65ba661adcdde693fb326368677a51fd36c6d86824cec69657ec3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/lightbox.css?ver=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:36 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 129165
Cf-Polished: origFmt=png, origSize=1350
Content-Disposition: inline; filename="next.webp"
Connection: keep-alive
Content-Length: 896
Cf-Bgj: imgq:100,h2pri
Last-Modified: Tue, 13 Oct 2020 09:52:43 GMT
Server: cloudflare
ETag: "5f8578eb-546"
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31tXq0DDn9zI1WZ26AuA3lr0PzErL0KvERXekTuyUNTNml8sDCpJ3jFm7bCdHHboM4rgNVO7qOlhLqxdV8XR66Kw9Vqy227rmDs202%2Buy6tDmGTREgigtH3m1i6yFnML"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 8182727abd611d90-FRA
Expires: Sat, 21 Oct 2023 05:26:51 GMT

GET
H/1.1 200
OK loading.gif
hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/images/ 8 KB
9 KB 21ms
21ms Image
image/gif 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/images/loading.gif
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/lightbox.css?ver=1.0
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/lightbox.css?ver=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:36 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 105016
Cf-Polished: status=not_needed
Connection: keep-alive
Content-Length: 8476
Cf-Bgj: imgq:100,h2pri
Last-Modified: Tue, 13 Oct 2020 09:52:43 GMT
Server: cloudflare
ETag: "5f8578eb-211c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5wobXkLI4e2n3reCldZaVVw0bXr4VG0%2BgK5jMNfl9QlTc2Mmq2UNUw7YUFw9AmNfg0AhV7yK8lvRgZc0CnXaWd92iM8m5qDp9HP%2FIbI%2FxTe99fxURanUpYVDpDG084x"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 8182727abebf3804-FRA
Expires: Sat, 21 Oct 2023 12:09:20 GMT

GET
H/1.1 200
OK close.png
hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/images/ 218 B
1 KB 23ms
22ms Image
image/webp 172.67.72.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/images/close.png
Requested by: Host: hs-manacost.ru
URL: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/lightbox.css?ver=1.0
Protocol: HTTP/1.1
Server: 172.67.72.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb9c6ea966134cdb99d8e6fb8ea2562a7d272c70071e2d06605453be3a1934f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/wp-content/plugins/td-composer/legacy/Newspaper/tamlier_develop/lightbox.css?ver=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 17:19:36 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 174232
Cf-Polished: origFmt=png, origSize=280
Content-Disposition: inline; filename="close.webp"
Connection: keep-alive
Content-Length: 218
Cf-Bgj: imgq:100,h2pri
Last-Modified: Tue, 13 Oct 2020 09:52:43 GMT
Server: cloudflare
ETag: "5f8578eb-118"
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Culni4q42v3GxaUaFpG%2BBAWBqcDxryWXzdf4HsVChb5UwPAxudGWW39nXZZ%2B1mYtt72hsUYVhRq%2B6G56EeBUGVkgvQsrm7%2BP%2Bz4vROeZgsO0mq1X8dCNO%2Ba4aK47z2V7"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 8182727abf1a5c20-FRA
Expires: Fri, 20 Oct 2023 16:55:44 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-47337854-2&cid=1826415403.1697649576&jid=1127268943&gjid=1107651207&_gid=546377159.1697649576&_u=aGDAAUAjAAAAAGAAI~&z=240622623

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://hs-manacost.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:19:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hs-manacost.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZF3BFKKS3S&gtm=45je3ag0&_p=2089401953&ul=en-us&sr=1600x1200&cid=1826415403.1697649576&ir=1&_eu=EBAI&_s=1&dl=http%3A%2F%2Fhs-manacost.ru%2F&dt=%D0%9C%D0%B0%D0%BD%D0%B0%D0%BA%D0%BE%D1%81%D1%82%20Hearthstone%20%7C%20Runeterra&sid=1697649576&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZF3BFKKS3S&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 17:19:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hs-manacost.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fhs-manacost.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A3wcjej5logadum7fiken3xb%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fhs-manacost.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A3wcjej5logadum7fiken3xb%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...

264 B
300 B

56ms
55ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fhs-manacost.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A3wcjej5logadum7fiken3xb%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A2%3Adp%3A0%3Als%3A1438300368028%3Ahid%3A509534275%3Az%3A120%3Ai%3A20231018191936%3Aet%3A1697649576%3Ac%3A1%3Arn%3A533913996%3Arqn%3A1%3Au%3A1697649576508224647%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A28%2C6%2C118%2C75%2C0%2C0%2C%2C440%2C8%2C%2C%2C%2C668%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697649575428%3Ast%3A1697649576&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Requested by

Host: hs-manacost.ru
URL: http://hs-manacost.ru/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b0d41a7c2a399628f3e2e4732c4a1e14c1a788ef03feafc27e05a0d8b15c9261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 17:19:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 18-Oct-2023 17:19:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://hs-manacost.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 264
x-xss-protection: 1; mode=block
expires: Wed, 18-Oct-2023 17:19:36 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Oct 2023 17:19:36 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 18-Oct-2023 17:19:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/3/1?wmode=7&page-url=http%3A%2F%2Fhs-manacost.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A3wcjej5logadum7fiken3xb%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A2%3Adp%3A0%3Als%3A1438300368028%3Ahid%3A509534275%3Az%3A120%3Ai%3A20231018191936%3Aet%3A1697649576%3Ac%3A1%3Arn%3A533913996%3Arqn%3A1%3Au%3A1697649576508224647%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A28%2C6%2C118%2C75%2C0%2C0%2C%2C440%2C8%2C%2C%2C%2C668%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697649575428%3Ast%3A1697649576&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin: http://hs-manacost.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 18-Oct-2023 17:19:36 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/28175484/
Redirect Chain

https://mc.yandex.ru/watch/28175484?wmode=7&page-url=http%3A%2F%2Fhs-manacost.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3wcjej5logadum7fiken3xb%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Al...
https://mc.yandex.ru/watch/28175484/1?wmode=7&page-url=http%3A%2F%2Fhs-manacost.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3wcjej5logadum7fiken3xb%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3...

428 B
555 B

53ms
53ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/28175484/1?wmode=7&page-url=http%3A%2F%2Fhs-manacost.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3wcjej5logadum7fiken3xb%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1312199185%3Ahid%3A509534275%3Az%3A120%3Ai%3A20231018191936%3Aet%3A1697649576%3Ac%3A1%3Arn%3A444319861%3Arqn%3A1%3Au%3A1697649576508224647%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A28%2C6%2C118%2C75%2C0%2C0%2C%2C440%2C8%2C%2C%2C%2C668%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697649575428%3Arqnl%3A1%3Ast%3A1697649576%3At%3A%D0%9C%D0%B0%D0%BD%D0%B0%D0%BA%D0%BE%D1%81%D1%82%20Hearthstone%20%7C%20Runeterra&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Requested by

Host: hs-manacost.ru
URL: http://hs-manacost.ru/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

bea953970cb405327bc2bcd8e197ad1dbb618c32182c2aeb3ad22dbec155d0e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 17:19:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 18-Oct-2023 17:19:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://hs-manacost.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Wed, 18-Oct-2023 17:19:36 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Oct 2023 17:19:36 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 18-Oct-2023 17:19:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/28175484/1?wmode=7&page-url=http%3A%2F%2Fhs-manacost.ru%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3wcjej5logadum7fiken3xb%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1312199185%3Ahid%3A509534275%3Az%3A120%3Ai%3A20231018191936%3Aet%3A1697649576%3Ac%3A1%3Arn%3A444319861%3Arqn%3A1%3Au%3A1697649576508224647%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A28%2C6%2C118%2C75%2C0%2C0%2C%2C440%2C8%2C%2C%2C%2C668%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697649575428%3Arqnl%3A1%3Ast%3A1697649576%3At%3A%D0%9C%D0%B0%D0%BD%D0%B0%D0%BA%D0%BE%D1%81%D1%82%20Hearthstone%20%7C%20Runeterra&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin: http://hs-manacost.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 18-Oct-2023 17:19:36 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
566 B 203ms
99ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: hs-manacost.ru
URL: http://hs-manacost.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:19:36 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 17 Oct 2023 09:59:45 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "652e5b11-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 18 Oct 2023 18:19:36 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
603 B 37ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hs-manacost.ru&callback=_gfp_s_&client=ca-pub-9551927933108581

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160304/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9551927933108581&plah=hs-manacost.ru&bust=31078897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

871b2c039886c9911eaa27af586cd6d1f0a3f32c8bb52bf7a20a6daee05f22b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F265 123 KB
42 KB 448ms
447ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9551927933108581&output=html&h=90&slotname=1924852777&adk=2677332262&adf=1183505835&pi=t.ma~as.1924852777&w=728&lmt=1697636880&format=728x90&url=http%3A%2F%2Fhs-manacost.ru%2F&wgl=1&dt=1697649576036&bpp=4&bdt=453&idt=317&shv=r20231011&mjsv=m202310160304&ptt=9&saldr=aa&abxe=1&correlator=4062311888962&frm=20&pv=2&ga_vid=1826415403.1697649576&ga_sid=1697649576&ga_hid=2089401953&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44801484%2C44805112%2C44805533%2C44805681%2C44805920%2C31078297%2C31078897&oid=2&pvsid=3254572191663811&tmod=1240361447&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=fyPNRNyozI&p=http%3A//hs-manacost.ru&dtd=334

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

408f0420676dcbfc25376d7b3e00bea154a8195ac5f01ae5caa535107459b3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hs-manacost.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42264
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 17:19:36 GMT
expires: Wed, 18 Oct 2023 17:19:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 42A0 48 KB
2 KB 220ms
219ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9551927933108581&output=html&adk=1812271804&adf=3025194257&lmt=1697636880&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=http%3A%2F%2Fhs-manacost.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1697649576101&bpp=3&bdt=518&idt=277&shv=r20231011&mjsv=m202310160304&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4062311888962&frm=20&pv=1&ga_vid=1826415403.1697649576&ga_sid=1697649576&ga_hid=2089401953&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44801484%2C44805112%2C44805533%2C44805681%2C44805920%2C31078297%2C31078897&oid=2&pvsid=3254572191663811&tmod=1240361447&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=292

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8908c3bd78d267a0f41636657da1047043cf07173adb529bb0e6b421e6657217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hs-manacost.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 2417
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 17:19:36 GMT
expires: Wed, 18 Oct 2023 17:19:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10160.Zp-q-LYYzZTHv-sigKfXmSsQCzqjUYSBFthdrFJ04oemkgu-qW_AC82dPd-u9vlf.Dn14LY1z3LrwyMMkkxUmI_3p-lE%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=10160.br2DGSP_vgMCxjm3a75lSiYo8wkpjwlGLAeKwXWHCGFaJF01xLf64YUjAKm4f2bkDN3rPZT6xF4-BRuqfbY-fBPq-P0-HSnSmlHtNWSjqpy0Q00N9YjlP89pWydM3a7IXN6D-m1-...

43 B
503 B

60ms
59ms

Image
image/gif

154.47.36.219
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=10160.br2DGSP_vgMCxjm3a75lSiYo8wkpjwlGLAeKwXWHCGFaJF01xLf64YUjAKm4f2bkDN3rPZT6xF4-BRuqfbY-fBPq-P0-HSnSmlHtNWSjqpy0Q00N9YjlP89pWydM3a7IXN6D-m1-3Wg-rFh5b408E3LyWR7hixkCGGTAV1M-IsdVwHYoksXgCvaeP87H3qSsenkEyuV-r4pFs5JIudjAdz6mP3oP_6LMxW4vwl58Ijo%2C.kzDrdTK3Lzdy2JBmOKJhAxMJiZE%2C

Requested by

Host: hs-manacost.ru
URL: http://hs-manacost.ru/

Protocol

Server

154.47.36.219 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:19:36 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=10160.br2DGSP_vgMCxjm3a75lSiYo8wkpjwlGLAeKwXWHCGFaJF01xLf64YUjAKm4f2bkDN3rPZT6xF4-BRuqfbY-fBPq-P0-HSnSmlHtNWSjqpy0Q00N9YjlP89pWydM3a7IXN6D-m1-3Wg-rFh5b408E3LyWR7hixkCGGTAV1M-IsdVwHYoksXgCvaeP87H3qSsenkEyuV-r4pFs5JIudjAdz6mP3oP_6LMxW4vwl58Ijo%2C.kzDrdTK3Lzdy2JBmOKJhAxMJiZE%2C
date: Wed, 18 Oct 2023 17:19:36 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame F265 4 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9551927933108581&output=html&h=90&slotname=1924852777&adk=2677332262&adf=1183505835&pi=t.ma~as.1924852777&w=728&lmt=1697636880&format=728x90&url=http%3A%2F%2Fhs-manacost.ru%2F&wgl=1&dt=1697649576036&bpp=4&bdt=453&idt=317&shv=r20231011&mjsv=m202310160304&ptt=9&saldr=aa&abxe=1&correlator=4062311888962&frm=20&pv=2&ga_vid=1826415403.1697649576&ga_sid=1697649576&ga_hid=2089401953&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44801484%2C44805112%2C44805533%2C44805681%2C44805920%2C31078297%2C31078897&oid=2&pvsid=3254572191663811&tmod=1240361447&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=fyPNRNyozI&p=http%3A//hs-manacost.ru&dtd=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 18 Oct 2023 17:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:05:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Oct 2023 17:19:36 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F265 2 KB
973 B 48ms
11ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 13:38:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame F265 23 KB
9 KB 44ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F265 3 KB
1 KB 44ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F265 20 KB
9 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F265 187 KB
59 KB 98ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697483867094811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:19:36 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame F265 35 KB
15 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:14 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/5886301013978595183/ Frame F265 32 KB
32 KB 45ms
12ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5886301013978595183/6592766407814317453

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10fafb3d3329daa7db92fc08ff8f9cbcc8788dc6d101bd8c197276a2dceefb9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:42:13 GMT
x-content-type-options: nosniff
age: 585443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32861
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 12:30:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Oct 2024 22:42:13 GMT

GET
H2 200 16509129254105986304
tpc.googlesyndication.com/simgad/ Frame F265 2 KB
3 KB 49ms
16ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16509129254105986304?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495e8587294e844e5d15b18ec988e7807147065df95b6a7ce181cc013fffd37d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 07:26:35 GMT
x-content-type-options: nosniff
age: 121981
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2482
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 12:37:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Oct 2024 07:26:35 GMT

GET
DATA 200
OK truncated
/ Frame F265 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f566274a5195958634cf13d7a4b46903c5dc798e0a9833f44850ab6f275512ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F265 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 358938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 13:37:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F265 15 KB
15 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 479565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 04:06:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F265 0
23 B 50ms
50ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQToyqBMwZaPCHImosgeq3Z3gD4WI6NRz66rOhIIS2tkeEAEg7urcI2CVkq6CtAegAfW-5_ICyAEJqAMByAPLBKoEzAFP0DVvv5msxLhd8DQ2lHq6BYTZe6oWnt8j8XJcsm3Z9sW7VRuMivTKxmbq2zBWrIT9LIDykrW28Gfjmfvtm98X8HODWDwjxdEmtRjdJSb-wby15FR3rxkyB6adaUQlCNET00XRLWnAYf6QHV7t4Q8nZPtwVNqvitN_FElYeh-9S66Y_JcG5sArZYtF02RX4O_0KdhX112kxDVLYM4osXVszZ5sY5hrfLVS5Idg0eJqSD2zmN-5rQDqm83TeqOdLsOVAzQ0pL38bYcikqzABJPOpvfIBIgF_7_e3EygBi6AB6ipy-wEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4vsD0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAbgT5APYEwPQFQGAFwGyFxwKGggAEhRwdWItOTU1MTkyNzkzMzEwODU4MRgA&sigh=_LF1rJU7f6k&uach_m=[UACH]&cid=CAQSTADICaaNJHBg1PxJ8MBGChRSJg2zd6x4mfsz1CBJJvkDTDzAXxHrfC4cn_h8pFAX3Vj8V4ArkKOnIKKbxQtJcPD9AupAciXXvUUVCc0YAQ&template_id=484&cbvp=2&vis=1

Requested by

Host: hs-manacost.ru
URL: http://hs-manacost.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9551927933108581&output=html&h=90&slotname=1924852777&adk=2677332262&adf=1183505835&pi=t.ma~as.1924852777&w=728&lmt=1697636880&format=728x90&url=http%3A%2F%2Fhs-manacost.ru%2F&wgl=1&dt=1697649576036&bpp=4&bdt=453&idt=317&shv=r20231011&mjsv=m202310160304&ptt=9&saldr=aa&abxe=1&correlator=4062311888962&frm=20&pv=2&ga_vid=1826415403.1697649576&ga_sid=1697649576&ga_hid=2089401953&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44801484%2C44805112%2C44805533%2C44805681%2C44805920%2C31078297%2C31078897&oid=2&pvsid=3254572191663811&tmod=1240361447&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=fyPNRNyozI&p=http%3A//hs-manacost.ru&dtd=334
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 18 Oct 2023 17:19:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 18 Oct 2023 17:19:37 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
56ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b816212d6330f7320adf7c0c652ee8de8d1a7aa06d247555f80f5491ed0b1d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:19:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12084
x-xss-protection: 0

GET
H2 200 p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A2B 37 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:08:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 587446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 22:08:51 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 17:19:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A834 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hs-manacost.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5462
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 15:48:35 GMT
expires: Thu, 17 Oct 2024 15:48:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 858B 829 B
1 KB 40ms
18ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ccdf87ca3a425b83b90b7e3897f38323d006d6dad62b3b8afdc9b28a45835be5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l-KHN8jAwngNM_zpboIzvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hs-manacost.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-l-KHN8jAwngNM_zpboIzvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 17:19:37 GMT
expires: Wed, 18 Oct 2023 17:19:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame A834 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 16:21:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 858B 0
0 149ms
148ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=3254572191663811&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A834 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dd-Q6A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 17:19:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 156ms
156ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=3254572191663811&bg=!-Pul-7TNAAbFpEfJ5aQ7ADQBe5WfOME8A_Hytyib9rv-IKDwSgHuMqXzM85FRqH5uAPSHs-8NtFeO9ak70W8phIeiXoHAgAAAGNSAAAABmgBB5kDBRdnaqEnKeHoPeLRnUg9PWLrioyQogHpPD1kuIvQvL9MiQozN8Jw7gxFByu3lkgkgPZW4g2NNUT-8ztTQp5btLymNkdIgj_2Zin48L94YA4JkaCa927aMFclQh1m2e7gL94i2WckXpoBDRy4eyNd7wdrkdrtmKdBhrFyGUjHoIx4D--rmEnhDtS03mbcFmUAZ7521vKsRFAHujgSV4fYxTBVPC5TSfF-sHIoxwWG1BmwfuqYSSRTJkVzCmzwbdqvFg43WS30j8vYbZRQK7-cxrS9pK4QNkfn-zj4ujrGoMcXXyrWW18Z8R9S1Q6nXXn34cvJxTLtogqTCbo4LY5duGm1nNJ89VUlwTfh5bdhxx5MT9ApL8o2FtkDHYeThfZLyW6m4yj4xXCPUTFKPlDHWtT0vvQvkfAepK87jBytDRUuuk79W_gUF6IBIkyoloqkBH3IC8HhZVC8l6wP-HhJ_56DUgIYdtMeh5p3PrMHcfAbHwJPUGgC8C7KMy2QdYLr7rjF3ALPiuMuCWnZ0CKBirO-uyoA6RSBSR5D343OiR0uFpctnM1zbZv7vHW5rQ2oeItNK9W2iQvEz4277933lSESMQkCpZMGemqIYEVkKrU-49TGfLeCWlmDQlT3y9o4CE_1l3UsjqQIEa1fExQ6eChisk6GhyHtsmKELOFLQexyHnfUDHsouMRBJucLUwZi-FFHz624KNqkbbEAXPJeGOTRBRzFxTWiU4MTdjmMzmGnc0OS9rxW5m7p38y2Fc1ledKoK0-dYPqU_PTdOyIWkbzhj2w-TeHN_Rdl7iZYCTXGgFFMAT5dDQU1vQ9c_zGG5J0WiMLqnkeedOGqBqZpSWK_UCqMgYJQNVyp4IURT1I6Gk9QBBbBtcSAbGN9evj7GLS_I-1Nkc-qw5AgErmUtfiNHwn6Cq2evLvfm427UYSMY9PL3FlBNHnqi_Z0h0swnDqid40-jy49z3ndCOIkTfFhJHftgPiI1jexXlB5mQEEsHyCFDVp0QdJQI3Wr3csQDxgTA-Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hs-manacost.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F265 42 B
64 B 157ms
157ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuK_2XE_cZf-e1s2sS-PKyuEEIiSEgZ4OednEb2IfmshIF3XDZ5BBWFjvnHBJJdLDtiwGdrh1BdpnhFGzGFTnDafAPYut-_FJAuw1G_n35s431c1dB_NTsvRsPWJbWxsJM4TDSdsm_Vvnl7ntT-wEn0AhzqG6G8_-d-nQFuM58eiE2q3V0Nonm3W4S6a0HBrKlIFOyswOymUgivxFwwCsXCkaWxtEohK3y2zbkYNwik9af4gFFRPu9euUbDh9_DXW07CaadmgjBJ315z2v5jbVRr_671Kz2qLyf4kAqqb1CT4BiTdE7RmqM2am8Scwtn94k7TWjuh_J2_xDIdpLa79FfUeLTHdeGN48fkgfx_pElZNrP6wTsC3JjIsdzpobxP-Vy-x6291hZDKv_wMh3AWqNkcu2XWpYFU_hIHneP3jW3smn0tfR8UiQYzqlaAzKAxv4TiZKbLqUnZab-6GP-zGFhqU4Puj_MsUO7DzfhiFWGj7IijboZxLt24bNwBiy1r5plpxwJ3yUZe0DKhmcEBCn1Oc8qZcDFiELbHl5soCFb49YPH5AgL4Fa_JnlEreDRSmFtW1sO6xIfxxOq9OsC8yNTfC02eH1xLKvAnLBpSiji9b-m10q5HH-kDxrcpJoR6pwW-nm5p01DlmS0xOpTKvk_aajcrXo7NBM36xwRbyHqx28S_8yQ8hRPuUmioPiVhsaC61okb8RUMwSJbOtcfgWD80xI1y96cOn99ZPK4P_CDDI58uhsL0UgBMz4-uI8ttBisSc9qImToRHHhbSB6tfiD-t8KjgJKnJ1mpbLjVGqy-mEnSvUmwI0FEAzqL5XX9TaFS6OEPfrPsHe7q1hcd1i4a_6Nq77y1cDcsNh24182q9Hb0nOJQVU2jc1hOnHAj4HnakASN4ugm3RZ8ZPykDa8DwLNkzkhMI2PouuCa28hxVQW4yrpLQfH8s-DoPozbttLo6hN1g&sai=AMfl-YTtwYjzx1qmdzS79b2roQmmLD08eCh9sfSMykvFV2hySxakoBMZ7yCabWy2i3Kr6eJcIaF9lV1PlE0zrhREo19JZ3AqQrnRPDVZzAiPsJeWikoBgv24KJSaSKTwaj2du3vANV-3UwssAHZnckXNjHPOF58sFgRVEPk&sig=Cg0ArKJSzN3gjJESX0woEAE&cid=CAQSTADICaaNJHBg1PxJ8MBGChRSJg2zd6x4mfsz1CBJJvkDTDzAXxHrfC4cn_h8pFAX3Vj8V4ArkKOnIKKbxQtJcPD9AupAciXXvUUVCc0YAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231016&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2677332262&rs=2&la=0&cr=0&vs=4&r=v&rst=1697649576372&rpt=630&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 17:19:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hs-manacost.ru/	1970-01-21 01:10:09	Name: _ga Value: GA1.2.1826415403.1697649576
.hs-manacost.ru/	1970-01-20 15:35:35	Name: _gid Value: GA1.2.546377159.1697649576
.hs-manacost.ru/	1970-01-20 15:34:09	Name: _gat Value: 1
.hs-manacost.ru/	1970-01-20 15:34:09	Name: _gat_gtag_UA_47337854_2 Value: 1
.hs-manacost.ru/	1970-01-21 01:10:09	Name: _ga_ZF3BFKKS3S Value: GS1.2.1697649576.1.0.1697649576.0.0.0
.hs-manacost.ru/	1970-01-21 00:19:45	Name: _ym_uid Value: 1697649576508224647
.hs-manacost.ru/	1970-01-21 00:19:45	Name: _ym_d Value: 1697649576
.yadro.ru/	1970-01-21 00:18:32	Name: FTID Value: 1bC1Ee19en8f1bC1Ee002JNX
.yandex.ru/	1970-01-21 00:19:45	Name: ymex Value: 1729185576.yrts.1697649576#1729185576.yrtsi.1697649576
.yadro.ru/	1970-01-21 00:18:32	Name: VID Value: 0hLPbN2-mJuf1bC1Ee002CvZ
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1725049721697649576
.yandex.ru/	1970-01-21 00:19:45	Name: yuidss Value: 3910265181697649576
.yandex.ru/	1970-01-21 01:10:09	Name: i Value: WG4ji9CuuOr5NgHbcsKgDvU1L5RwJzj3X2NPI8RTzC6Px2ftPg0tvC7iJb1TSZiUSjXb/JnLTY6bV6cG0w932csabJw=
.yandex.ru/	1970-01-21 01:10:09	Name: yandexuid Value: 571162801697649576
.hs-manacost.ru/	1970-01-20 15:35:21	Name: _ym_isad Value: 2
.hs-manacost.ru/	1970-01-20 15:34:11	Name: _ym_visorc Value: w
.mc.webvisor.org/	1970-01-20 15:34:10	Name: sync_cookie_csrf Value: 259246097fake
.mc.yandex.ru/	1970-01-20 15:34:10	Name: sync_cookie_csrf Value: 987612446fake
.webvisor.org/	1970-01-21 01:10:09	Name: yandexuid Value: 571162801697649576
.webvisor.org/	1970-01-21 01:10:09	Name: yuidss Value: 571162801697649576
.webvisor.org/	1970-01-21 01:10:09	Name: i Value: WG4ji9CuuOr5NgHbcsKgDvU1L5RwJzj3X2NPI8RTzC6Px2ftPg0tvC7iJb1TSZiUSjXb/JnLTY6bV6cG0w932csabJw=
.mc.webvisor.org/	1970-01-20 15:35:35	Name: sync_cookie_ok Value: synced
.hs-manacost.ru/	1970-01-21 00:55:45	Name: __gads Value: ID=97c703a0ebf2c587:T=1697649576:RT=1697649576:S=ALNI_MaCpvKWtULzR680TQbhnQ_YF6xZqg
.hs-manacost.ru/	1970-01-21 00:55:45	Name: __gpi Value: UID=00000cbb6d861bac:T=1697649576:RT=1697649576:S=ALNI_MbSvked12x8-nJLyMxVElPJwCNgZA
.doubleclick.net/	1970-01-21 00:55:45	Name: IDE Value: AHWqTUk4RoLyMHYUSrDg_9eFUhNzDSZF8VctUm29ZGR3OwdORx9p-2KLoACpfTlq0sI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hs-manacost.ru
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
154.47.36.219
172.67.72.65
2001:4860:4802:32::178
2001:4860:4802:32::36
2606:4700::6810:5714
2606:4700::6811:190e
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9b
2a02:6b8::1:119
88.212.201.198
88.212.201.204
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0a4a22e1470a4ff84582efc40118c4954d74fc12cb5147eb40fb1675ce396896
10e9c4e84392a52b537a947a5f73e38c67e27370c146a556a14a2d498c3f7757
10fafb3d3329daa7db92fc08ff8f9cbcc8788dc6d101bd8c197276a2dceefb9c
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1bb9c6ea966134cdb99d8e6fb8ea2562a7d272c70071e2d06605453be3a1934f
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
24dc9091915123031e1eb5b97b09249ac3a9f9a1c07926ecfc40a874f4526648
25b213093105b60e543caea2a694ef1cad8a48ee9ea1d6b6df6ddf9830d3b55b
27f6b26827d6ae9973e1941b4235a28dac3ea919780c0d85900e8535dd3c9043
2f17aba5dec1493506b18e3eddb13b473e74aea389721f7c5d3ff20a688320c1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d0e20d9b3815236e5bab2bbe7c89ebc1a36db698432641632230928a9232465
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3e90c4a9c29b91912da988ddd353ba52f0c52616446bddd540d28dec39d329ee
408f0420676dcbfc25376d7b3e00bea154a8195ac5f01ae5caa535107459b3b6
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
495e8587294e844e5d15b18ec988e7807147065df95b6a7ce181cc013fffd37d
49c779a926bc24d48d3878868404bc514b3cb8b2b80bb5b9056a6938445a991b
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
52bf5f128982937c5a6829348e74eebb82284c4018ec1dd2880d140bf5392dba
53265b04360771d78f3192b50c369d782ee63bae2a7603b40abcd4842b4d134a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556cba26c52776d732b7f3e0545dfd3490d43db92705f7f6046b42a706272c71
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
574e82692321e554bc0786be6586c760f036dc1e177c768e0030d4e081745a6d
59c55dec8b0816c5cf9afae9fabc358af3a0bce6ff5bcd49b6837820bcaaada2
5bb258d73ecad75c45400527fb94b8f2ca96da8831e8056302711565cc9f2aa7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cc9df6d2c5167afbcd0bb3ec6a037e51dea066690bca93a1b5b5e92f7a692f4
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67e6a99ab83ddaf7354c4f3dffbbe0c274322306e2bc5e2b134ae5e46e45dc71
696caf59faebf1ccd16126758a91f6ea232bf9650291498c129c1e0e2018d2cd
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc096703ef1dfacb1f4b237d04ef92e2241d49a94c30638864b941ec576be71
6be5cf1e8ed609c752deeec348b79d89a0950ef5e0455518755ba0506507fb4e
6cabe179908a07a82354ff1cbfddcf460eef2cbc13b5e1fadce27b8cf02f653a
6defdf3a39eebbb568c505087de9214fde2c0c203bf62be38b3018d65f862ee7
6ef8428d088835a0cb912c174920542986853088f2bf6d6cb8c7804c2e3d2ca8
72b4bc698d80481f8afd66930489c95d85e50f7a28a540483e485b82cc718f54
7626d7455b1748d1ab49d01e8034a4aa414f2ddb6c2feb221fc806ea075e6cae
765228dfe8a6a989d4bba8e836bb935be2713fdfc31de9dd8183af97d74cba44
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
80e931aa67638e25af700eab2819353caf70c40e704d520988ddbcd642e5c1a7
86ab4c2b16af92602679b9ddf7aaf92e0d9ddc5111b8d869690474a7c453aefd
871b2c039886c9911eaa27af586cd6d1f0a3f32c8bb52bf7a20a6daee05f22b4
87a7366a5817b199cb491d88aca167ff76e5cae207c119dfac7b1f4afffdf84f
8908c3bd78d267a0f41636657da1047043cf07173adb529bb0e6b421e6657217
8961ea71db593737bc0b7f83547c95212e6b4bf94fac2b9b208d6a04d13b4d12
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
89cf01806cd6d6d20c9bcd3d4d25293d8638aeb80f87ccdc7e04dd0ccd45a7c1
8ba3761638802c2c87ec7d2955577952dfbda09f42276b7fdb96842db756db18
8cdd8ddabb77ec078802845fb7784d95acf41f7a219c7ff92473ba1af8a62a44
9004ebb7f009e6bd5a717c9a86956a099ae98f4baa38c773eee3ccb22ef0f353
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9112d28c886a6ffb88906db6b74cf1fc6d91e6bb6c14c2658c85a6fdfc596e88
91c8d5acbd3f03f921b6cd2da42ce3c396e1c7bfb4dc12d34fd2db196d9c5104
92c1c8f3ac26075aa436548afad2878fc7d7b0c89ad8efc7bb310721c34cfabc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96320c0da3e53648c563f8decc57aba83007ce0328a172ff6bbf32c5ec9531ff
974b373aafebb2098c590c7ec80e9538cdd824d365234f7df5a101e47a98003c
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
99321551755755b9312c2026e4603deadf65b6b51b5c746b6a5b54576390fa0b
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
9e673bbc4f8fe8225feb8053080a8abdf86d154a9b6e161fc4651bcdffee3ff4
a0a06e689324d49c5831e58f851f11e69d66d729168727f83f05628bcc9b0a51
a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8
a4381e2371a426394a7a88628c4ee19e7d2f4bd8a6d71c9e88fdf34b4884cc1e
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a55bf8a57166d8406812e6da2d0f58eae4bb63abc11850ac2f7fc809df9d4135
a6c9bc8ce916928662b05533df7f5b0eb11d7c3c2b5dc577738d43c4be6e41d7
a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed
a7ad9db12275b6bcaa57a392d98122c99c0f7a80416da0edde9897e4330af8eb
aa1528f70e93cd39f3836bca5e41a251024396c53ebbc515d5a9e76d9ef32ae7
ad4af6b233ddb2f8080e7ae46eb66d026308ea7dc08df2944d119e147cf38e55
ae2ed8c8a557a6bf9923f25369ab50928622a304bdfcd3fcdb3a84125f0a2220
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0d41a7c2a399628f3e2e4732c4a1e14c1a788ef03feafc27e05a0d8b15c9261
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29b2b93b8083ce2836033f1d911f2aa6dab2438463d9b27d31c8dae947f2e0d
b7f9ac1ec91ffec3e3529000201e42fe8c3a3ee64de8a1c6f1f7a589ad1814a0
b816212d6330f7320adf7c0c652ee8de8d1a7aa06d247555f80f5491ed0b1d01
b96afd49383f3577a231dbd970e90067d058357c53347cd89d76fcd23886c444
bac771de6a1dce46befc512cc0a0d73018814c19b7e2fccc07faaeb9fd5dafbe
bba625a9dd96edd0e013e82a6f44ccd3f11ebe4ed4248b8c8f666326b370c9c7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bea953970cb405327bc2bcd8e197ad1dbb618c32182c2aeb3ad22dbec155d0e3
c16eb3f435b203865c52cb6323a2403812ad9da781b73862c2e1653e0c061d34
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
ccdf87ca3a425b83b90b7e3897f38323d006d6dad62b3b8afdc9b28a45835be5
cd4cdde1fc65ba661adcdde693fb326368677a51fd36c6d86824cec69657ec3e
cfa8f5b4aea0641af77cda1aaab7e4c9b8db8a0543c88e40c899ae440ee6c139
d070cf4a8dd9de233b6f408be6c8433b258951f6466010214e97f3529ba387a6
d0a284d1e17384555e1e0c4fdf0a793bdd1aa5a24c0a95a77bf8599713dea3ac
d1b70c9cd1a3d6dd444588fe022d21a6de7a102ede8e4b4f6a2401d0efeba8cc
d829d2df5daa4d52955f9c24b78709ffdc0e0f3baaef83897a75adb9a27fbc2e
da9dc3563f6c40da5e62da2b5bd009a1687c2afac35b82745c8bc35cb563c203
dad6108f296670c871d8e0037a1b3dbf7c8a8d0ad7f21205b0a70288526539ee
dbcc8c870439624901c7eff2dc36b56fe65a677763cd65824f3135df3bafa970
dd37b7fbbdcd051bb6c25428855a661026d01a10749deedf617f89fcaf71fac4
dd43c3611544ba7ede3039aad72f4ebf423e249d49e40311bef910e196cd0efa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e30ff813ae5703978b06a4c7bafd9e41494123b8d6fdf746de05d9777a620963
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e645ed07ede63f6548eb4a0106f61c6169aea5f06729605aa124fc073b12cf5a
e6bc7d2487b880830db5f6f7bf7bcda27504278a177e17a34d58013a436d85be
e9390605b9d30588396ffdf940cdb1c67a6499cb0605e1cf423bff43971fa005
eb03d5c88046cd6bf4bf958b581f783cc1f6b1f21f91af45c3e0ce5cf137bd0c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
f32bf90cc2a7fbb13c9cf8c0151b9ad16e63f10934a9909cb7e1fec830cd43b0
f566274a5195958634cf13d7a4b46903c5dc798e0a9833f44850ab6f275512ec
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8c206d37dcc271038a24b1833fa07afdc2f5c36c9b40c00090e5c07e2c7cea8

hs-manacost.ru Open in urlscan Pro 172.67.72.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

134 Requests

29 %HTTPS

80 %IPv6

15 Domains

19 Subdomains

20 IPs

4 Countries

4285 kBTransfer

7423 kBSize

25 Cookies

2 Outgoing links

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hs-manacost.ru Open in urlscan Pro
172.67.72.65 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

29 %
HTTPS

80 %
IPv6

15
Domains

19
Subdomains

20
IPs

4
Countries

4285 kB
Transfer

7423 kB
Size

25
Cookies

134 HTTP transactions
3 data transactions