hetq.am Open in urlscan Pro
2606:4700:10::6816:14b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/LqOQ1iTTa2
Effective URL:
https://hetq.am/en/article/162414
Submission: On December 14 via manual (December 14th 2023, 10:43:34 am UTC) from TR — Scanned from DE

Summary HTTP 69 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 18 domains to perform 69 HTTP transactions. The main IP is 2606:4700:10::6816:14b, located in United States and belongs to CLOUDFLARENET, US. The main domain is hetq.am.
TLS certificate: Issued by E1 on October 31st 2023. Valid for: 3 months.

This is the only time hetq.am was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 19	2606:4700:10:... 2606:4700:10::6816:14b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.45.238.53 23.45.238.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 8	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6 11	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2606:4700:303... 2606:4700:3035::6815:280b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
69	17

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:10::6816:14b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hetq.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.238.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-238-53.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8:20::215 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 6 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:280b (United States)

ASN13335 (CLOUDFLARENET, US)

ads.caramel.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	hetq.am 1 redirects hetq.am	2 MB
11	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3986	35 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	383 KB
8	yastatic.net 1 redirects yastatic.net — Cisco Umbrella Rank: 7053	204 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	48 KB
6	yandex.ru 2 redirects yandex.ru — Cisco Umbrella Rank: 2221 mc.yandex.ru — Cisco Umbrella Rank: 4182	267 KB
5	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8902	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	yandex.com.am 1 redirects mc.yandex.com.am	865 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	256 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	65 KB
1	caramel.am ads.caramel.am — Cisco Umbrella Rank: 695378	17 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	248 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	78 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 3351	362 B
1	t.co t.co — Cisco Umbrella Rank: 589	558 B
0	adstock.pro Failed cdn.adstock.pro Failed
69	18

	Domain	Requested by
19	hetq.am	1 redirects t.co hetq.am
11	static.addtoany.com	hetq.am static.addtoany.com
8	yastatic.net	1 redirects yastatic.net
6	tpc.googlesyndication.com	googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
5	mc.yandex.com	3 redirects hetq.am
4	mc.yandex.ru	2 redirects hetq.am
3	pagead2.googlesyndication.com	hetq.am pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.googleadservices.com	hetq.am
2	mc.yandex.com.am	1 redirects hetq.am
2	connect.facebook.net	hetq.am connect.facebook.net
2	yandex.ru	hetq.am
1	www.google.com	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.caramel.am	hetq.am ads.caramel.am
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	hetq.am
1	s7.addthis.com	hetq.am
1	t.co
0	cdn.adstock.pro Failed	hetq.am
69	20

This site contains links to these domains. Also see Links.

Domain
facebook.com
plus.google.com
twitter.com
www.youtube.com
anticorruption.am
www.addtoany.com
gijn.org
matemat.io

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
hetq.am E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-09` - `2024-12-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-22` - `2023-12-21`	3 months	crt.sh
static.addtoany.com E1	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-10-26` - `2024-04-24`	6 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-12-13` - `2024-06-11`	6 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
caramel.am GTS CA 1P5	`2023-11-28` - `2024-02-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://hetq.am/en/article/162414
Frame ID: EAA27D2BA3237374AE50ECAA422D19CA
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 485AAA076291EFF652EED487DB47B8F0
Requests: 1 HTTP requests in this frame

Frame: https://hetq.am/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: E53AD7CE04C16D53AB74BDBABC082FDA
Requests: 2 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: C292318E071517F6D3181346E07EC4AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8355782026477535&output=html&adk=1812271804&adf=3025194257&lmt=1702550609&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702550609262&bpp=83&bdt=333&idt=285&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7523667647786&frm=20&pv=2&ga_vid=478474553.1702550609&ga_sid=1702550610&ga_hid=1667410880&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C44795922%2C44809531%2C95320869%2C95320885&oid=2&pvsid=3716267873948103&tmod=891220249&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Ft.co%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=297
Frame ID: D3FE9AE7BF4BDB97FDB68E67CEAFAF0C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8355782026477535&output=html&h=280&slotname=5875512901&adk=3774678486&adf=393546741&pi=t.ma~as.5875512901&w=882&fwrn=4&fwrnh=100&lmt=1702550609&rafmt=1&format=882x280&url=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&ea=0&hl=ru&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702550609346&bpp=8&bdt=417&idt=219&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7523667647786&frm=20&pv=1&ga_vid=478474553.1702550609&ga_sid=1702550610&ga_hid=1667410880&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=2152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C44795922%2C44809531%2C95320869%2C95320885&oid=2&pvsid=3716267873948103&tmod=891220249&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=223
Frame ID: 5D3E79C37BCDFEEC748EE49767292143
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E3CA6122659C418FF76826C9EA7C25CA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 054CD16518F8D3630D280CB0EE2BE3E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Armenian Anti-Corruption Investigator Deposits $191K in One MonthAsset 3

Page URL History Show full URLs

https://t.co/LqOQ1iTTa2 Page URL
https://hetq.am/en/article/162414 Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

AddThis (Widgets) Expand

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

69
Requests

88 %
HTTPS

82 %
IPv6

18
Domains

20
Subdomains

17
IPs

3
Countries

2927 kB
Transfer

6173 kB
Size

34
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/hetqonline

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/117688947241743054319

Search URL Search Domain Scan URL

URL: https://twitter.com/Hetq_Trace

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCbtlA3A-Ka5Ip5vo6NJ0RKA

Search URL Search Domain Scan URL

URL: https://anticorruption.am/hy/news/view/309?fbclid=IwAR0CVCEPG4POJ5rVuEGxuoneb1zye4sTr-iL42oQkpQRbxYPLHydSzNKE_A
Title: statement

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&title=Armenian%20Anti-Corruption%20Investigator%20Deposits%20%24191K%20in%20One%20Month
Title: Share

Search URL Search Domain Scan URL

URL: https://gijn.org/

Search URL Search Domain Scan URL

URL: https://matemat.io/
Title: MATEMAT

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/LqOQ1iTTa2 Page URL
https://hetq.am/en/article/162414 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://yandex.ru/ads/system/context.js

Request Chain 37

https://hetq.am/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://hetq.am/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Request Chain 51

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10217.pHkxCm25BFyrOnu6Pxh90o2H9__CMyvBcH--WyZhHop8Oo2DKt7NNaOnrJiS_AjZ.7rs4ZbAn_Wp4GaiTxn-_M2wSxS8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10217.NzWmAql27fHpN_yI-hyFoHGtriWMh1YG0GHcx2JX2ELQOngzccpH2Cw1LOYsQfgJBBbmAYIRbr6_p-hv8gPS-FGeNDJNA77TBHSNqICe-zv1SjrqEVYnHi7OIkk0vfix8pRXWAgiVaua5UY_Rpsly42AJKkJE4is3Vf_m3eA_40LMpD03_BXeS2dr0S2Q2quvCEYmWrYZ3yS4obf41OeT3I47kcMvk3jLURN-nT_Zk0%2C.GjAXcIawVsdNDtUznBW4apJmRI0%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10217.KhqUS3LDNHobVYgEt2hF_lF0rv5U6e6P2oletsDbstC4mPaU6BOLZh-tPEZ9Gtess3DnfoGDLrAQL6E5VqbNmhwbjOtaY11FRVeM0yT11f6EQuJuPVNB2CeuJWwrqzI3lnc4fs3nPeT0V_lV2ykKtZ8ERRsLa4FIBXy1l4Jvo2QWe0eFUzfKcBU5Ku9E68SXYXQ-E4HVJ2oMBt3DX4PJ6g%2C%2C.lGcbxNDtrBzVprwRv8MLt5bqW1w%2C

Request Chain 52

https://mc.yandex.com.am/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com.am&token=10217.vuTMrhlg8r17yjhVKSffuM7hqbbHP6a7oJBCP1ksEuvsdqCNrhzXIjaAs4ZuJOTP.Y8u_pF0dKbBNB3hEyn851hdKed4%2C HTTP 302
https://mc.yandex.com.am/sync_cookie_image_decide?token=10217.0S8-Q55RYSgX7pHIoV1AHkECxA92RKlwLLvxkP0sdUBLMd9JzZJsKfl4rLtXsi2lWMyCoH-h70gVscSWTxj8vTpvir_ayLrNBgf9Se7wNx9aCvGXmylSMRw0YWg2iXC5fplYqKkqTALgyFcnCyo44byijwkGpJh0H5SmJMkQZ2Q6XGmdrW76eXqXoMzIBSRPkVDkQu2fAhp1I-xncxbJ57Q9vnl14dPrpOBonHLZHqg%2C.S_EmSnT8H_6YzzH4tYG85zfrebw%2C

Request Chain 55

https://mc.yandex.com/watch/53096017?wmode=7&page-url=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&page-ref=https%3A%2F%2Ft.co%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A640%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A315517997505%3Ahid%3A2548552%3Az%3A60%3Ai%3A20231214114329%3Aet%3A1702550610%3Ac%3A1%3Arn%3A768727856%3Arqn%3A1%3Au%3A170255061013394729%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C21%2C64%2C5%2C0%2C0%2C%2C490%2C4%2C%2C%2C%2C625%3Aco%3A0%3Acpf%3A1%3Ans%3A1702550608797%3Agi%3AR0ExLjEuNDc4NDc0NTUzLjE3MDI1NTA2MDk%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702550610%3At%3AArmenian%20Anti-Corruption%20Investigator%20Deposits%20%24191K%20in%20One%20Month&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/53096017/1?wmode=7&page-url=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&page-ref=https%3A%2F%2Ft.co%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A640%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A315517997505%3Ahid%3A2548552%3Az%3A60%3Ai%3A20231214114329%3Aet%3A1702550610%3Ac%3A1%3Arn%3A768727856%3Arqn%3A1%3Au%3A170255061013394729%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C21%2C64%2C5%2C0%2C0%2C%2C490%2C4%2C%2C%2C%2C625%3Aco%3A0%3Acpf%3A1%3Ans%3A1702550608797%3Agi%3AR0ExLjEuNDc4NDc0NTUzLjE3MDI1NTA2MDk%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702550610%3At%3AArmenian%20Anti-Corruption%20Investigator%20Deposits%20%24191K%20in%20One%20Month&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 66

https://googleads.g.doubleclick.net/pagead/adview?ai=CJVyuUdx6ZdzvJr2FxtYPtISK-Af-jbWTdK-JjJCfEuqMsLToDhABINm8nSFglfKGgpgHoAHZ3YnGA8gBAqkCDqjL0mBHsj6oAwHIA8kEqgT_AU_Q7d_dIBO8lrFETSwcPZ7bHade2fyzymzZg3NNW5rtIAoofheqoZJNxgzD_xFE_jlTotOPsW0GGicgkV98Non1NQ1Y2GcuuE6ZqVQ4gq9N2KaO7hZTmPicS94VQw8dU3pD0JijrEbSaY_oG6h5kUYi9-txkMwWgU_4tKkdBSEryUPJr8iJnzZhtnFlXwQQyAncVMUgOfSMt9ZyRn3OIslyDvvR-iD16Bh7x9kiPZ3U093ulxBNGCkHERH9RiFydENsvBPh13WkNvF-lJ_1cgobCKneDFXBxJ5BNCY4owUej0PM2EvBROTsYoooYSCaaKDlHqxjx8ly9FNFLyEXxcAEi5n7nsEEiAXSlofWL5IFBAgEGAGSBQQIBRgEoAYCgAePovY5qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQgowW0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlizqa-i346DA5oJQ2h0dHBzOi8vd3d3LmhhdXNmcmFnZS5kZS9hcnRpa2VsL2RldXRzY2hlcy1zdGFydHVwLWhpbGZ0LWJlaS1zb2xhci-ACgHICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7EC2BMM0BUBgBcBshccChoIABIUcHViLTgzNTU3ODIwMjY0Nzc1MzUYAA&sigh=B0iYuYmuqFE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_7vRtmuuhS-ng7dAZwTEupgc83tNbS6oSEjyActHFmbGSph7ub1bGJ2NsFH17zlWznEpbX1GQHL02iCUFvijMXPuBA_ppRz4-5BgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214400830902702755399%22,%22debug_reporting%22:true,%22destination%22:%22https://hausfrage.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22952266457%22],%2222%22:[%22true%22],%224%22:[%2212-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224328245180119496401%22}&andc=true

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 LqOQ1iTTa2
t.co/ 256 B
558 B 140ms
120ms Document
text/html 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/LqOQ1iTTa2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 185
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 10:43:28 GMT
expires: Thu, 14 Dec 2023 10:48:28 GMT
perf: 7469935968
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 052857593292034cbd8c320d37c29bd73bbfbaffecd25df309affab84ebf444d
x-response-time: 111
x-transaction-id: 6acb7739f98da7f4
x-xss-protection: 0

GET
H2 200 Primary Request 162414 Show response
hetq.am/en/article/ 31 KB
10 KB 129ms
63ms Document
text/html 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hetq.am/en/article/162414

Requested by

Host: t.co
URL: https://t.co/LqOQ1iTTa2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7cca6ec2936b74071e544ec2b99a9bac1c32dc50ddbb48f316ee2e0cccb99db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8355d8996b23bbaa-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Dec 2023 10:43:28 GMT
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 app.css
hetq.am/assets/css/ 477 KB
55 KB 36ms
35ms Stylesheet
text/css 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hetq.am/assets/css/app.css

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3804955c340ffd2181a374b7229af31153bb6dd87d6e8dadfd787914e99aaabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hetq.am/en/article/162414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1399429
cf-polished: origSize=490235
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Thu, 27 Jul 2023 17:27:19 GMT
server: cloudflare
etag: W/"64c2a8f7-77afb"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
cf-ray: 8355d899ebc8bbaa-FRA
expires: Thu, 28 Dec 2023 05:59:39 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
362 B 94ms
37ms Script
text/javascript 23.45.238.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.238.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-238-53.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 10:43:29 GMT
server: Oracle API Gateway
opc-request-id: /3F975CF9BAB8EEBBB86250C94CC1FEA3/038387BDFD938CFD94118437DABACD97
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
78 KB 47ms
25ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VY3TDNJN88

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1665212b9533a3dc312a09f291f73c8043469d7f0144098f2573970e6fe9f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78995
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 10:43:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 101ms
79ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eeccaea17c413fc8ae932317e1f69c14fda353ac94d79753909e670da35dd790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51251
x-xss-protection: 0
server: cafe
etag: 13981321107096445054
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 10:43:29 GMT

GET
H2

200

context.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://yandex.ru/ads/system/context.js

345 KB
97 KB

181ms
64ms

Script
text/javascript

2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ea96eab93d8a5e3c77c18c9421e3c4be3aa765623db240a1bdf48afee8f0786e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1702550609137890-17417753938448251076-balancer-l7leveler-kubr-yp-vla-155-BAL-318
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 14 Dec 2023 11:43:29 GMT

Redirect headers

date: Thu, 14 Dec 2023 10:43:28 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
location: https://yandex.ru/ads/system/context.js
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e4fc4a5bb7d77fd61df89836934eecf45d129415d16ee0e2691e1b67c130d049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 10:43:29 GMT
content-md5: IOzpvUjd4dfiwaRlv5FEuQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: leJbL8/jxxO570OMjk2UD15dpHbLtEI8xHYa9N6zxmTAvBW/AR1Xkdgo46aSTXzvynXwSTROdacLFtoEtiUEbw==
x-fb-content-md5: 7cbac6c762ba4db608edbbedab9846dd
cross-origin-opener-policy: same-origin-allow-popups
etag: "4b853c575a09352da48c821e6781f418"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 14 Dec 2023 10:59:46 GMT

GET
H2 200 videos.png
hetq.am/assets/css/img/ 20 KB
21 KB 24ms
24ms Image
image/png 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hetq.am/assets/css/img/videos.png

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6c66c7b898c016e856332780f9956bcce741f1df485b239de5cfb8b70a84dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hetq.am/en/article/162414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1303365
alt-svc: h3=":443"; ma=86400
content-length: 20875
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
last-modified: Fri, 21 Jan 2022 20:36:24 GMT
server: cloudflare
etag: "61eb1948-518b"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8355d899ebcbbbaa-FRA
expires: Fri, 29 Dec 2023 08:40:43 GMT

GET
H2 200 photos.png
hetq.am/assets/css/img/ 4 KB
5 KB 25ms
25ms Image
image/png 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hetq.am/assets/css/img/photos.png

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d60e271208db95dacca71d0a2874ce5091fe681e6c7f70c2074d14320181a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hetq.am/en/article/162414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 448499
alt-svc: h3=":443"; ma=86400
content-length: 4520
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
last-modified: Fri, 21 Jan 2022 20:36:24 GMT
server: cloudflare
etag: "61eb1948-11a8"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8355d899ebcebbaa-FRA
expires: Mon, 08 Jan 2024 06:08:29 GMT

GET
H3 200 fb.jpg
hetq.am/assets/css/img/ 10 KB
10 KB 21ms
21ms Image
image/jpeg 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hetq.am/assets/css/img/fb.jpg

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6192a37426b02eda2e7a17ab85db12677b43d3680c36d4f4d6ecc29178e470b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hetq.am/en/article/162414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1153656
alt-svc: h3=":443"; ma=86400
content-length: 10182
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: h2pri
last-modified: Fri, 21 Jan 2022 20:36:24 GMT
server: cloudflare
etag: "61eb1948-27c6"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8355d89a1e399070-FRA
expires: Sun, 31 Dec 2023 02:15:52 GMT

GET
H3 200 g-plus.jpg
hetq.am/assets/css/img/ 11 KB
11 KB 22ms
22ms Image
image/jpeg 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hetq.am/assets/css/img/g-plus.jpg

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bc476b9e8f268081aba42220ce4aed93cf0304a323e8cd410e32f677b9eb3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hetq.am/en/article/162414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 107293
alt-svc: h3=":443"; ma=86400
content-length: 11053
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: h2pri
last-modified: Fri, 21 Jan 2022 20:36:24 GMT
server: cloudflare
etag: "61eb1948-2b2d"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8355d89a1e3d9070-FRA
expires: Fri, 12 Jan 2024 04:55:15 GMT

GET
H3 200 twitter.jpg
hetq.am/assets/css/img/ 10 KB
11 KB 21ms
21ms Image
image/jpeg 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hetq.am/assets/css/img/twitter.jpg

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3d964e29494fb0e009553f56df88a0efb17dff3d145b57fbfc68292ba8f357f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hetq.am/en/article/162414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1376963
alt-svc: h3=":443"; ma=86400
content-length: 10528
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: h2pri
last-modified: Fri, 21 Jan 2022 20:36:24 GMT
server: cloudflare
etag: "61eb1948-2920"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8355d89a3e599070-FRA
expires: Thu, 28 Dec 2023 12:14:06 GMT

GET
H3 200 youtube.jpg
hetq.am/assets/css/img/ 11 KB
11 KB 24ms
24ms Image
image/jpeg 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hetq.am/assets/css/img/youtube.jpg

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1f41449619ce13aad1d9d3e72b0e4b1be814f73400bad2ee51336e3bc1b5b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hetq.am/en/article/162414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1220852
alt-svc: h3=":443"; ma=86400
content-length: 11498
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: h2pri
last-modified: Fri, 21 Jan 2022 20:36:24 GMT
server: cloudflare
etag: "61eb1948-2cea"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8355d89c08269070-FRA
expires: Sat, 30 Dec 2023 07:35:57 GMT

GET
H3 200 rss.jpg
hetq.am/assets/css/img/ 11 KB
11 KB 21ms
20ms Image
image/jpeg 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hetq.am/assets/css/img/rss.jpg

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e66eff69540a80532fd6b8fc7f7cb36394b751f52a762792050d9c66452b2ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hetq.am/en/article/162414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1040363
alt-svc: h3=":443"; ma=86400
content-length: 11288
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: h2pri
last-modified: Fri, 21 Jan 2022 20:36:24 GMT
server: cloudflare
etag: "61eb1948-2c18"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8355d89c38689070-FRA
expires: Mon, 01 Jan 2024 09:44:06 GMT

GET
H3 200 l-LtGbXWbul8.jpg
hetq.am/static/articles/16/24/14/ 131 KB
131 KB 21ms
21ms Image
image/jpeg 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hetq.am/static/articles/16/24/14/l-LtGbXWbul8.jpg

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1d7f526b0fd4f6b725731bfe159939dd98d39d0cd9ac1635bd26386f857a9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hetq.am/en/article/162414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 92877
alt-svc: h3=":443"; ma=86400
content-length: 134115
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: h2pri
last-modified: Wed, 29 Nov 2023 06:59:46 GMT
server: cloudflare
etag: "6566e162-20be3"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8355d89c58839070-FRA
expires: Fri, 12 Jan 2024 08:55:32 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 49ms
25ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

042a9121e1c7bcdc3bfc48ed5e23b8dd1f64f375ef5872a5984e5d5096444702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24892
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"03396a6543cd35a0e73d2b4de150841b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41%2Fz1ukDubkBRoNFxnFPLISYFuPGRuwWepPm6jMfkKZiT%2F44P%2FiSx32GLWnPNgR3CNwqj6eFu9fK2fhstTCEFrHcnTr9vQ5xnMNK4TRNe1kYLr481TOoBcz%2FZamw9EIleXGlxLhc1Qght0RpK6l768A%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 8355d89c9d371bc3-FRA

GET
H3 200 footer-logo.png
hetq.am/assets/css/img/ 21 KB
21 KB 21ms
19ms Image
image/png 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hetq.am/assets/css/img/footer-logo.png

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ac50e521efe532906c6981244ad7ac642dc9cbcd60aafb0ad85e3088f9718af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hetq.am/en/article/162414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 107294
alt-svc: h3=":443"; ma=86400
content-length: 21221
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
last-modified: Fri, 21 Jan 2022 20:36:24 GMT
server: cloudflare
etag: "61eb1948-52e5"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8355d89c68a89070-FRA
expires: Fri, 12 Jan 2024 04:55:15 GMT

GET
H3 200 gun_v2.png
hetq.am/assets/css/img/ 39 KB
39 KB 23ms
21ms Image
image/png 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hetq.am/assets/css/img/gun_v2.png

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9a2d9ae7c4dad3a1f08a70a1b4d01ba3251360fbf1201f748a0ad1d4ea18f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hetq.am/en/article/162414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1224786
alt-svc: h3=":443"; ma=86400
content-length: 39903
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
last-modified: Mon, 09 Oct 2023 11:43:07 GMT
server: cloudflare
etag: "6523e74b-9bdf"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8355d89c68aa9070-FRA
expires: Sat, 30 Dec 2023 06:30:23 GMT

GET
H3 200 email-decode.min.js Show response
hetq.am/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
836 B 12ms
12ms Script
application/javascript 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hetq.am/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hetq.am/en/article/162414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 15:04:24 GMT
server: cloudflare
etag: W/"6569f5f8-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8355d89a4e729070-FRA
expires: Sat, 16 Dec 2023 10:43:29 GMT

GET
H3 200 app.js Show response
hetq.am/assets/js/ 528 KB
150 KB 26ms
26ms Script
application/javascript 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hetq.am/assets/js/app.js

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59826927a183a659875bd5b23b382345631f52579141272658ef6ddb37ada824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hetq.am/en/article/162414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1314637
cf-polished: origSize=540771
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
cf-bgj: minify
last-modified: Thu, 27 Jul 2023 17:27:19 GMT
server: cloudflare
etag: W/"64c2a8f7-84063"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8355d89a5e8a9070-FRA
expires: Fri, 29 Dec 2023 05:32:52 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 344 KB
97 KB 173ms
71ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b4fe77dc30e74e3a2ffcb305c36079f7558bc8722a0d23dc21d3178c3abf7377

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1702550609470569-9636635910982921783-balancer-l7leveler-kubr-yp-vla-69-BAL-1516
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 14 Dec 2023 11:43:29 GMT

GET adstock.js
cdn.adstock.pro/as/js/0.2.3/ 0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VY3TDNJN88&gtm=45je3bt0v9110216703&_p=1702550609039&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=478474553.1702550609&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702550609&sct=1&seg=0&dl=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&dr=https%3A%2F%2Ft.co%2F&dt=Armenian%20Anti-Corruption%20Investigator%20Deposits%20%24191K%20in%20One%20Month&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=353
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VY3TDNJN88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 10:43:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hetq.am
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8355782026477535&plah=hetq.am

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d86a7be160e21622b5f75dc00bfcc225b70396af2d2c3865b4be614ee7fb9640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137960
x-xss-protection: 0
server: cafe
etag: 4437734681226534946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 10:43:29 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 485A 9 KB
4 KB 30ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 23:18:53 GMT
etag: 5585625838579639069
expires: Wed, 27 Dec 2023 23:18:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc63f7872af19dfd876e.js Show response
yastatic.net/partner-code-bundles/928345/ 14 KB
5 KB 21ms
19ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/928345/dc63f7872af19dfd876e.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

048e34620c1aad3d7d6350c9aa9c14a7b8c0a52d83d0ec3450609447be2c369b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4769
last-modified: Wed, 13 Dec 2023 18:56:22 GMT
server: nginx/1.17.9
etag: "cb2762407c86c560d3ebe9b8e3d5dc1f"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 13 Dec 2053 17:14:29 GMT

GET
H2 200 66da110aca1b0a612136.js Show response
yastatic.net/partner-code-bundles/928345/ 24 KB
8 KB 24ms
22ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/928345/66da110aca1b0a612136.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

157bf46ba5ef3a83aadc26003d5d90cdd06c99c3977941f0440e2a5b8189ff43

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7951
last-modified: Wed, 13 Dec 2023 18:56:21 GMT
server: nginx/1.17.9
etag: "71246d9f96a86846dbb34a1c2bd16f6b"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 13 Dec 2053 17:14:29 GMT

GET
H2 200 cd012f5053c10433fd71.js Show response
yastatic.net/partner-code-bundles/928345/ 118 KB
25 KB 30ms
29ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/928345/cd012f5053c10433fd71.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f4189e914fc55e6999cb4592c68d5a87beb5616118121c29ee9c1bc579ffdade

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24646
last-modified: Wed, 13 Dec 2023 18:56:22 GMT
server: nginx/1.17.9
etag: "c83efd6463725aa804079a1e9ede6caa"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 13 Dec 2053 17:14:29 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 33ms
32ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 13 Dec 2053 17:16:30 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 18ms
17ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 2d555ee393c39a32
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Dec 2024 16:29:42 GMT

GET
H2 200 336735403f1a6c5eb04c.js Show response
yastatic.net/partner-code-bundles/928345/ 59 KB
15 KB 39ms
38ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/928345/336735403f1a6c5eb04c.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

550a637ed1e55a1700733b6fc9a7c7ccb528bf0252ff23b216dd42c8b6b9c68c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 14838
last-modified: Wed, 13 Dec 2023 18:56:21 GMT
server: nginx/1.17.9
etag: "b3b853dadeb7d2b34434616cbc560c4b"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 13 Dec 2053 17:14:29 GMT

GET
H2 200 bf51a18a2fabdc15cb02.js Show response
yastatic.net/partner-code-bundles/928345/ 599 KB
115 KB 40ms
39ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/928345/bf51a18a2fabdc15cb02.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5369f2034d33e50d4b9debfef58713579595f1ba7e622fee9123651ca3e2f8dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 117466
last-modified: Wed, 13 Dec 2023 18:56:22 GMT
server: nginx/1.17.9
etag: "837e8c9217c70dae6c3fa3d35b56fab5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 13 Dec 2053 17:14:29 GMT

GET
H3 200 weblysleekuisl.ttf
hetq.am/assets/fonts/webly/ 608 KB
609 KB 23ms
23ms Font
application/octet-stream 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hetq.am/assets/fonts/webly/weblysleekuisl.ttf

Requested by

Host: hetq.am
URL: https://hetq.am/assets/css/app.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c016c6eaf0cb0bf7f970e346a496c8e3164b9102e0beeb1482f55cffc5a1d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hetq.am/assets/css/app.css
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1224730
alt-svc: h3=":443"; ma=86400
content-length: 622892
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
last-modified: Fri, 21 Jan 2022 20:36:24 GMT
server: cloudflare
etag: "61eb1948-9812c"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8355d89c78b09070-FRA
expires: Sat, 30 Dec 2023 06:31:19 GMT

GET
H3 200 weblysleekuisb.ttf
hetq.am/assets/fonts/webly/ 640 KB
641 KB 42ms
42ms Font
application/octet-stream 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hetq.am/assets/fonts/webly/weblysleekuisb.ttf

Requested by

Host: hetq.am
URL: https://hetq.am/assets/css/app.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e2980403e9fbaf9e8affe72e304d3619b5b3a31c9f0b3a5cf09641882486ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hetq.am/assets/css/app.css
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66595
alt-svc: h3=":443"; ma=86400
content-length: 655596
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: same-origin
last-modified: Fri, 21 Jan 2022 20:36:24 GMT
server: cloudflare
etag: "61eb1948-a00ec"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8355d89c78b19070-FRA
expires: Fri, 12 Jan 2024 16:13:34 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=21fd359827d397253ac32efbfc733625

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f45958c62e0710a4fd7741aec8f76a799399dd3ad3f2103d4f3acfe15f2eba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 10:43:29 GMT
content-md5: Ioqwd6UpO/vdDVK7ZFe9Eg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88319
reporting-endpoints
x-fb-debug: TY9oUNYvstFpXMeDeCdBriV3/oXASbeRv4tkh6oIVuNbaxzrpFynbqncV6Xo2YaxWKClzF+5xCqtxnmeMU4aeA==
x-fb-content-md5: 2e4b7b72297cbd950695abab21cf6951
cross-origin-opener-policy: same-origin-allow-popups
etag: "0216b94dbabf24de36dfea6d7a4cf46a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 13 Dec 2024 10:20:05 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 210ms
59ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9b2c36195d8149926940ce2d9ed3b6c4e4390464224b8f4733cf096cc4494e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Dec 2023 08:38:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65781bea-1158c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71052
expires: Thu, 14 Dec 2023 11:43:29 GMT

GET
H2 200 ads.min.js Show response
ads.caramel.am/ 79 KB
17 KB 400ms
362ms Script
application/x-javascript 2606:4700:3035::6815:280b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.caramel.am/ads.min.js?ts=1702550609403
Requested by: Host: hetq.am
URL: https://hetq.am/en/article/162414
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:280b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7008d741d64db91afc8e888fbcfe307e933f830415080472bb32a4fd1481c73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 13 Oct 2023 11:26:29 GMT
server: cloudflare
etag: W/"13b2e-65292965-144072c;gz"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFlbYndYkNbes6%2Bi47MpaTnLWBvZwFKo6%2FKiHH2Gmai2dPDFuVQxjR6FKrEXTaf%2Bq8BtSwNeSR%2Fuyij14LKvvUf1By9htpajdnlWw8a79%2BpslEMFUqE%2F9pPNzQxPFwd8cQNa2kJLc5fj8i4Hzg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=15552000
cf-ray: 8355d89d09741a47-FRA
expires: Thu, 21 Dec 2023 10:43:29 GMT

GET
H3

200

main.js Show response
hetq.am/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame E53A
Redirect Chain

https://hetq.am/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://hetq.am/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 KB
4 KB

15ms
14ms

Script
application/javascript

2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hetq.am/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41410e4244c0cf242141838581bcc36d63818ce231db5dc46c50451c17ac8d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=86400, enforce
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8355d89d097e9070-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=86400, enforce
vary: accept-encoding
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
cache-control: max-age=300, public
cf-ray: 8355d89ce9579070-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame C292 677 B
713 B 20ms
19ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 6668
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8355d89cfda11bc3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 10:43:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQpmVePE%2F1OO8G9kr%2B8d1AZRvXsHAClqnRLbDHpdmXr0bMxbVwzO2hYv5ZZTtFEYYv58C6tPnu0IPcgWNfz5CFNKKpSHl3DNI0WwdKbBAKBNoA%2FUewjy4DEibz2kINmobrJ%2F0v9y"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.11bfb520.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 48ms
31ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.11bfb520.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77fd2e01fe7322b437084ad512b3c3df777ce7d092b975eb8b29ecb4fb612187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14073
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a34c5f06f67d42236ec124345ba1b81c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYkCxcOfV6W9UoQna8QlwjGRydCw2LAYdz0nyxyfUBfAGo1eoV3VUfkYV38djA07gVnE2BhLWsMr%2FtnxWd8xDSMB9bm3R7vLtQ4%2FUCZkdstQmrVAZY823x3PBE6Rai%2FHdHKHgN9BmWEWcZNH6RR8rBvT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 8355d89d0e0f2c57-FRA

POST
H3 200 8355d8996b23bbaa Show response
hetq.am/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E53A 0
340 B 34ms
33ms XHR
text/plain 2606:4700:10::6816:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hetq.am/cdn-cgi/challenge-platform/h/b/jsd/r/8355d8996b23bbaa

Requested by

Host: hetq.am
URL: https://hetq.am/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
cf-ray: 8355d89daa279070-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3FE 0
188 B 203ms
202ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8355782026477535&output=html&adk=1812271804&adf=3025194257&lmt=1702550609&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702550609262&bpp=83&bdt=333&idt=285&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7523667647786&frm=20&pv=2&ga_vid=478474553.1702550609&ga_sid=1702550610&ga_hid=1667410880&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C44795922%2C44809531%2C95320869%2C95320885&oid=2&pvsid=3716267873948103&tmod=891220249&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Ft.co%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=297

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8355782026477535&plah=hetq.am

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 10:43:29 GMT
expires: Thu, 14 Dec 2023 10:43:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 430 B
818 B 20ms
20ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14073
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3c6ccaafe275b5b477d0400b5847bbce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tr%2FkSy%2FkXzOSuDVlfv7LTcV8mcFuhlavwwcsJLPRmAAv7QTKwEg46wttRjK5bwdqUr64mNpbmaNm8356Ad8K9cQXMSNldM6pN%2FW%2FJquWIb7vPvAcp6XFYyYDXnaBmPBXcNNuxl23"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8355d89dcef12c57-FRA

GET
H3 200 facebook_messenger.js Show response
static.addtoany.com/menu/svg/icons/ 378 B
793 B 22ms
22ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook_messenger.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14073
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a7acd011eeba6d8c34c891c7c795d4e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvF1RX40r7qIqOskXq3GKtAAXUStK2h%2BVPMo2BhZkeb764DeJqms%2BStxHUHEod9o1PuqHpRoF8jh41kf%2FzES74rCNelBT0cKyoaBDRpWsKBUjauoFvs7R%2BUBRLogpobxVoi11lDC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8355d89dcef62c57-FRA

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 695 B
928 B 25ms
24ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14073
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"31edccd311957616d32bbcad27fcf679"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEVXiebQiip7eRzxd29JfmqzLFOkOpXJownE4rXEkksuE29tABCEHrJDyebbAzFR0mFEvCvvtySiumm83zpzV2Dwkx%2BSFiSXRj%2BdL%2B9dG2d%2Bue9CxbfPrVpMYDI8wRUBK77zfUvZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8355d89dcef72c57-FRA

GET
H3 200 telegram.js Show response
static.addtoany.com/menu/svg/icons/ 360 B
780 B 35ms
35ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/telegram.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14073
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"fb47b4f6548b6499923a1beed7472419"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3mYsu19kwVHjYX6bBGc%2FzpnOU8YQkonxUwvMCYoxrYDeF3ka6hN6IqrFEvSP0hJStlK2axWELFEq0elMpteBSJ9svsHvF7uNSDk4YFAtNiRTcLvaD2rPTRazHwRqnzMA34EU%2FE%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8355d89dcef92c57-FRA

GET
H3 200 whatsapp.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
1 KB 29ms
29ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/whatsapp.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

390bb80c8ec894a3669df1522e5f88b9f1c2a7dc7b2a6aa39ea8a6401b1aea80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14073
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"6a035bb94747645017c1cfe9f5801857"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5oU8KThrk9yefK%2FrLMojQIcSEG23Yp0Uj5%2B4kX3XpRi3bgy%2BPqqnv6Cu7dbIo0xfrRI9gDgxvICa8IDnKSnUD7pVQJ9t0ul5qPFzgZ9neucRdBoXNLxRFLthL0S1DEeIq6LSrz9pcwchpoMU%2BBe2mDo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8355d89dcefa2c57-FRA

GET
H3 200 viber.js Show response
static.addtoany.com/menu/svg/icons/ 1009 B
1 KB 24ms
23ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/viber.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

891a6bbce5bed3f462145dc56e5896a2a9c451d7e77dc189371143220c73b9ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26847
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"9854e2e56b10e3422d1b2fc243a9c7d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0csqogqxxxs9vfcAmyKLOSyLsVfqC0%2BxhmqhAG9mZ2%2BdiHxeyX9aXwqMctxy0A%2FlavNeOgE9rbXbyBWmV56qRqfjybJ%2FROVlVIyQZn3OglYATC82zv4U03jzjdeaAL%2BlUu1%2Bboz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8355d89dcefb2c57-FRA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 427 B
831 B 23ms
22ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14073
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"48a669f03d3a3ea93ea22be8f12d6cc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLfuA2tyVVLYHfC6BiHnAFFkj7iA6xgRIdKAzZQJw0E9frN7r7Wz5Ii9hpLKPpT3DbkngFUcfAsi6IgHYwlkc9%2Bj0Z%2BorKYsJL8MevwKncYAyUjNv6sZ9tvrsGsY8DoAHxa%2Bg%2FxNFxExVgqBNjAWRd%2Fy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8355d89dcefc2c57-FRA

GET
H3 200 a2a.js Show response
static.addtoany.com/menu/svg/icons/ 182 B
666 B 49ms
48ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/a2a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://hetq.am
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"0aca4ea1e5f8f250126a8e0c597dd969"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgHpROhizUQeFJQCdvEpx2fKUiepaidqVdl7YQMZEKp2Rp5xuOwKhoiAogWXwuZPvzL5oPWebxVGvzpJNStKedDpMCoQ11QmN7OVS1kmGa6XPoPDg%2FFAgUjLz2TT2bf6anKMcbdg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8355d89dceff2c57-FRA

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D3E 138 KB
43 KB 571ms
571ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8355782026477535&output=html&h=280&slotname=5875512901&adk=3774678486&adf=393546741&pi=t.ma~as.5875512901&w=882&fwrn=4&fwrnh=100&lmt=1702550609&rafmt=1&format=882x280&url=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&ea=0&hl=ru&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702550609346&bpp=8&bdt=417&idt=219&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7523667647786&frm=20&pv=1&ga_vid=478474553.1702550609&ga_sid=1702550610&ga_hid=1667410880&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=2152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C44795922%2C44809531%2C95320869%2C95320885&oid=2&pvsid=3716267873948103&tmod=891220249&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=223

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

828d2d66bedcc0c1ef5b1e83d74269903c47bda4052b6f805901a9481f43209b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44182
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 10:43:30 GMT
expires: Thu, 14 Dec 2023 10:43:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10217.pHkxCm25BFyrOnu6Pxh90o2H9__CMyvBcH--WyZhHop8Oo2DKt7NNaOnrJiS_AjZ.7rs4ZbAn_Wp4GaiTxn-_M2wSxS8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10217.NzWmAql27fHpN_yI-hyFoHGtriWMh1YG0GHcx2JX2ELQOngzccpH2Cw1LOYsQfgJBBbmAYIRbr6_p-hv8gPS-FGeNDJNA77TBHSNqICe-zv1SjrqEVYnHi7OIkk0vfix8pRXWAgiVa...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10217.KhqUS3LDNHobVYgEt2hF_lF0rv5U6e6P2oletsDbstC4mPaU6BOLZh-tPEZ9Gtess3DnfoGDLrAQL6E5VqbNmhwbjOtaY11FRVeM0yT11f6EQ...

43 B
581 B

52ms
52ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10217.KhqUS3LDNHobVYgEt2hF_lF0rv5U6e6P2oletsDbstC4mPaU6BOLZh-tPEZ9Gtess3DnfoGDLrAQL6E5VqbNmhwbjOtaY11FRVeM0yT11f6EQuJuPVNB2CeuJWwrqzI3lnc4fs3nPeT0V_lV2ykKtZ8ERRsLa4FIBXy1l4Jvo2QWe0eFUzfKcBU5Ku9E68SXYXQ-E4HVJ2oMBt3DX4PJ6g%2C%2C.lGcbxNDtrBzVprwRv8MLt5bqW1w%2C

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10217.KhqUS3LDNHobVYgEt2hF_lF0rv5U6e6P2oletsDbstC4mPaU6BOLZh-tPEZ9Gtess3DnfoGDLrAQL6E5VqbNmhwbjOtaY11FRVeM0yT11f6EQuJuPVNB2CeuJWwrqzI3lnc4fs3nPeT0V_lV2ykKtZ8ERRsLa4FIBXy1l4Jvo2QWe0eFUzfKcBU5Ku9E68SXYXQ-E4HVJ2oMBt3DX4PJ6g%2C%2C.lGcbxNDtrBzVprwRv8MLt5bqW1w%2C
date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

sync_cookie_image_decide
mc.yandex.com.am/
Redirect Chain

https://mc.yandex.com.am/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com.am&token=10217.vuTMrhlg8r17yjhVKSffuM7hqbbHP6a7oJBCP1ksEuvsdqCNrhzXIjaAs4ZuJOTP.Y8u_pF0dKbBNB3hEyn851hdKed4%2C
https://mc.yandex.com.am/sync_cookie_image_decide?token=10217.0S8-Q55RYSgX7pHIoV1AHkECxA92RKlwLLvxkP0sdUBLMd9JzZJsKfl4rLtXsi2lWMyCoH-h70gVscSWTxj8vTpvir_ayLrNBgf9Se7wNx9aCvGXmylSMRw0YWg2iXC5fplYqKk...

43 B
509 B

56ms
56ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com.am/sync_cookie_image_decide?token=10217.0S8-Q55RYSgX7pHIoV1AHkECxA92RKlwLLvxkP0sdUBLMd9JzZJsKfl4rLtXsi2lWMyCoH-h70gVscSWTxj8vTpvir_ayLrNBgf9Se7wNx9aCvGXmylSMRw0YWg2iXC5fplYqKkqTALgyFcnCyo44byijwkGpJh0H5SmJMkQZ2Q6XGmdrW76eXqXoMzIBSRPkVDkQu2fAhp1I-xncxbJ57Q9vnl14dPrpOBonHLZHqg%2C.S_EmSnT8H_6YzzH4tYG85zfrebw%2C

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:30 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com.am/sync_cookie_image_decide?token=10217.0S8-Q55RYSgX7pHIoV1AHkECxA92RKlwLLvxkP0sdUBLMd9JzZJsKfl4rLtXsi2lWMyCoH-h70gVscSWTxj8vTpvir_ayLrNBgf9Se7wNx9aCvGXmylSMRw0YWg2iXC5fplYqKkqTALgyFcnCyo44byijwkGpJh0H5SmJMkQZ2Q6XGmdrW76eXqXoMzIBSRPkVDkQu2fAhp1I-xncxbJ57Q9vnl14dPrpOBonHLZHqg%2C.S_EmSnT8H_6YzzH4tYG85zfrebw%2C
date: Thu, 14 Dec 2023 10:43:30 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
474 B 100ms
95ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Dec 2023 08:38:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65781bea-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 14 Dec 2023 11:43:29 GMT

GET hetq.am.js
ads.caramel.am/json/ 0
0

GET
H2

200

1 Show response
mc.yandex.com/watch/53096017/
Redirect Chain

https://mc.yandex.com/watch/53096017?wmode=7&page-url=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&page-ref=https%3A%2F%2Ft.co%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8p...
https://mc.yandex.com/watch/53096017/1?wmode=7&page-url=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&page-ref=https%3A%2F%2Ft.co%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f...

420 B
511 B

54ms
54ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/53096017/1?wmode=7&page-url=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&page-ref=https%3A%2F%2Ft.co%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A640%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A315517997505%3Ahid%3A2548552%3Az%3A60%3Ai%3A20231214114329%3Aet%3A1702550610%3Ac%3A1%3Arn%3A768727856%3Arqn%3A1%3Au%3A170255061013394729%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C21%2C64%2C5%2C0%2C0%2C%2C490%2C4%2C%2C%2C%2C625%3Aco%3A0%3Acpf%3A1%3Ans%3A1702550608797%3Agi%3AR0ExLjEuNDc4NDc0NTUzLjE3MDI1NTA2MDk%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702550610%3At%3AArmenian%20Anti-Corruption%20Investigator%20Deposits%20%24191K%20in%20One%20Month&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

78783e1a6689e63cf1de7ce93f402ba639ebb572fef9a0471f2595c1bbf34fcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 10:43:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 14-Dec-2023 10:43:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hetq.am
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Thu, 14-Dec-2023 10:43:30 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 10:43:30 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 14-Dec-2023 10:43:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/53096017/1?wmode=7&page-url=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&page-ref=https%3A%2F%2Ft.co%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A640%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A315517997505%3Ahid%3A2548552%3Az%3A60%3Ai%3A20231214114329%3Aet%3A1702550610%3Ac%3A1%3Arn%3A768727856%3Arqn%3A1%3Au%3A170255061013394729%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C21%2C64%2C5%2C0%2C0%2C%2C490%2C4%2C%2C%2C%2C625%3Aco%3A0%3Acpf%3A1%3Ans%3A1702550608797%3Agi%3AR0ExLjEuNDc4NDc0NTUzLjE3MDI1NTA2MDk%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702550610%3At%3AArmenian%20Anti-Corruption%20Investigator%20Deposits%20%24191K%20in%20One%20Month&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://hetq.am
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 14-Dec-2023 10:43:30 GMT

GET
H2 200 27428375113825916
tpc.googlesyndication.com/daca_images/simgad/ Frame 5D3E 144 KB
144 KB 38ms
17ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/27428375113825916

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8355782026477535&output=html&h=280&slotname=5875512901&adk=3774678486&adf=393546741&pi=t.ma~as.5875512901&w=882&fwrn=4&fwrnh=100&lmt=1702550609&rafmt=1&format=882x280&url=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&ea=0&hl=ru&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702550609346&bpp=8&bdt=417&idt=219&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7523667647786&frm=20&pv=1&ga_vid=478474553.1702550609&ga_sid=1702550610&ga_hid=1667410880&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=2152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C44795922%2C44809531%2C95320869%2C95320885&oid=2&pvsid=3716267873948103&tmod=891220249&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33e76aeca87fbd89b01c0257f30e93e7fb59c42e7c6253e94fc33ba160ffe1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 09:06:38 GMT
x-content-type-options: nosniff
age: 265012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147301
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 14:24:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 09:06:38 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 5D3E 24 KB
9 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 13:49:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5D3E 3 KB
1 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 16:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 16:50:41 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 5D3E 67 B
188 B 42ms
21ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 04:10:08 GMT
x-content-type-options: nosniff
server: cafe
age: 23602
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Fri, 15 Dec 2023 04:10:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5D3E 20 KB
9 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 13:49:15 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D3E 203 KB
65 KB 94ms
72ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 10:43:30 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5D3E 36 KB
15 KB 28ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14812
x-xss-protection: 0
server: cafe
etag: 15202890134401013038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 13:49:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E3CA 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8355782026477535&output=html&h=280&slotname=5875512901&adk=3774678486&adf=393546741&pi=t.ma~as.5875512901&w=882&fwrn=4&fwrnh=100&lmt=1702550609&rafmt=1&format=882x280&url=https%3A%2F%2Fhetq.am%2Fen%2Farticle%2F162414&ea=0&hl=ru&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702550609346&bpp=8&bdt=417&idt=219&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7523667647786&frm=20&pv=1&ga_vid=478474553.1702550609&ga_sid=1702550610&ga_hid=1667410880&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=2152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079714%2C44795922%2C44809531%2C95320869%2C95320885&oid=2&pvsid=3716267873948103&tmod=891220249&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=223
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 10:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E3CA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
22ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 10:43:30 GMT
expires: Thu, 14 Dec 2023 10:43:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 10:43:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5D3E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d06f9f45d8f7f64c496972fa5b534b9318b4b39a7194c1a15b223e0be1fb2ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5D3E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CJVyuUdx6ZdzvJr2FxtYPtISK-Af-jbWTdK-JjJCfEuqMsLToDhABINm8nSFglfKGgpgHoAHZ3YnGA8gBAqkCDqjL0mBHsj6oAwHIA8kEqgT_AU_Q7d_dIBO8lrFETSwcPZ7bHade2fyzymz...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214400830902702755399%22,%22debug_reporting%22:true,%22destination%22:%22https://hausfrage.de%22,%22event_report_window%22:...

0
0

58ms
42ms

Fetch
text/css

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214400830902702755399%22,%22debug_reporting%22:true,%22destination%22:%22https://hausfrage.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22952266457%22],%2222%22:[%22true%22],%224%22:[%2212-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224328245180119496401%22}&andc=true

Requested by

Host: hetq.am
URL: https://hetq.am/en/article/162414

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:43:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14400830902702755399","debug_reporting":true,"destination":"https://hausfrage.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["952266457"],"22":["true"],"4":["12-14"],"6":["true"]},"priority":"500","source_event_id":"4328245180119496401"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Dec 2023 10:43:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 14 Dec 2023 10:43:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14400830902702755399","debug_reporting":true,"destination":"https://hausfrage.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["952266457"],"22":["true"],"4":["12-14"],"6":["true"]},"priority":"500","source_event_id":"4328245180119496401"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 054C 50 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 09:05:27 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 70ms
42ms Preflight
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Dec 2023 10:43:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.adstock.pro
URL: https://cdn.adstock.pro/as/js/0.2.3/adstock.js

Domain: ads.caramel.am
URL: https://ads.caramel.am/json/hetq.am.js?ts=1702550609806

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-21 02:26:05	Name: muc Value: d3ebe4ac-33a3-43e6-8059-80992ad54440
hetq.am/	1970-01-20 16:55:57	Name: XSRF-TOKEN Value: eyJpdiI6Ikx6RnQ2em9FXC9CZ1BFT1VwZU5kckV3PT0iLCJ2YWx1ZSI6Ijd2Q010QVJxRm52NDQ0UGFTYWhac1FldVl0WU5id2NkQkRSUW9zQzJzYjJsaHJmV2J0N1pVWjlZeWhnbUlUZVQiLCJtYWMiOiI0YWE1MGU3YmYyODVlZGYwY2U4M2EwYWU2MmI4NzlkNzJjYjcxZmQwYmM3NDk0NzA1YTE3NGQxY2RlNjk4NTNiIn0%3D
hetq.am/	1970-01-20 16:55:57	Name: laravel_session Value: eyJpdiI6IlJJSVgyOEtNOHYyY1k0YmRaMFoxTGc9PSIsInZhbHVlIjoidmJrd2xnQ0I4aW5QOElQUlBiXC9SMnlZcXlUeG0wSlFqNTg4Yk5UTDI4TTBsMmR2ckxrK3N1SXp1NUl2ZWpBaVUiLCJtYWMiOiJkMTI0NzM3MzA4OTBmNTNmNDlkN2U2NDA0NGY2NDVmNjQ2MDUxYmQ2MDg2ZTU5MWMyYTBhY2NjZWI3NWJhMzBkIn0%3D
.hetq.am/	1970-01-21 02:31:50	Name: _ga_VY3TDNJN88 Value: GS1.1.1702550609.1.0.1702550609.0.0.0
.hetq.am/	1970-01-21 02:31:50	Name: _ga Value: GA1.1.478474553.1702550609
.yandex.ru/	1970-01-21 01:41:26	Name: yashr Value: 8521626751702550609
.hetq.am/	1970-01-21 01:41:26	Name: cf_clearance Value: 4Ood8IK9qXn.AHL1sUMpo2JdzEb27kTS.IW14XfnikA-1702550609-0-1-5ad690cf.108fc6ba.c01b2fa5-0.2.1702550609
.hetq.am/	1970-01-21 01:41:26	Name: _ym_uid Value: 170255061013394729
.hetq.am/	1970-01-21 01:41:26	Name: _ym_d Value: 1702550610
.mc.yandex.com/	1970-01-20 16:55:51	Name: sync_cookie_csrf Value: 4111955944fake
.yandex.com/	1970-01-21 02:31:50	Name: i Value: efco/m+Z2SR8nqGxhst6RB8WVy8XB+PUYfpTj9rp2R9hDo70lfhrqBgxEW+e5ZpnCJcdKTM/PhQNvumRDba0uIIEpfA=
.yandex.com/	1970-01-21 01:41:26	Name: yandexuid Value: 2214706221702550609
.hetq.am/	1970-01-20 16:57:02	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 16:57:17	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 02:31:50	Name: yandexuid Value: 2214706221702550609
.yandex.ru/	1970-01-21 02:31:50	Name: yuidss Value: 2214706221702550609
.yandex.ru/	1970-01-21 02:31:50	Name: i Value: efco/m+Z2SR8nqGxhst6RB8WVy8XB+PUYfpTj9rp2R9hDo70lfhrqBgxEW+e5ZpnCJcdKTM/PhQNvumRDba0uIIEpfA=
.yandex.ru/	1970-01-21 02:31:50	Name: yp Value: 1702637009.yu.3364880061702550609
.yandex.ru/	1970-01-21 01:41:26	Name: ymex Value: 1705142609.oyu.3364880061702550609
.mc.yandex.com.am/	1970-01-20 16:55:51	Name: sync_cookie_csrf Value: 3617780925fake
.mc.yandex.ru/	1970-01-20 16:55:51	Name: sync_cookie_csrf Value: 1307172180fake
.yandex.com.am/	1970-01-21 02:31:50	Name: yandexuid Value: 2214706221702550609
.yandex.com.am/	1970-01-21 02:31:50	Name: yuidss Value: 2214706221702550609
.yandex.com.am/	1970-01-21 02:31:50	Name: i Value: efco/m+Z2SR8nqGxhst6RB8WVy8XB+PUYfpTj9rp2R9hDo70lfhrqBgxEW+e5ZpnCJcdKTM/PhQNvumRDba0uIIEpfA=
.mc.yandex.com.am/	1970-01-20 16:57:17	Name: sync_cookie_ok Value: synced
.hetq.am/	1970-01-21 02:17:26	Name: __gads Value: ID=655b518d1d508f61:T=1702550609:RT=1702550609:S=ALNI_MYzwVYYwKF7EjjgRqCsMe0GFzjAjA
.hetq.am/	1970-01-21 02:17:26	Name: __gpi Value: UID=00000d1a04154b45:T=1702550609:RT=1702550609:S=ALNI_MbQz7oBRwwGjfD0A2UlpeDAX_-I4Q
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1772344301702550610
.yandex.com/	1970-01-21 01:41:26	Name: yuidss Value: 2214706221702550609
.yandex.com/	1970-01-21 01:41:26	Name: ymex Value: 1734086610.yrts.1702550610
.yandex.com/	1970-01-21 01:41:26	Name: bh Value: KgI/MA==
.doubleclick.net/	1970-01-20 16:55:54	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:17:26	Name: IDE Value: AHWqTUl4HwFQqHa10RyFGYAfxczgft4GwOUy6Hw9C_cTH1Jk7zN2dVYm4sKx0ac-2dY
.googleadservices.com/	1970-01-20 19:05:26	Name: ar_debug Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.adstock.pro/as/js/0.2.3/adstock.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.caramel.am
cdn.adstock.pro
connect.facebook.net
googleads.g.doubleclick.net
hetq.am
mc.yandex.com
mc.yandex.com.am
mc.yandex.ru
pagead2.googlesyndication.com
region1.google-analytics.com
s7.addthis.com
static.addtoany.com
t.co
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
yandex.ru
yastatic.net
ads.caramel.am
cdn.adstock.pro
104.244.42.69
142.250.185.66
2001:4860:4802:32::36
23.45.238.53
2606:4700:10::6816:14b
2606:4700:10::6816:46c5
2606:4700:3035::6815:280b
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2008
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
2a03:2880:f083:9:face:b00c:0:3
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
042a9121e1c7bcdc3bfc48ed5e23b8dd1f64f375ef5872a5984e5d5096444702
048e34620c1aad3d7d6350c9aa9c14a7b8c0a52d83d0ec3450609447be2c369b
157bf46ba5ef3a83aadc26003d5d90cdd06c99c3977941f0440e2a5b8189ff43
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d60e271208db95dacca71d0a2874ce5091fe681e6c7f70c2074d14320181a8f
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33e76aeca87fbd89b01c0257f30e93e7fb59c42e7c6253e94fc33ba160ffe1a8
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3804955c340ffd2181a374b7229af31153bb6dd87d6e8dadfd787914e99aaabb
390bb80c8ec894a3669df1522e5f88b9f1c2a7dc7b2a6aa39ea8a6401b1aea80
3ac50e521efe532906c6981244ad7ac642dc9cbcd60aafb0ad85e3088f9718af
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
3e2980403e9fbaf9e8affe72e304d3619b5b3a31c9f0b3a5cf09641882486ad2
41410e4244c0cf242141838581bcc36d63818ce231db5dc46c50451c17ac8d45
4c016c6eaf0cb0bf7f970e346a496c8e3164b9102e0beeb1482f55cffc5a1d71
5369f2034d33e50d4b9debfef58713579595f1ba7e622fee9123651ca3e2f8dc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550a637ed1e55a1700733b6fc9a7c7ccb528bf0252ff23b216dd42c8b6b9c68c
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
59826927a183a659875bd5b23b382345631f52579141272658ef6ddb37ada824
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
77fd2e01fe7322b437084ad512b3c3df777ce7d092b975eb8b29ecb4fb612187
78783e1a6689e63cf1de7ce93f402ba639ebb572fef9a0471f2595c1bbf34fcb
7bc476b9e8f268081aba42220ce4aed93cf0304a323e8cd410e32f677b9eb3aa
7f45958c62e0710a4fd7741aec8f76a799399dd3ad3f2103d4f3acfe15f2eba7
828d2d66bedcc0c1ef5b1e83d74269903c47bda4052b6f805901a9481f43209b
891a6bbce5bed3f462145dc56e5896a2a9c451d7e77dc189371143220c73b9ee
8d06f9f45d8f7f64c496972fa5b534b9318b4b39a7194c1a15b223e0be1fb2ad
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9b2c36195d8149926940ce2d9ed3b6c4e4390464224b8f4733cf096cc4494e74
9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf
a1665212b9533a3dc312a09f291f73c8043469d7f0144098f2573970e6fe9f25
a1d7f526b0fd4f6b725731bfe159939dd98d39d0cd9ac1635bd26386f857a9e6
a3d964e29494fb0e009553f56df88a0efb17dff3d145b57fbfc68292ba8f357f
b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397
b4fe77dc30e74e3a2ffcb305c36079f7558bc8722a0d23dc21d3178c3abf7377
b7008d741d64db91afc8e888fbcfe307e933f830415080472bb32a4fd1481c73
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c6192a37426b02eda2e7a17ab85db12677b43d3680c36d4f4d6ecc29178e470b
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c9a2d9ae7c4dad3a1f08a70a1b4d01ba3251360fbf1201f748a0ad1d4ea18f0a
d86a7be160e21622b5f75dc00bfcc225b70396af2d2c3865b4be614ee7fb9640
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fc4a5bb7d77fd61df89836934eecf45d129415d16ee0e2691e1b67c130d049
e66eff69540a80532fd6b8fc7f7cb36394b751f52a762792050d9c66452b2ffb
e7cca6ec2936b74071e544ec2b99a9bac1c32dc50ddbb48f316ee2e0cccb99db
ea96eab93d8a5e3c77c18c9421e3c4be3aa765623db240a1bdf48afee8f0786e
eb1f41449619ce13aad1d9d3e72b0e4b1be814f73400bad2ee51336e3bc1b5b7
eeccaea17c413fc8ae932317e1f69c14fda353ac94d79753909e670da35dd790
f4189e914fc55e6999cb4592c68d5a87beb5616118121c29ee9c1bc579ffdade
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f6c66c7b898c016e856332780f9956bcce741f1df485b239de5cfb8b70a84dce

hetq.am Open in urlscan Pro 2606:4700:10::6816:14b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

88 %HTTPS

82 %IPv6

18 Domains

20 Subdomains

17 IPs

3 Countries

2927 kBTransfer

6173 kBSize

34 Cookies

9 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hetq.am Open in urlscan Pro
2606:4700:10::6816:14b Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

88 %
HTTPS

82 %
IPv6

18
Domains

20
Subdomains

17
IPs

3
Countries

2927 kB
Transfer

6173 kB
Size

34
Cookies

69 HTTP transactions
1 data transactions