urlscan.io logo urlscan.io
SecurityTrails logo

w-e-b.site Open in urlscan Pro
2604:a880:800:c1::2ae:d001  Public Scan

Go To Rescan Add Verdict Report
URL: https://w-e-b.site/
Submission: On February 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 28 HTTP transactions. The main IP is 2604:a880:800:c1::2ae:d001, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is w-e-b.site.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 30th 2019. Valid for: 3 months.
This is the only time w-e-b.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2604:a880:800:c1::2ae:d001 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
w-e-b.site
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
10    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
www.googletagservices.com
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
8 mc.yandex.ru 1 redirects w-e-b.site
yastatic.net
mc.yandex.ru
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com w-e-b.site
pagead2.googlesyndication.com
3 w-e-b.site w-e-b.site
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 yastatic.net w-e-b.site
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
28 9
Subject Issuer Validity Valid
w-e-b.site
Let's Encrypt Authority X3		 2019-11-30 -
2020-02-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
static.yandex.net
Yandex CA		 2019-09-06 -
2020-09-05		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://w-e-b.site/
Frame ID: 2A8B8D46C1A95E9E7A14B36AA363A1FC
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200211/r20190131/zrt_lookup.html
Frame ID: D3CE45E6869CEDB24C716264839DBD2B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&adk=1812271804&adf=3025194257&lmt=1581632681&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fw-e-b.site%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581632681356&bpp=6&bdt=86&fdt=84&idt=85&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2082166901061&frm=20&pv=2&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=11152002&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=97
Frame ID: 693A4676A67C4D38703516C48783AB09
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=250&slotname=5564210307&adk=3212776544&adf=2665882539&w=237&fwrn=4&lmt=1581632681&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=237x250_0ads_al&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1581632681362&bpp=8&bdt=93&fdt=116&idt=116&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=118&ady=187&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=98mO2ybefU&p=https%3A//w-e-b.site&dtd=120
Frame ID: 81E8136E8192C72C7F494A13651F4BFA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=4949627474&adk=3926788481&adf=726097131&w=237&fwrn=4&fwrnh=100&lmt=1581632681&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=237x600&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1581632681370&bpp=4&bdt=101&fdt=117&idt=117&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C237x250_0ads_al&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=118&ady=437&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&fsb=1&xpc=S5T5Pr6ikS&p=https%3A//w-e-b.site&dtd=119
Frame ID: 14E63012A68EB2539E42CDC81B8C582C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=7243305245&adk=2788963037&adf=354934763&w=760&fwrn=4&fwrnh=100&lmt=1581632681&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=760x280&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1581632681374&bpp=3&bdt=105&fdt=121&idt=121&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C237x250_0ads_al%2C237x600&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=145&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=SEfObg563Z&p=https%3A//w-e-b.site&dtd=123
Frame ID: 7BCB7AB9EF38B7413F1C5E9D8CE14AEB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=9898701821&adk=3934264943&adf=3267455832&w=760&fwrn=4&fwrnh=100&lmt=1581632681&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=760x280&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1581632681387&bpp=4&bdt=118&fdt=115&idt=115&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C237x250_0ads_al%2C237x600%2C760x280&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=3296&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=xC7hJZWVdR&p=https%3A//w-e-b.site&dtd=117
Frame ID: ED90F8E278E56F1203C77F259413D8EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=9677896893&adk=37382572&adf=223692363&w=189&fwrn=4&fwrnh=100&lmt=1581632681&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=189x600&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1581632681402&bpp=4&bdt=132&fdt=110&idt=110&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C237x250_0ads_al%2C237x600%2C760x280%2C760x280&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1263&ady=137&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=5&uci=a!5&fsb=1&xpc=HsTYUFyMmX&p=https%3A//w-e-b.site&dtd=112
Frame ID: A49FB955B4F8BD05F2D480B970229333
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: F9021C861945FCB4E548B1F32FD49CE3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

28
Requests

100 %
HTTPS

100 %
IPv6

8
Domains

9
Subdomains

7
IPs

3
Countries

334 kB
Transfer

1051 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Fw-e-b.site%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1581632680867%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200213232441%3Aet%3A1581632682%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A618874889%3Ahid%3A380713201%3Ads%3A143%2C171%2C85%2C1%2C0%2C0%2C0%2C137%2C8%2C%2C%2C%2C539%3Afp%3A533%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581632682%3Au%3A1581632682440740978%3At%3AWelcome! HTTP 302
  • https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fw-e-b.site%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1581632680867%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200213232441%3Aet%3A1581632682%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A618874889%3Ahid%3A380713201%3Ads%3A143%2C171%2C85%2C1%2C0%2C0%2C0%2C137%2C8%2C%2C%2C%2C539%3Afp%3A533%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581632682%3Au%3A1581632682440740978%3At%3AWelcome%21

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
w-e-b.site/ 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w-e-b.site/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:800:c1::2ae:d001 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Debian) /
Resource Hash
c8e33b6c801b33d1a7fbd35cdef15ddfe86e9447db5b0da1b8a7b7af8c84dfcb

Request headers

Host
w-e-b.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Thu, 13 Feb 2020 22:24:41 GMT
Server
Apache/2.4.41 (Debian)
Vary
User-Agent,Accept-Encoding
Content-Encoding
gzip
Content-Length
4124
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
styles.css
w-e-b.site/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w-e-b.site/styles.css
Requested by
Host: w-e-b.site
URL: https://w-e-b.site/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:800:c1::2ae:d001 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Debian) /
Resource Hash
c2e63f40426b4bbeb6774f7d1ab215dbb635265b820393073700e8ccbe85fde4

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 13 Feb 2020 22:24:41 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Mar 2016 04:28:32 GMT
Server
Apache/2.4.41 (Debian)
ETag
"25b4-52f003a873c00-gzip"
Vary
User-Agent,Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1937
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		107 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: w-e-b.site
URL: https://w-e-b.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6287f1aa82410ecf8fb89bb7a5fb02549817fa143c7325721c1275f2d639a3f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 22:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38676
x-xss-protection
0
server
cafe
etag
8549904804907169783
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 13 Feb 2020 22:24:41 GMT
logo.png
w-e-b.site/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w-e-b.site/logo.png
Requested by
Host: w-e-b.site
URL: https://w-e-b.site/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2604:a880:800:c1::2ae:d001 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Debian) /
Resource Hash
b0857e2ca9f82dccf2c8a2953a4de4d52e9fb709e0b626a2ccc39c6a7208c9fa

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 22:24:41 GMT
Last-Modified
Tue, 20 Sep 2011 19:07:54 GMT
Server
Apache/2.4.41 (Debian)
ETag
"5d5-4ad642d3ab680"
Vary
User-Agent
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1493
es5-shims.min.js
yastatic.net/es5-shims/0.0.2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/es5-shims/0.0.2/es5-shims.min.js
Requested by
Host: w-e-b.site
URL: https://w-e-b.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 22:24:41 GMT
content-encoding
br
x-amz-expiration
expiry-date="Thu, 01 Jan 1970 00:00:00 UTC", rule-id=""
last-modified
Thu, 25 Oct 2018 11:27:00 GMT
server
nginx/1.17.8
access-control-allow-origin
*
etag
W/"32e3b4f3a8f6048da9934fec1ca08cea"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
x-nginx-request-id
20633e0818e4d31e
cache-control
max-age=315360000, public
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
share.js
yastatic.net/share2/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/share2/share.js
Requested by
Host: w-e-b.site
URL: https://w-e-b.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
97a6c819b850b610dbf983cab5f5ae7e4e14cdfbf24801f7ad912db3ab416204

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 22:24:41 GMT
content-encoding
br
x-amz-expiration
expiry-date="Thu, 01 Jan 1970 00:00:00 UTC", rule-id=""
last-modified
Fri, 10 Jan 2020 11:19:39 GMT
server
nginx/1.17.8
access-control-allow-origin
*
etag
W/"b80b4fcc1d52aa20936d1312222209d6"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=259200, public
x-nginx-request-id
21c5f8e9f0db8f93
timing-allow-origin
*
expires
Sun, 16 Feb 2020 22:21:23 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=w-e-b.site
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 22:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=w-e-b.site
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 22:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200211/r20190131/ 		221 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200211/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8260dc0df997d4a1d781a7e12e6d8a606ec1e3a5cf330ed8daf40e89c571d86b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 22:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
84519
x-xss-protection
0
server
cafe
etag
13959914265075164689
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Feb 2020 22:24:41 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200211/r20190131/ Frame D3CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200211/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200211/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://w-e-b.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://w-e-b.site/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 12 Feb 2020 09:44:39 GMT
expires
Wed, 26 Feb 2020 09:44:39 GMT
content-type
text/html; charset=UTF-8
etag
17772678075199185246
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4496
x-xss-protection
0
cache-control
public, max-age=1209600
age
132002
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
tag.js
mc.yandex.ru/metrika/ 		362 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: w-e-b.site
URL: https://w-e-b.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
15148eebb3e2e4300e3491aee66bc7e5627031abb72d02389131d6ebbee4c8cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 22:24:41 GMT
Content-Encoding
br
Last-Modified
Thu, 06 Feb 2020 10:55:33 GMT
Server
nginx/1.14.2
ETag
"5e3bf0a5-16e61"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93793
Expires
Thu, 13 Feb 2020 23:24:41 GMT
watch.js
mc.yandex.ru/metrika/ 		135 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/share2/share.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
2d68887e2799241fe3750d08139277e3b10a5eaf69906d64ac861cbaef34ff71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 22:24:41 GMT
Content-Encoding
br
Last-Modified
Thu, 06 Feb 2020 10:55:44 GMT
Server
nginx/1.14.2
ETag
"5e3bf0b0-9e76"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
40566
Expires
Thu, 13 Feb 2020 23:24:41 GMT
truncated
/ 		799 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		285 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		595 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		603 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		520 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		463 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e19d6853a1728b99d53bdb34653b77e74bdaa7b582a146473aa00a7a14512c85

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af7475d0d8cac80cc0ff93d4a992abeeeac0846dd70aee86a9ba5aa5abc37ccc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		861 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32fd30dffe1126b076a9327bc3382239864d40999c06944a624bcbd4528bbaf3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8393a801010f09cf1dbfccba8166326a127e901f26f0c06252f357553fbee33e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25076cb044c936e9ef446a8ae8e0b61acaf9e4425f7d373d0a6783d87bf9d372

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		504 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c013936e7dbdb3f2a85b06a3d81e1d4753bcf683c55d7017e93d5e0b39bf6615

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1019 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c34e6330c001c5e70b7cf452a3b0575dcd72da27e1f9ddfdf111527e98650a4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		493 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
112f7e9f9a09e7f729de49a015c45ca9ee04c4183c9cb0022017fe994ae09c6c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99040b27e9248394d097a5f049a4fb95051dbe63c6888e1ca682f5a8a1c4abdd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ed015e99cb928cdac5e041f3bac53a66a315e34814f7b3ed67bd131d22bcaf9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
517607f7594208dc708aecef1367d24f095de8f438266e7d6f30d4d06e1ff3b5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36543a7ead81ec2adc15d62ec9ebb4912fbee963f2e4b0e29e71a05e8b06f0b4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71c31044096df21f61add2ae87abe2c6014942d8ae6ab5eed2ad408da38ac652

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		529 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af02cbfe4297575641ba4f5a53503e78aac4bb6e03febaa280dc25399a682e2a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f88bb57db2810d820bcc9b1e24a9cbb036c1a8d64268f53243f78dc2c40b3525

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5307f101ffa74d83e44ccc5cbaa1193577fe0c9c659fb40fedb9d403acbb186a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
ads
googleads.g.doubleclick.net/pagead/ Frame 693A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&adk=1812271804&adf=3025194257&lmt=1581632681&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fw-e-b.site%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581632681356&bpp=6&bdt=86&fdt=84&idt=85&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2082166901061&frm=20&pv=2&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=11152002&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=97
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200211/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7219829351026140&output=html&adk=1812271804&adf=3025194257&lmt=1581632681&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fw-e-b.site%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581632681356&bpp=6&bdt=86&fdt=84&idt=85&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2082166901061&frm=20&pv=2&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=11152002&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=97
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://w-e-b.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://w-e-b.site/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 13 Feb 2020 22:24:41 GMT
server
cafe
content-length
421
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 13-Feb-2020 22:39:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Thu, 13 Feb 2020 22:24:41 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200211/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 22:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1581337310261798"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27884
x-xss-protection
0
expires
Thu, 13 Feb 2020 22:24:41 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 81E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=250&slotname=5564210307&adk=3212776544&adf=2665882539&w=237&fwrn=4&lmt=1581632681&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=237x250_0ads_al&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1581632681362&bpp=8&bdt=93&fdt=116&idt=116&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=118&ady=187&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=98mO2ybefU&p=https%3A//w-e-b.site&dtd=120
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200211/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7219829351026140&output=html&h=250&slotname=5564210307&adk=3212776544&adf=2665882539&w=237&fwrn=4&lmt=1581632681&rafmt=10&psa=0&guci=1.2.0.0.2.2.0.0&format=237x250_0ads_al&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1581632681362&bpp=8&bdt=93&fdt=116&idt=116&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=118&ady=187&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=98mO2ybefU&p=https%3A//w-e-b.site&dtd=120
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://w-e-b.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://w-e-b.site/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 13 Feb 2020 22:24:41 GMT
server
cafe
content-length
5816
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 13-Feb-2020 22:39:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Thu, 13 Feb 2020 22:24:41 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 14E6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=4949627474&adk=3926788481&adf=726097131&w=237&fwrn=4&fwrnh=100&lmt=1581632681&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=237x600&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1581632681370&bpp=4&bdt=101&fdt=117&idt=117&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C237x250_0ads_al&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=118&ady=437&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&fsb=1&xpc=S5T5Pr6ikS&p=https%3A//w-e-b.site&dtd=119
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200211/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=4949627474&adk=3926788481&adf=726097131&w=237&fwrn=4&fwrnh=100&lmt=1581632681&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=237x600&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1581632681370&bpp=4&bdt=101&fdt=117&idt=117&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C237x250_0ads_al&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=118&ady=437&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&fsb=1&xpc=S5T5Pr6ikS&p=https%3A//w-e-b.site&dtd=119
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://w-e-b.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://w-e-b.site/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 13 Feb 2020 22:24:41 GMT
server
cafe
content-length
202
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 13-Feb-2020 22:39:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Thu, 13 Feb 2020 22:24:41 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 7BCB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=7243305245&adk=2788963037&adf=354934763&w=760&fwrn=4&fwrnh=100&lmt=1581632681&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=760x280&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1581632681374&bpp=3&bdt=105&fdt=121&idt=121&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C237x250_0ads_al%2C237x600&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=145&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=SEfObg563Z&p=https%3A//w-e-b.site&dtd=123
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200211/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=7243305245&adk=2788963037&adf=354934763&w=760&fwrn=4&fwrnh=100&lmt=1581632681&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=760x280&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1581632681374&bpp=3&bdt=105&fdt=121&idt=121&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C237x250_0ads_al%2C237x600&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=145&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=a!3&fsb=1&xpc=SEfObg563Z&p=https%3A//w-e-b.site&dtd=123
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://w-e-b.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://w-e-b.site/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 13 Feb 2020 22:24:41 GMT
server
cafe
content-length
204
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 13-Feb-2020 22:39:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Thu, 13 Feb 2020 22:24:41 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame ED90 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=9898701821&adk=3934264943&adf=3267455832&w=760&fwrn=4&fwrnh=100&lmt=1581632681&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=760x280&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1581632681387&bpp=4&bdt=118&fdt=115&idt=115&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C237x250_0ads_al%2C237x600%2C760x280&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=3296&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=xC7hJZWVdR&p=https%3A//w-e-b.site&dtd=117
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200211/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7219829351026140&output=html&h=280&slotname=9898701821&adk=3934264943&adf=3267455832&w=760&fwrn=4&fwrnh=100&lmt=1581632681&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=760x280&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1581632681387&bpp=4&bdt=118&fdt=115&idt=115&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C237x250_0ads_al%2C237x600%2C760x280&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=3296&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=xC7hJZWVdR&p=https%3A//w-e-b.site&dtd=117
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://w-e-b.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://w-e-b.site/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 13 Feb 2020 22:24:41 GMT
server
cafe
content-length
202
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 13-Feb-2020 22:39:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Thu, 13 Feb 2020 22:24:41 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame A49F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=9677896893&adk=37382572&adf=223692363&w=189&fwrn=4&fwrnh=100&lmt=1581632681&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=189x600&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1581632681402&bpp=4&bdt=132&fdt=110&idt=110&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C237x250_0ads_al%2C237x600%2C760x280%2C760x280&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1263&ady=137&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=5&uci=a!5&fsb=1&xpc=HsTYUFyMmX&p=https%3A//w-e-b.site&dtd=112
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200211/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7219829351026140&output=html&h=600&slotname=9677896893&adk=37382572&adf=223692363&w=189&fwrn=4&fwrnh=100&lmt=1581632681&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=189x600&url=https%3A%2F%2Fw-e-b.site%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1581632681402&bpp=4&bdt=132&fdt=110&idt=110&shv=r20200211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C237x250_0ads_al%2C237x600%2C760x280%2C760x280&nras=1&correlator=2082166901061&frm=20&pv=1&ga_vid=1985040688.1581632681&ga_sid=1581632681&ga_hid=1491267352&ga_fc=0&iag=0&icsg=145369730&dssz=22&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1263&ady=137&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2393454158988904&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=5&uci=a!5&fsb=1&xpc=HsTYUFyMmX&p=https%3A//w-e-b.site&dtd=112
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://w-e-b.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://w-e-b.site/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 13 Feb 2020 22:24:41 GMT
server
cafe
content-length
206
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 13-Feb-2020 22:39:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Thu, 13 Feb 2020 22:24:41 GMT
cache-control
private
1
mc.yandex.ru/watch/26812653/
Redirect Chain
  • https://mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Fw-e-b.site%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%...
  • https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fw-e-b.site%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=t...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fw-e-b.site%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1581632680867%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200213232441%3Aet%3A1581632682%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A618874889%3Ahid%3A380713201%3Ads%3A143%2C171%2C85%2C1%2C0%2C0%2C0%2C137%2C8%2C%2C%2C%2C539%3Afp%3A533%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581632682%3Au%3A1581632682440740978%3At%3AWelcome%21
Requested by
Host: w-e-b.site
URL: https://w-e-b.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 22:24:41 GMT
Last-Modified
Thu, 13-Feb-2020 22:24:41 GMT
Server
nginx/1.14.2
Location
/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fw-e-b.site%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1581632680867%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200213232441%3Aet%3A1581632682%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A618874889%3Ahid%3A380713201%3Ads%3A143%2C171%2C85%2C1%2C0%2C0%2C0%2C137%2C8%2C%2C%2C%2C539%3Afp%3A533%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581632682%3Au%3A1581632682440740978%3At%3AWelcome%21
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://w-e-b.site
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 13-Feb-2020 22:24:41 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 22:24:41 GMT
Last-Modified
Thu, 13-Feb-2020 22:24:41 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://w-e-b.site
Strict-Transport-Security
max-age=31536000
Location
/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fw-e-b.site%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1581632680867%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200213232441%3Aet%3A1581632682%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A618874889%3Ahid%3A380713201%3Ads%3A143%2C171%2C85%2C1%2C0%2C0%2C0%2C137%2C8%2C%2C%2C%2C539%3Afp%3A533%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581632682%3Au%3A1581632682440740978%3At%3AWelcome%21
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 13-Feb-2020 22:24:41 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: w-e-b.site
URL: https://w-e-b.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 22:24:41 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Thu, 13 Feb 2020 23:24:41 GMT
1
mc.yandex.ru/watch/26812653/ 		133 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fw-e-b.site%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1581632680867%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200213232441%3Aet%3A1581632682%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A618874889%3Ahid%3A380713201%3Ads%3A143%2C171%2C85%2C1%2C0%2C0%2C0%2C137%2C8%2C%2C%2C%2C539%3Afp%3A533%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581632682%3Au%3A1581632682440740978%3At%3AWelcome%21
Requested by
Host: w-e-b.site
URL: https://w-e-b.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
0f93627384a9aba62dfd90e7462da22c0e7d75439f2c442cc3dfe9cf07fceff0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w-e-b.site/
Origin
https://w-e-b.site
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 22:24:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 13-Feb-2020 22:24:41 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://w-e-b.site
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
133
X-XSS-Protection
1; mode=block
Expires
Thu, 13-Feb-2020 22:24:41 GMT
1
mc.yandex.ru/watch/26812653/ 		43 B
533 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/26812653/1?page-url=https%3A%2F%2Fw-e-b.site%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1581632680867%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Az%3A60%3Ai%3A20200213232441%3Aet%3A1581632682%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Arn%3A338103323%3Ahid%3A380713201%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581632682%3Au%3A1581632682440740978%3App%3A3629563401
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w-e-b.site/
Origin
https://w-e-b.site
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 22:24:41 GMT
Last-Modified
Thu, 13-Feb-2020 22:24:41 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://w-e-b.site
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Thu, 13-Feb-2020 22:24:41 GMT
55599709
mc.yandex.ru/watch/ 		152 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/55599709?wmode=7&page-url=https%3A%2F%2Fw-e-b.site%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1581632680867%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200213232441%3Aet%3A1581632682%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A976426938%3Ahid%3A380713201%3Ads%3A143%2C171%2C85%2C1%2C0%2C0%2C0%2C137%2C8%2C%2C%2C%2C539%3Afp%3A533%3Awn%3A19455%3Ahl%3A2%3Agdpr%3A14%3Av%3A1811%3Awv%3A2%3Ast%3A1581632682%3Au%3A1581632682440740978%3App%3A3629563401%3At%3AWelcome!
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
a0c7411e35fc5cd9fe31a5c60465542d681cdd05769cae5dc1b9e16b657f92de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w-e-b.site/
Origin
https://w-e-b.site
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 22:24:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 13-Feb-2020 22:24:41 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://w-e-b.site
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Thu, 13-Feb-2020 22:24:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200211&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200211/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb88d467c0b73d469789a4a01f7df1e8c53b35758c217fb133856e2a7bd54a8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w-e-b.site/
Origin
https://w-e-b.site
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 13 Feb 2020 22:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5181
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200211/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 22:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1580338855439378"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8104
x-xss-protection
0
expires
Thu, 13 Feb 2020 22:24:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame F902 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/206/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://w-e-b.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://w-e-b.site/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4624
date
Thu, 13 Feb 2020 21:31:56 GMT
expires
Fri, 12 Feb 2021 21:31:56 GMT
last-modified
Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3165
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gda_r20200211&jk=2393454158988904&bg=!r6ylrLRYYoLAvMNtpxMCAAAAOFIAAAAKmQFWlouLElo8ARcZHYFOlgdYddjBR5k-BM0pbNr7aBPCOjjYRjsMDNlqJou9C7Dvk9mNA_iKepW70D-GZzPIVysNX9BTDUzuZi2YG_1DA1160rjUNcoGsaCNNCPtFGwfCiIB8rK5gWg3NbWC4G6YHptZEcwQK6x3CFB9NPCLQjFuQpyiva3nY4tm6OMAi2Rm4COBqPX2qMM48E8tYLDxWtRLcD0d8Nf8m9kn4W2f_-wm7X5Z5LVcJnqg27AF8EIDMb_SkSxkXlnfYGFRbK1-e2Ah7Xlyt2usBaxGJ68fd6xq-pxgRJ-1zyt1EIYU2wTOdyVDzbrNwXFTQZ5NXPcUf4n8eEPZLb4P63EQaOocICbe4IO7BnPLDltYr4zNWAfwjCayfi4MahVferLlvBEY77e2RRsQihK4eFxSzCmW4qab65c-Ty0T2n9GXCa6YHpwLFN9w-OVkLZ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w-e-b.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 22:24:41 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars boolean| _gfp_p_ number| google_lpabyc number| google_unique_id object| Ya function| addEv function| show function| ym function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| yaCounter26812653 object| yaCounter55599709 object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.w-e-b.site/ Name: _ym_isad
Value: 2
.w-e-b.site/ Name: _ym_d
Value: 1581632682
.w-e-b.site/ Name: _ym_uid
Value: 1581632682440740978

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
tpc.googlesyndication.com
w-e-b.site
www.googletagservices.com
yastatic.net
2604:a880:800:c1::2ae:d001
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a02:6b8:20::215
2a02:6b8::1:119
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0f93627384a9aba62dfd90e7462da22c0e7d75439f2c442cc3dfe9cf07fceff0
112f7e9f9a09e7f729de49a015c45ca9ee04c4183c9cb0022017fe994ae09c6c
15148eebb3e2e4300e3491aee66bc7e5627031abb72d02389131d6ebbee4c8cc
1ed015e99cb928cdac5e041f3bac53a66a315e34814f7b3ed67bd131d22bcaf9
25076cb044c936e9ef446a8ae8e0b61acaf9e4425f7d373d0a6783d87bf9d372
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5
2d68887e2799241fe3750d08139277e3b10a5eaf69906d64ac861cbaef34ff71
32fd30dffe1126b076a9327bc3382239864d40999c06944a624bcbd4528bbaf3
36543a7ead81ec2adc15d62ec9ebb4912fbee963f2e4b0e29e71a05e8b06f0b4
40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140
517607f7594208dc708aecef1367d24f095de8f438266e7d6f30d4d06e1ff3b5
5307f101ffa74d83e44ccc5cbaa1193577fe0c9c659fb40fedb9d403acbb186a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6287f1aa82410ecf8fb89bb7a5fb02549817fa143c7325721c1275f2d639a3f0
6c34e6330c001c5e70b7cf452a3b0575dcd72da27e1f9ddfdf111527e98650a4
71c31044096df21f61add2ae87abe2c6014942d8ae6ab5eed2ad408da38ac652
8260dc0df997d4a1d781a7e12e6d8a606ec1e3a5cf330ed8daf40e89c571d86b
8393a801010f09cf1dbfccba8166326a127e901f26f0c06252f357553fbee33e
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd
97a6c819b850b610dbf983cab5f5ae7e4e14cdfbf24801f7ad912db3ab416204
98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3
99040b27e9248394d097a5f049a4fb95051dbe63c6888e1ca682f5a8a1c4abdd
9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6
9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0
a0c7411e35fc5cd9fe31a5c60465542d681cdd05769cae5dc1b9e16b657f92de
af02cbfe4297575641ba4f5a53503e78aac4bb6e03febaa280dc25399a682e2a
af7475d0d8cac80cc0ff93d4a992abeeeac0846dd70aee86a9ba5aa5abc37ccc
b0857e2ca9f82dccf2c8a2953a4de4d52e9fb709e0b626a2ccc39c6a7208c9fa
c013936e7dbdb3f2a85b06a3d81e1d4753bcf683c55d7017e93d5e0b39bf6615
c2e63f40426b4bbeb6774f7d1ab215dbb635265b820393073700e8ccbe85fde4
c8e33b6c801b33d1a7fbd35cdef15ddfe86e9447db5b0da1b8a7b7af8c84dfcb
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4
e19d6853a1728b99d53bdb34653b77e74bdaa7b582a146473aa00a7a14512c85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6
eb88d467c0b73d469789a4a01f7df1e8c53b35758c217fb133856e2a7bd54a8b
f88bb57db2810d820bcc9b1e24a9cbb036c1a8d64268f53243f78dc2c40b3525